CrawlJobs Logo

Cyber and Information Security Risk Manager, Senior Vice President

United Kingdom, London · Job Posted May 27, 2026
Apply Position
Job Link Share

Job Description

This role is critical for safeguarding the bank's financial stability and sustained growth by expertly managing Cyber & Information Security risks. The position involves identifying, assessing, measuring, monitoring, and reporting on these risks, ensuring all operations align with the Markets defined risk appetite. This professional provides a comprehensive view of the cyber threat landscape, enabling proactive anticipation, assessment, and mitigation of potential security risks across the Markets Business.

Job Responsibility

  • Proactively identify and assess evolving Cyber & Information Security risks across the business and technology landscape
  • Design and lead strategic initiatives to enhance cyber and information security controls and processes, ensuring alignment with risk appetite
  • Collaborate effectively with business unit leaders and diverse stakeholders to embed robust cyber risk management practices into business operations
  • Partner with 2nd line functions to interpret and apply cyber risk requirements and policies accurately
  • Engage with 3rd line functions to facilitate independent assessments, address findings, and drive resolution of cyber and information security issues
  • Maintain comprehensive oversight of cyber risk posture through continuous monitoring of metrics, activity, and corrective action plan execution
  • Prepare and present clear, concise updates on emerging cyber risks, control effectiveness, and strategic enhancements to senior management and governance committees
  • Ensure rigorous adherence to information security policies and regulatory requirements, including maintaining a robust Manager’s Control Assessment (MCA) for Cyber & Information Security
  • Serve as a primary liaison for all internal and external audit engagements related to Cyber & Information Security
  • Lead and mentor a team focused on cyber risk assessment, regulatory compliance, and efficient reporting and resolution of security-related matters

Requirements

  • Significant progressive experience in Cyber & Information Security Risk Management, IT Risk, Security Compliance, or IT Audit, with significant experience in a financial services environment
  • Demonstrated expertise in identifying, assessing, measuring, monitoring, and reporting on complex cyber and information security risks
  • Proven track record of designing and leading initiatives to enhance security controls and processes
  • Extensive experience collaborating with and managing expectations of diverse stakeholders, including business unit leaders, technical teams, and 2nd and 3rd line functions
  • Strong understanding of evolving cyber threat landscapes, regulatory requirements (e.g., NIST, ISO 27001, GLBA), and industry best practices
  • Proficient in maintaining risk and control frameworks, including Manager’s Control Assessment (MCA), specifically for Cyber & Information Security risks
  • Exceptional communication and presentation skills, with the ability to articulate complex cyber risk concepts and their business impact to senior management and governance committees
  • Ability to act as a primary liaison for all audit and regulatory engagements pertaining to Cyber & Information Security
  • Strong leadership capabilities with experience in leading and mentoring risk management professionals
  • Bachelor's degree required
  • Master's degree or relevant professional certifications (e.g., CISSP, CISM, CRISC) preferred

Nice to have

Master's degree or relevant professional certifications (e.g., CISSP, CISM, CRISC)

What we offer

  • Generous holiday allowance starting at 27 days plus bank holidays
  • increasing with tenure
  • A discretional annual performance related bonus
  • Private medical insurance packages to suit your personal circumstances
  • Employee Assistance Program
  • Pension Plan
  • Paid Parental Leave
  • Special discounts for employees, family, and friends
  • Access to an array of learning and development resources

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Cyber and Information Security Risk Manager, Senior Vice President

