CrawlJobs Logo
Citi Logo Citi · IT - Administration

Cyber and Information Security Risk Manager, Senior Vice President

United Kingdom, Belfast · Job Posted March 19, 2026
Apply Position
Job Link Share

Job Description

This role is critical for safeguarding the bank's financial stability and sustained growth by expertly managing Cyber & Information Security risks. The position involves identifying, assessing, measuring, monitoring, and reporting on these risks, ensuring all operations align with the Markets defined risk appetite. This professional provides a comprehensive view of the cyber threat landscape, enabling proactive anticipation, assessment, and mitigation of potential security risks across the Markets Business.

Job Responsibility

  • Proactively identify and assess evolving Cyber & Information Security risks across the business and technology landscape
  • Design and lead strategic initiatives to enhance cyber and information security controls and processes, ensuring alignment with risk appetite
  • Collaborate effectively with business unit leaders and diverse stakeholders to embed robust cyber risk management practices into business operations
  • Partner with 2nd line functions (e.g., Information Security Compliance, Operational Risk Management) to interpret and apply cyber risk requirements and policies accurately
  • Engage with 3rd line functions (e.g., Internal Audit, Compliance Assurance) to facilitate independent assessments, address findings, and drive resolution of cyber and information security issues
  • Maintain comprehensive oversight of cyber risk posture through continuous monitoring of metrics, activity, and corrective action plan execution
  • Prepare and present clear, concise updates on emerging cyber risks, control effectiveness, and strategic enhancements to senior management and governance committees
  • Ensure rigorous adherence to information security policies and regulatory requirements, including maintaining a robust Manager’s Control Assessment (MCA) for Cyber & Information Security
  • Serve as a primary liaison for all internal and external audit engagements related to Cyber & Information Security
  • Lead and mentor a team focused on cyber risk assessment, regulatory compliance, and efficient reporting and resolution of security-related matters

Requirements

  • 10+ years of progressive experience in Cyber & Information Security Risk Management, IT Risk, Security Compliance, or IT Audit, with significant experience in a financial services environment
  • Demonstrated expertise in identifying, assessing, measuring, monitoring, and reporting on complex cyber and information security risks
  • Proven track record of designing and leading initiatives to enhance security controls and processes
  • Extensive experience collaborating with and managing expectations of diverse stakeholders, including business unit leaders, technical teams, and 2nd and 3rd line functions (e.g., Information Security Compliance, Operational Risk, Internal Audit, Regulators)
  • Strong understanding of evolving cyber threat landscapes, regulatory requirements (e.g., NIST, ISO 27001, GLBA), and industry best practices
  • Proficient in maintaining risk and control frameworks, including Manager’s Control Assessment (MCA), specifically for Cyber & Information Security risks
  • Exceptional communication and presentation skills, with the ability to articulate complex cyber risk concepts and their business impact to senior management and governance committees
  • Ability to act as a primary liaison for all audit and regulatory engagements pertaining to Cyber & Information Security
  • Strong leadership capabilities with experience in leading and mentoring risk management professionals
  • Bachelor's degree required
  • Master's degree or relevant professional certifications (e.g., CISSP, CISM, CRISC) preferred

What we offer

  • Generous holiday allowance starting at 27 days plus bank holidays
  • increasing with tenure
  • A discretional annual performance related bonus
  • Private medical insurance packages to suit your personal circumstances
  • Employee Assistance Program
  • Pension Plan
  • Paid Parental Leave
  • Special discounts for employees, family, and friends
  • Access to an array of learning and development resources
Citi - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Cyber and Information Security Risk Manager, Senior Vice President

