**Discover your future at Citi** -------------------------------- Working at Citi is far more than just a job. A career with us means joining a team of more than 230,000 dedicated people from around the globe. At Citi, you’ll have the opportunity to grow your career, give back to your community and make a real impact. **Job Overview** ---------------- The Information Security Operations (ISO) Sr Manager is a senior management level position responsible for accomplishing results through the management of a team or department in an effort to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy. **Responsibilities:** * Support the implementation of Information Security (IS) Training Plan, by verifying training participants completed the training and understand IS requirements * Coordinate with cross-functional Operations and Technology (O&T) counterparts and teams to improve O&T risk oversight * Attend and participate in internal/external IS forums and risk committees when necessary and provide IS updates to the business * Ensure stakeholders are held accountable for IS controls, and understand responsibilities in risk mitigation and remediation * Improve processes, remove IS deficiencies and enhance current tools that reduce an overall risk profile * Ensure security practices and standards compliance to reduce the likelihood of audit, regulatory and legal liabilities and reduce security risks by enhancing controls and minimizing weaknesses in Citi’s applications portfolio * Ensure non-compliant items are addressed through coordination with Business Manager and business staff * Support the Global Information Security (GIS) policies, standards, and initiatives development and implementation * Provide guidance on IS aspects of projects in support of business initiatives * Establish communication channels with cross-sector ISOs to efficiently tackle security issues that span multiple businesses * Manage project deadlines, deliverables, planning, budgeting and policy formulation for the team, including short-term resource planning * Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency, as well as effectively supervise the activity of others and create accountability with those who fail to maintain these standards. **Qualifications:** * 6-10 years of relevant experience * Knowledge of Scripting and Programming Languages preferred * Demonstrated ability to interpret and apply information security policies, standards and procedures * Consistently demonstrates clear and concise written and verbal communication * Proven influencing and relationship management skills * Proven analytical skills **Education:** * Bachelor’s degree/University degree or equivalent experience * Master’s degree preferred This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required. The selected candidate will be responsible for implementing, operating, and continuously improving the following components for access control: **I. Identity Management** * User onboarding, modification, and offboarding (employees, contractors, third parties). * Integration with the bank’s existing information systems and/or directories (e.g., SAP, Oracle HCM, Workday, others). * User support (troubleshooting). **II. Access Management** * Role-based access control (RBAC), attribute-based access control (ABAC). * Privileged access management (PAM) and functional ID management. * Robotic Process Automation (RPA) / Bot ID management. * Federated access management (SSO, SAML, OIDC). * Secure access to on-premise and cloud-based systems. **III. Authentication and Authorization** * Password administration * MFA (Multi-Factor Authentication). * Integration with existing authentication solutions. **IV. Access and Entitlement Reviews** * Periodic reviews of access rights and entitlements. * Auditing and continuous monitoring. * Report generation **V. Required Integrations** * Active Directory * Internal and third-party applications * Core banking systems * Project management experience. * Other Risk Management activities should be performed as a Sector or business IS SME or in some risk management role. * Excellent consulting and problem-solving skills. * In-depth knowledge of IS programs. * Advanced presentation skills, program management, and relationship management skills. * Able to work with senior business management to implement IS strategy. * University degree in any technical or administrative field is desirable * Professional certification, such as CISSP, CISM, CISA, or willingness to obtain certification within 12-18 months of start date * Exhibit strong influencing/negotiation skills as well as written/verbal communication skills. * English proficiency: 80% - **Job Family Group:** Technology - **Job Family:** Information Security - **Time Type:** Full time - **Most Relevant Skills** Please see the requirements listed above. - **Other Relevant Skills** For complementary skills, please see above and/or contact the recruiter. - *Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law.* *If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity, please review* *Accessibility at Citi*.* *View Citi’s* *EEO Policy Statement* *and the* *Know Your Rights* *poster.*