8 matching positions

Cyber and Information Security Risk Manager, Senior Vice President

This role is critical for safeguarding the bank's financial stability and sustai...
Location
Location
United Kingdom , Belfast
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of progressive experience in Cyber & Information Security Risk Management, IT Risk, Security Compliance, or IT Audit, with significant experience in a financial services environment
  • Demonstrated expertise in identifying, assessing, measuring, monitoring, and reporting on complex cyber and information security risks
  • Proven track record of designing and leading initiatives to enhance security controls and processes
  • Extensive experience collaborating with and managing expectations of diverse stakeholders, including business unit leaders, technical teams, and 2nd and 3rd line functions (e.g., Information Security Compliance, Operational Risk, Internal Audit, Regulators)
  • Strong understanding of evolving cyber threat landscapes, regulatory requirements (e.g., NIST, ISO 27001, GLBA), and industry best practices
  • Proficient in maintaining risk and control frameworks, including Manager’s Control Assessment (MCA), specifically for Cyber & Information Security risks
  • Exceptional communication and presentation skills, with the ability to articulate complex cyber risk concepts and their business impact to senior management and governance committees
  • Ability to act as a primary liaison for all audit and regulatory engagements pertaining to Cyber & Information Security
  • Strong leadership capabilities with experience in leading and mentoring risk management professionals
  • Bachelor's degree required
Job Responsibility
Job Responsibility
  • Proactively identify and assess evolving Cyber & Information Security risks across the business and technology landscape
  • Design and lead strategic initiatives to enhance cyber and information security controls and processes, ensuring alignment with risk appetite
  • Collaborate effectively with business unit leaders and diverse stakeholders to embed robust cyber risk management practices into business operations
  • Partner with 2nd line functions (e.g., Information Security Compliance, Operational Risk Management) to interpret and apply cyber risk requirements and policies accurately
  • Engage with 3rd line functions (e.g., Internal Audit, Compliance Assurance) to facilitate independent assessments, address findings, and drive resolution of cyber and information security issues
  • Maintain comprehensive oversight of cyber risk posture through continuous monitoring of metrics, activity, and corrective action plan execution
  • Prepare and present clear, concise updates on emerging cyber risks, control effectiveness, and strategic enhancements to senior management and governance committees
  • Ensure rigorous adherence to information security policies and regulatory requirements, including maintaining a robust Manager’s Control Assessment (MCA) for Cyber & Information Security
  • Serve as a primary liaison for all internal and external audit engagements related to Cyber & Information Security
  • Lead and mentor a team focused on cyber risk assessment, regulatory compliance, and efficient reporting and resolution of security-related matters
What we offer
What we offer
  • Generous holiday allowance starting at 27 days plus bank holidays
  • increasing with tenure
  • A discretional annual performance related bonus
  • Private medical insurance packages to suit your personal circumstances
  • Employee Assistance Program
  • Pension Plan
  • Paid Parental Leave
  • Special discounts for employees, family, and friends
  • Access to an array of learning and development resources
  • Fulltime
Read More
Arrow Right

Cyber Risk Senior Officer - Senior Vice President

Location
Location
United States , Irving
Salary
Salary:
156160.00 - 234240.00 USD / Year
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years relevant experience
  • Practical experience working in, assessing, or challenging security architecture, infrastructure security, network security, cloud security, cyber resilience or data protection
  • Deep knowledge of products within the coverage area, including a technical understanding of current and emerging trends as well as the ability to apply in-depth understanding of the business impacts of technical contributions
  • Experience in cyber risk assessments, metrics, enterprise technology services, risks, and controls within globally complex, dispersed, and diverse organizations
  • In-depth knowledge of cyber risks and controls across various information system architecture and engineering domains including: data protection, identity and access management, vulnerability management, network security, endpoint security, logging and monitoring, incident management, cyber resilience and third-party management
  • preferred expertise in security architecture, cloud security, and emerging technologies (including Artificial Intelligence and Digital Assets)
  • Subject matter expert in one or more industry standard risk management frameworks (including ISO27001, COBIT, TOGAF and CRI for example), and an in-depth understanding of cyber risk mitigation strategies
  • Outstanding communication and influencing skills through all levels of the organization and with external partners and vendors
  • Exceptional relationship management skills
  • must be able to address and resolve conflict while maintaining relationships
Job Responsibility
Job Responsibility
  • Manages internal projects on threat issues that support a variety of participants and stakeholders measuring the effectiveness and comprehensiveness of Citi’s first line defenses
  • Establishes and oversees the application of compliance and cyber policies and procedures, technology and tools, and governance processes to provide credible challenge for minimizing losses from cyber risks
  • Independently assesses cyber risks and drive actions to address the root causes that persistently lead to operational risk losses by challenging both historical and proposed practices
  • Leads independent assurance activities to assess areas of concern including substantive and controls testing
  • Monitors, evaluates, and challenges Key Risks and associated Key Risk Indicators triggers and thresholds
  • Also lead discussions with Key Indicator owners on breaches and action steps to correct breaches
  • Identifies potential risks associated with program/project delivery on a technical and detailed level
  • Leads various second line of defense cyber assessments including risk assessments, control assessments, maturity assessments etc
  • Assesses cyber risks associated with new initiatives and programs being proposed for implementation
  • Challenges the design, adequacy and strength of the control environment associated to technology and cyber and recommends actions to ensure the operational risk profile is in line with the cyber risk appetite
What we offer
What we offer
  • medical, dental & vision coverage
  • 401(k)
  • life, accident, and disability insurance
  • wellness programs
  • paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays
  • Fulltime
Read More
Arrow Right

