IrvingRecruiter Since 2001
the smart solution for Irving jobs

Cyber Risk Threat and Crisis Management SOC Coverage Head - SVP

Company: Citigroup Inc.
Location: Irving
Posted on: May 3, 2021

Job Description:

Job Purpose

This position is a critical role for the second line Technology and Cyber function within Operational Risk Management. The Cyber Risk Threat and Crisis Management team serves as an authoritative body for providing independent review and assurance of security operations including threat intelligence, incident management, insider threat operations, cyber crisis management, physical security, and threat hunting.

Second Line's Security Operation Centre's (SOC) embedded officer is expected to lead second line's coverage of the SOC, including detection and containment of incidents. As an embedded officer, they will have the ability to manage stakeholder relationships to drive a greater firm understanding of the cyber risks it faces. They will have the ability to understand all aspects of SOC operations and be able to recommend corrective action where warranted to enhance Citi's defenses. They will also have the ability to communicate their findings and expertise skillfully in both verbal and written mediums to ensure implementation and adoption.

The second line SOC embedded role requires an experienced, credible, professional authority on Cyber Risk, Security Operations, and incident management.

Job Responsibilities:

  • Assessment of control effectiveness, including changes/updates made, for incident monitoring, detection, & containment.
  • Review of compensating controls and their effectiveness.
  • Assess/challenge for potential undetected events and incidents
  • Assess control design and implementation effectiveness. Identify gaps in controls, potential impact, and recommendations for improvement if warranted.
  • Review containment options/plans for threats and incidents and assess/challenge for effectiveness and potential collateral damage
  • Monitoring of SOC threat hunting team and insider threat operations team.
  • Understand, dimension and monitor SOC operations. Understanding how the SOC impacts the business and operations.
  • Develop key stakeholder relationships in the SOC.
  • Review and challenge root cause analysis for security incidents.
  • Monitor/challenge anomalous events and incidents and examine patterns.
  • Conduct risk analysis and convert it into actionable monitoring recommendations to be conducted by the SOC.
  • Provide challenge support for security incidents throughout the incident lifecycle as needed and provide challenge to ensure enterprise infrastructure is protected.
  • Perform analyses to validate established security requirements and to challenge/recommend additional security requirements and safeguards.
  • Identifying potential opportunities for enhanced risk management practices, challenging in the moment, conducting formal reviews, and developing corresponding remediation plans.
  • Serving as an SME throughout ORM-Technology/Cyber & Data Management.
  • Assessing the impact of identified risks on other areas throughout the bank including the business and risk, and ensuring it is accounted for and addressed.
  • Providing SME inputs to regulatory, internal reporting and ratings requests.
  • Planning and scheduling of second-line reviews with the target stakeholders.
  • Ensure Issues & Corrective Actions Plans are raised to address identified risks, ensure Corrective Actions are completed in a timely manner, and address identified risks.
  • Providing strategic input into the team's methodology and planned deliverables for the Book of Work to strengthen our independent methodology and outputs.

Desired Experience and Skills:

Minimum 8 years of experience preferred in security operations, incident response, insider threat operations, threat management, cyber security, forensics, Information Security or related function.

Minimum 2 years of experience in a risk role preferred.

Bachelor's degree, Masters preferred.

Preference for Industry recognized Information Security certification such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) certifications, Splunk Certification and/or training, GIAC certifications to include: GBFA, GCFA, GCTI, GCIH, GEVA, GDAT, GCIA, GMON, GCDA

Understanding of networking concepts and technologies including TCP/IP, Routing, Switching, NAT, OSI Model, etc.

Ability to manage multiple projects and multiple deadlines in an organized fashion.

Understanding of advanced data analysis and management concepts is a plus.

Technical writing abilities to author technical and risk management reports.

Demonstrates considerable technical knowledge of incident response, Cyber Security, Data Protection, IT Risk and Compliance.

Considerable knowledge and understanding of common cyber security technology tools such as firewalls, IDPS, Network access control, DDOS Mitigation, Anti-Malware, Anti-Virus, encryption and authentication.

Knowledge of industry standards/regulations (ISO, NIST, PCI-DSS, PSD2, GDPR, NIS).

Experience of overseeing or conducting independent risk assessments, business process or IT control auditing.

Experience of working in a large multinational financial institution is advantageous.

A broad understanding of global financial business activities such as Markets and Trading, Investment Banking and Consumer Banking is a plus.

An understanding of global financial payment systems such as SWIFT is advantageous.

Proven experience of interfacing with senior C-level stakeholders is a plus.

Experience in managing stakeholder engagements across various disciplines, varying degrees of seniority, and differing goals.

Execution and delivery focused; creating high quality reporting and analysis using appropriate business and technical language for the audience.

Proven analytical and critical think skills.

Excellent verbal communication and organization skills.

  • All competitive applications may be considered including those with equivalent experiences.

Keywords: Citigroup Inc., Irving , Cyber Risk Threat and Crisis Management SOC Coverage Head - SVP, Other , Irving, Texas

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Log In or Create An Account

Get the latest Texas jobs by following @recnetTX on Twitter!

Irving RSS job feeds