8 matching positions

New

Cyber and Information Security Risk Manager, Senior Vice President

This role is critical for safeguarding the bank's financial stability and sustai...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Significant progressive experience in Cyber & Information Security Risk Management, IT Risk, Security Compliance, or IT Audit, with significant experience in a financial services environment
  • Demonstrated expertise in identifying, assessing, measuring, monitoring, and reporting on complex cyber and information security risks
  • Proven track record of designing and leading initiatives to enhance security controls and processes
  • Extensive experience collaborating with and managing expectations of diverse stakeholders, including business unit leaders, technical teams, and 2nd and 3rd line functions
  • Strong understanding of evolving cyber threat landscapes, regulatory requirements (e.g., NIST, ISO 27001, GLBA), and industry best practices
  • Proficient in maintaining risk and control frameworks, including Manager’s Control Assessment (MCA), specifically for Cyber & Information Security risks
  • Exceptional communication and presentation skills, with the ability to articulate complex cyber risk concepts and their business impact to senior management and governance committees
  • Ability to act as a primary liaison for all audit and regulatory engagements pertaining to Cyber & Information Security
  • Strong leadership capabilities with experience in leading and mentoring risk management professionals
  • Bachelor's degree required
Job Responsibility
Job Responsibility
  • Proactively identify and assess evolving Cyber & Information Security risks across the business and technology landscape
  • Design and lead strategic initiatives to enhance cyber and information security controls and processes, ensuring alignment with risk appetite
  • Collaborate effectively with business unit leaders and diverse stakeholders to embed robust cyber risk management practices into business operations
  • Partner with 2nd line functions to interpret and apply cyber risk requirements and policies accurately
  • Engage with 3rd line functions to facilitate independent assessments, address findings, and drive resolution of cyber and information security issues
  • Maintain comprehensive oversight of cyber risk posture through continuous monitoring of metrics, activity, and corrective action plan execution
  • Prepare and present clear, concise updates on emerging cyber risks, control effectiveness, and strategic enhancements to senior management and governance committees
  • Ensure rigorous adherence to information security policies and regulatory requirements, including maintaining a robust Manager’s Control Assessment (MCA) for Cyber & Information Security
  • Serve as a primary liaison for all internal and external audit engagements related to Cyber & Information Security
  • Lead and mentor a team focused on cyber risk assessment, regulatory compliance, and efficient reporting and resolution of security-related matters
What we offer
What we offer
  • Generous holiday allowance starting at 27 days plus bank holidays
  • increasing with tenure
  • A discretional annual performance related bonus
  • Private medical insurance packages to suit your personal circumstances
  • Employee Assistance Program
  • Pension Plan
  • Paid Parental Leave
  • Special discounts for employees, family, and friends
  • Access to an array of learning and development resources
  • Fulltime
Read More
Arrow Right

India Cyber Controls Lead - Senior Vice President

The India Cyber Controls Lead (CCL) is a senior management level position respon...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 12+ years of relevant experience
  • Demonstrable information security risk knowledge based on working in similar environments and situations
  • Excellent verbal and written communication skills and ability to comfortably interact with senior management as well as external agencies and regulators
  • Advanced Microsoft Office skills
  • Demonstrated ability to collaborate with a variety of analytical groups and service delivery organizations
  • Advanced analytical and problem solving skills
  • Consistently demonstrates clear and concise written and verbal communication
  • Proficient in interpreting and applying policies, standards and procedures
  • Demonstrated ability to remain unbiased in a diverse working environment
  • Bachelor’s degree/University degree or equivalent experience
Job Responsibility
Job Responsibility
  • Manage a large/complex team or multiple teams, overseeing resources, budget, policy formation and short to medium term planning
  • Manage and support risk and control programs for the organization including working with global teams to effectively deliver quality information security services to businesses in India
  • Manage and validate deliverables of all Information Security (IS) programs, ensuring closure per agreed timelines and goals
  • Perform Business Consulting Activities on IS topics, and ensure Information Security Officer (ISO) consulting services are performed
  • Conduct cost-benefit analysis to justify IS investment, and build the IS team by promoting partnerships, and marketing IS developments
  • Partner with Global Information Security Officers and Global Information Security Program Managers to improve processes and reduce risk
  • Ensure risks are identified, assessed, mitigated and controlled, and assist Security Incident Response Teams as the Business IS Consultant
  • Ensure Control Preparedness and control effectiveness, as part of the Audit preparedness exercise, ensuring IS programs are audit ready
  • Manage critical regulatory interactions and assessments making optimum use of available resources
  • Ensure CISO presence in appropriate country forums and conduct regulatory required meetings and discussions
  • Fulltime
Read More
Arrow Right