Cyber / Tech 2nd LOD Senior Lead Analyst, Senior Vice President

The Technology and Cyber Compliance and Operational Risk Office (TCCORO) at Citi...
Location
Location
Poland , Warsaw
Salary
Salary:
340990.00 - 580610.00 PLN / Year
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in technology and cyber risk assessments, metrics, enterprise technology services, risks, and controls within globally complex, dispersed, and diverse organizations
  • Advanced knowledge and experience leading control design and operating effectiveness evaluation, testing, and reporting with a track record of influencing effective risk mitigation strategies
  • Excellent presentation skills as well as the ability to effectively communicate complex topics to a broad audience
  • Advanced proficiency in creating written executive materials and mastery in verbal presentation to Executive audiences
  • Outstanding communication and influencing skills, with the ability connect with individuals throughout all levels of the organization and with external partners and vendors
  • Exceptional relationship management skills, including demonstrable experience managing through conflict and issue resolution with senior stakeholders
  • Proven ability to work within teams, manage cross-functional projects, influence executive-level strategic decision-making, and effectively translate technology / cyber risk insights to value-add risk mitigation solutions
  • Subject matter expert in one or more industry standard risk management frameworks (including ISO27001, COBIT, TOGAF and CRI for example), and an in-depth understanding of technology and cyber risk mitigation strategies
  • Deep knowledge of products within the coverage area (e.g, Markets, Banking), including a technical understanding of current and emerging trends as well as the ability to apply in-depth understanding of the business impacts of technical contributions
  • In-depth knowledge of technology and cyber risks and controls across various information system architecture and engineering domains including data protection, identity and access management, vulnerability management, network security, endpoint security, logging and monitoring, incident management, and third-party management
Job Responsibility
Job Responsibility
  • Manages internal projects on threat issues that support a variety of participants and stakeholders measuring the effectiveness and comprehensiveness of Citi’s first line defenses
  • Establishes and oversees the application of compliance and technology and cyber policies and procedures, technology and tools, and governance processes to provide credible challenge for minimizing losses from technology and cyber risks
  • Independently assesses technology and cyber risks and drive actions to address the root causes that persistently lead to operational risk losses by challenging both historical and proposed practices
  • Leads independent assurance activities to assess areas of concern including substantive and controls testing
  • Monitors, evaluates, and challenges Key Risks and associated Key Risk Indicators triggers and thresholds
  • Identifies potential risks associated with program/project delivery on a technical and detailed level
  • Leads various second line of defense technology and cyber assessments including risk assessments, control assessments, maturity assessments etc
  • Assesses technology and cyber risks associated with new initiatives and programs being proposed for implementation
  • Challenges the design, adequacy and strength of the control environment associated to technology and cyber and recommends actions to ensure the operational risk profile is in line with the technology and cyber risk appetite
  • Executes ad-hoc activities for the TCCORO organization, including but not limited to: researching and producing materials for presentations of deep dives into selected topics, coordinating deliverables related to audits and examinations, and maintaining associated data for executive reporting
What we offer
What we offer
  • Employer paid Defined Contribution Pension Plan contribution of 6% of employee’s pensionable earnings (PPE Program)
  • Employer paid Private Medical Care Package for employees and Private Medical Care Packages for certain family members available at preferential rates
  • Employer paid Life Insurance Program for employees and Life Insurance for certain family members available at preferential rates
  • Employee Assistance Program financed by Employer
  • Paid Parental Leave Program (maternity and paternity leave
  • statutory and 2 weeks additional paid paternity leave)
  • Sport Card for employees subsidised via Social Benefits Fund and Sport Cards for certain family members available at preferential rates
  • Additional benefits from Company’s Social Benefit Fund, in particular: Holidays Allowance, support for sport and cultural activities, team building events
  • Additional day off for volunteering
  • Cafeteria/ flex benefit
  • Fulltime
Read More
Arrow Right

Email Security Senior Analyst (Vice President)

The Email Security Senior Analyst is responsible for providing expert support an...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree or equivalent work experience
  • IS Certifications are desired (CISSP, GSEC, GCFA,GREM, Security+, CISA, CISM). Email vendor certifications a plus
  • Strong experience with configuration, administering, troubleshooting email routing and filtering in Exchange, Exchange Online, Proofpoint and other enterprise level email security gateways (such as inbound routes, whitelists, email firewall rules, spam/AV, logging/reporting, TAP, TRAP, domain rewrites, secure messaging and recipient verification)
  • Experience in analyzing domain email activity and deploying SPF, DKIM and DMARC authentication
  • Experience with enterprise phishing defense concepts and technologies
  • Minimum 3+ years working in security engineering or security operations role, with a focus on email security
  • Cross-functional understanding of email operations, security practices and the user experience
  • Highly technical and analytical expertise, with a proven deep background (preferred 5+ years’ IT experience in addition to cybersecurity) in technology design, implementation, and delivery
  • Strong understanding of and demonstrated experience with the tools and sources available to conduct email and threat analysis
  • Ability to identify and develop new processes to address cross-functional and cross-business requirements and implement
Job Responsibility
Job Responsibility
  • Provide expertise and experience to existing and future functions and projects focused on email threats and controls
  • Actively monitor and research cyber threats with a direct or indirect impact to the Citi brand
  • Analyze and provide oversight of analysis of email threats and controls
  • Provide leadership, solution design, and hands-on development support for email security controls
  • Develop and manage processes to track identified incidents to resolution
  • Develop weekly, monthly, quarterly, and annual metrics and reports as needed
  • Develop written analytical reports and give presentations on findings
  • Triage information received from vendors and process that information through previously defined internal workflows
  • Manage third party vendors to ensure proper delivery of services
  • Manage meetings with internal stakeholders to address open issues and identify process improvements
  • Fulltime
Read More
Arrow Right