Assistant Vice President – Third Party Risk Oversight specialist - TPRO - Consumer Credit Risk

The AVP – Third party risk oversight role is responsible for owning and enhancin...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of experience in Risk management, third-party risk, vendor risk/management or credit risk with a large financial institution
  • US banking regulatory expectations
  • Prior experience operating with consumer credit risk or closely related risk domains
  • Extensive background in managing critical suppliers and regulated third-party relationships
  • Experience active as a risk/process oversight owner or leading risk platforms, frameworks, or governance models
  • Bachelor’s degree in related fields
  • Working knowledge of Vendor relationship management / Vendor risk management/ TPRO
  • Growth mindset with ability to balance risk, compliance and business enablement
  • Excellent stakeholder management and executive communication skills
  • Ability to challenge vendors and internal partners constructively
Job Responsibility
Job Responsibility
  • Product ownership and strategy: Own the end-to-end product vision for third-party risk oversight tools, processes, and controls within consumer credit risk
  • Own the TPRO vision, roadmap, and backlog, ensuring alignment with Citi risk policies and enterprise standards
  • Translate regulatory guidance, Citi policies, and risk requirements into User stories, controls, and functional requirements into scalable risk oversight solutions
  • Prioritize initiatives based on risk severity, regulatory commitments and business impact
  • Third-party Risk oversight: Oversee risk assessment lifecycle for third-party vendors, including: Inherent risk assessments, Due diligence (financial, operations, cyber, data privacy, model risk), Ongoing monitoring and periodic reviews
  • Ensure critical and high- risk vendors undergo enhanced oversight and governance
  • Maintain a risk-tiered vendor inventory aligned with consumer credit risk exposure
  • Supplier and contract management: Ensure supplier contracts meet regulatory, risk and control standard, including: SLAs, KPI, audit and access rights, data protection, information security, confidentiality, BCP/DR (business continuity planning/ Disaster recover), subcontractor and fourth-party controls
  • Track contract milestones, renewals, terminations and renegotiations
  • Proactively identify contracts nearing expirations and drive timely renewals or exit strategies
  • Fulltime
Read More
Arrow Right

Vice President, ISO Lead Analyst, Technology

The Information Security Operations (ISO) Lead Analyst is a senior level profess...
Location
Location
Japan , Chiyoda, Tokyo
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6-10 years of relevant experience
  • Proficient in interpreting and applying policies, standards and procedures
  • Consistently demonstrates clear and concise written and verbal communication both in English and Japanese
  • Proven influencing and relationship management skills
  • Proven analytical skills
  • Bachelor’s degree/University degree or equivalent experience
  • Professional certifications such as CISSP, CISM, CCSP, CISA, etc. preferred
  • Business-level English proficiency for communicating with global peers
  • Communicate proficiently in Japanese with regulatory and law enforcement authorities, local businesses, and vendors
Job Responsibility
Job Responsibility
  • Support the implementation of the IS Training Plan, by verifying training participants completed the training and understand IS requirements
  • Coordinate with cross-functional Operations and Technology (O&T) counterparts and teams to improve O&T risk oversight
  • Provide recommendations on IS aspects of projects and assess/report Corrective Action Plans to improve IS programs and initiatives
  • Escalate significant risks to the Regional/Sector IS Leadership for information or required actions
  • Attend and participate in internal/external IS forums and risk committees when necessary
  • Improve processes, by removing deficiencies and enhancing current tools that reduce an overall risk profile
  • Ensure security practices/standards compliance and reduce security risks through enhancing controls and minimizing weaknesses in Citi’s applications portfolio
  • Ensure audits are passed with a satisfactory audit rating for all IS topics
  • Ensure non-compliant items are resolved through coordination with Business Manager and business staff
  • Support the Global Information Security (GIS) policies, standards, and initiatives development and implementation
  • Fulltime
Read More
Arrow Right