India Cyber Controls Lead - Senior Vice President

The India Cyber Controls Lead (CCL) is a senior management level position respon...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 12+ years of relevant experience
  • Demonstrable information security risk knowledge based on working in similar environments and situations
  • Excellent verbal and written communication skills and ability to comfortably interact with senior management as well as external agencies and regulators
  • Advanced Microsoft Office skills
  • Demonstrated ability to collaborate with a variety of analytical groups and service delivery organizations
  • Advanced analytical and problem solving skills
  • Consistently demonstrates clear and concise written and verbal communication
  • Proficient in interpreting and applying policies, standards and procedures
  • Demonstrated ability to remain unbiased in a diverse working environment
  • Bachelor’s degree/University degree or equivalent experience
Job Responsibility
Job Responsibility
  • Manage a large/complex team or multiple teams, overseeing resources, budget, policy formation and short to medium term planning
  • Manage and support risk and control programs for the organization including working with global teams to effectively deliver quality information security services to businesses in India
  • Manage and validate deliverables of all Information Security (IS) programs, ensuring closure per agreed timelines and goals
  • Perform Business Consulting Activities on IS topics, and ensure Information Security Officer (ISO) consulting services are performed
  • Conduct cost-benefit analysis to justify IS investment, and build the IS team by promoting partnerships, and marketing IS developments
  • Partner with Global Information Security Officers and Global Information Security Program Managers to improve processes and reduce risk
  • Ensure risks are identified, assessed, mitigated and controlled, and assist Security Incident Response Teams as the Business IS Consultant
  • Ensure Control Preparedness and control effectiveness, as part of the Audit preparedness exercise, ensuring IS programs are audit ready
  • Manage critical regulatory interactions and assessments making optimum use of available resources
  • Ensure CISO presence in appropriate country forums and conduct regulatory required meetings and discussions
  • Fulltime
Read More
Arrow Right

Assistant Vice President – Third Party Risk Oversight specialist - TPRO - Consumer Credit Risk

The AVP – Third party risk oversight role is responsible for owning and enhancin...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of experience in Risk management, third-party risk, vendor risk/management or credit risk with a large financial institution
  • US banking regulatory expectations
  • Prior experience operating with consumer credit risk or closely related risk domains
  • Extensive background in managing critical suppliers and regulated third-party relationships
  • Experience active as a risk/process oversight owner or leading risk platforms, frameworks, or governance models
  • Bachelor’s degree in related fields
  • Working knowledge of Vendor relationship management / Vendor risk management/ TPRO
  • Growth mindset with ability to balance risk, compliance and business enablement
  • Excellent stakeholder management and executive communication skills
  • Ability to challenge vendors and internal partners constructively
Job Responsibility
Job Responsibility
  • Product ownership and strategy: Own the end-to-end product vision for third-party risk oversight tools, processes, and controls within consumer credit risk
  • Own the TPRO vision, roadmap, and backlog, ensuring alignment with Citi risk policies and enterprise standards
  • Translate regulatory guidance, Citi policies, and risk requirements into User stories, controls, and functional requirements into scalable risk oversight solutions
  • Prioritize initiatives based on risk severity, regulatory commitments and business impact
  • Third-party Risk oversight: Oversee risk assessment lifecycle for third-party vendors, including: Inherent risk assessments, Due diligence (financial, operations, cyber, data privacy, model risk), Ongoing monitoring and periodic reviews
  • Ensure critical and high- risk vendors undergo enhanced oversight and governance
  • Maintain a risk-tiered vendor inventory aligned with consumer credit risk exposure
  • Supplier and contract management: Ensure supplier contracts meet regulatory, risk and control standard, including: SLAs, KPI, audit and access rights, data protection, information security, confidentiality, BCP/DR (business continuity planning/ Disaster recover), subcontractor and fourth-party controls
  • Track contract milestones, renewals, terminations and renegotiations
  • Proactively identify contracts nearing expirations and drive timely renewals or exit strategies
  • Fulltime
Read More
Arrow Right

Vice President, Information Technology

Phillip Jeffries is looking for a leader to join our IT Team! We are seeking a V...
Location
Location
United States , Fairfield
Salary
Salary:
200000.00 - 215000.00 USD / Year
phillipjeffries.com Logo
Phillip Jeffries Ltd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Must be based in New Jersey (or able to work on-site 4 days per week at our Fairfield, NJ headquarters)
  • 10+ years of progressive leadership experience in enterprise technology within a global organization
  • Demonstrated ownership of technology investment portfolios, including budget accountability, prioritization, and ROI realization
  • Experience operating in both centralized and decentralized organizational models
  • Proven track record deploying and overseeing cybersecurity programs in a multi-site, international environment with 400+ employees
  • Hands-on leadership exposure to: Enterprise platforms such as ERP, CRM, WMS, marketing automation, and Microsoft Office
  • Custom development and system integration
  • Enterprise-level cybersecurity governance and incident readiness
  • Proven ability to operate as a strategic business partner, not simply a service provider
  • Executive presence with the ability to independently present strategy, budgets, tradeoffs, and outcomes to ownership
Job Responsibility
Job Responsibility
  • Build and evolve a high-performing global technology organization that supports a growing, international business
  • Recruit, develop, and retain strong senior leaders and high-impact individual contributors
  • Design and continuously refine team structures, roles, and career paths as the organization matures
  • Serve as a coach and mentor while staying close enough to execution to maintain credibility
  • Ensure every role within IT has a clear development plan aligned to long-term growth
  • Own and maintain a multi-year enterprise technology roadmap aligned to company growth, operational leverage, and risk posture
  • Directly control technology budgets, headcount planning, and vendor strategy
  • Shape investment decisions by initiating high-impact opportunities, rejecting low-value initiatives, and sequencing work to balance speed, capacity, and risk
  • Design governance models that support experimentation through pilots, staged funding, and clear decision gates
  • Serve as the enterprise owner of cyber risk and technology risk posture
What we offer
What we offer
  • Company bonus program
  • Annual Cost of Living Increase
  • Retirement Plan - company automatically contributes approximately 10% of your annual compensation
  • Medical Coverage – low cost to the employee ($40 per month)
  • Spouse/ Domestic Partner/ Civil Union Partner Coverage
  • Family Coverage
  • Health Reimbursement Account (HRA)
  • Prescription Plan
  • Dental and vision coverage
  • Tax advantages through Flexible Spending Accounts that allow you to pay for specific healthcare and dependent care expenses with pre-tax dollars
  • Fulltime
Read More
Arrow Right

Vice President, Technology Risk Management

Our Purpose Mastercard powers economies and empowers people in 200+ countries an...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
mastercard.com Logo
Mastercard
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven ability to create outcomes or timely escalations with options, someone who rejects drift
  • Can lead teams – attracting, engaging, and retaining talent. Minimises friction and can develop people
  • Breadth and depth of cyber security achievements in a highly regulated environment
  • Experience dealing with matrix organisations, ideally including large multinationals
  • Experience presenting to, and working with senior partners in regulators, boards and customer organisations
  • Able to simplify data, and to distil messages to create compelling accurate narratives for stakeholders of all seniorities
  • Able to work closely with risk and audit colleagues to deliver relevant and high value-add assurance
  • Track record of embedding security controls in a complex organisation, managing competing demands to drive down aggregate residual risk
  • Strong influencing skills
  • organizationally savvy
Job Responsibility
Job Responsibility
  • Attract and retain a high-performing team of cyber professionals across the whole security team - engaging and developing our talent
  • Lead on the management and reporting of Cyber Risk for the firm, running the key governance committee (a sub committee of the firm's ExCo)
  • Lead on the design and production of all cyber MI for the firm, informing our board, customers, and regulators of our posture and residual risks – in many fora this role is the face of security
  • Mature our nascent threat modelling and residual-risk quantification techniques
  • Design & deliver regular reports to the board, the Executive Committee, customers, often with in-person presentations including Q&A
  • Play a leading role in the security leadership team alongside technical specialists, delivering our overall strategy and operation
  • Deputise for the Business Security Officer in internal, customer- and regulator-facing situations when necessary
  • Lead on implementing cyber security policies and procedures to minimize risk exposure and drive control maturity
  • Co-ordinate 1LOD activities around certifications such as PCI, SWIFT, ISO270001, ISAE3402, etc.
  • Act as a central point of co-ordination for all assurance activities, working with 2LOD, 3LOD, and the 1LOD controls office
  • Fulltime
Read More
Arrow Right