Vice-President, Information Technology

The Vice President, Information Technology (VP, IT) is a key executive responsib...
Location
Location
Canada , Etobicoke
Salary
Salary:
Not provided
woodbine.com Logo
Woodbine Entertainment Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10–15 years of experience in IT, including 5+ years in senior leadership roles
  • Broad technology expertise across IT Operations, Support, Cyber Security, Product Management, and Data
  • Bachelor’s degree in Computer Science, Information Systems, or related field (or equivalent experience)
  • Proven experience developing and executing technology strategies aligned with business goals
  • Demonstrated success leading large teams, complex projects, and enterprise‑wide transformations
  • Strong communication, stakeholder management, and relationship‑building skills with the ability to simplify complex technical concepts
  • Experience managing technology budgets and resource planning
  • Demonstrated ability to drive innovation while maintaining operational excellence
Job Responsibility
Job Responsibility
  • Build multi‑year technology strategies for IT Operations, Support, Cyber Security, Product Management, Data & Integration
  • Identify and integrate emerging technologies
  • Represent IT strategy and performance to executive leadership
  • Lead the day‑to‑day operations of technology
  • Oversee infrastructure, network, cloud operations, and enterprise applications
  • Own and manage the technology budget
  • Establish strong governance frameworks
  • Monitor and optimize IT service delivery performance
  • Build, implement, and evolve a multi‑year Cyber Security Strategy
  • Ensure robust risk management practices
  • Fulltime
Read More
Arrow Right

Data Privacy Senior Analyst - Assistant Vice President

The Data Privacy Sr Analyst is responsible for providing governance and oversigh...
Location
Location
India , Pune
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-8 years of relevant experience
  • Demonstrates Data Privacy, Data Privacy Operations, Information Security or Cyber related risk management or minimum two years in an Internal Audit, Risk Management, or Control Management related role
  • Working knowledge of Data Privacy Compliance laws, rules, regulations, risks, and appropriate controls
  • Strong project management skills
  • Ability to anticipate and balance the needs of multiple stakeholders
  • Ability to communicate effectively
  • Risk-based thinking and analytical mindset
  • Ability to build rapport and work closely with stakeholders
  • Up-to-date understanding of key Data Privacy risk and control concepts, tools and trends
  • Proficient in the use of basic Microsoft applications (Word, Excel, PowerPoint)
Job Responsibility
Job Responsibility
  • Complete the Privacy Impact Assessment (PIA) process and controls required for all initiatives, new products and services
  • Assess, evaluate, and validate controls through processes and tools such as the MCA and KRIs as appropriate for data privacy risk
  • Support the product heads, function heads, COOs and In Business Risk team on gap analysis and the implementation of global policy requirements and regional standards
  • Support periodic reviews of the Business’s data privacy processes and control and validate changes as a result of such reviews
  • Track and review deviations and risk acceptances when raised and at the time of renewal
  • Follow Escalation Policy and procedures to ensure effective escalation and socialization of material risk events and issues across businesses for any Data Privacy related items
  • Escalate material risk events and issues appropriately
  • Assist business in creation of Issues/CAPs related to Data Privacy as needed
  • Support the Business and Functions on reviews and audits on Data Privacy
  • Work with Global In-Business Regulatory head on all reviews and audits to ensure appropriate preparation, pre-review assessments and post-review remediation
  • Fulltime
Read More
Arrow Right

Email Security Senior Analyst (Vice President)

The Email Security Senior Analyst is responsible for providing expert support an...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree or equivalent work experience
  • IS Certifications are desired (CISSP, GSEC, GCFA,GREM, Security+, CISA, CISM). Email vendor certifications a plus
  • Strong experience with configuration, administering, troubleshooting email routing and filtering in Exchange, Exchange Online, Proofpoint and other enterprise level email security gateways (such as inbound routes, whitelists, email firewall rules, spam/AV, logging/reporting, TAP, TRAP, domain rewrites, secure messaging and recipient verification)
  • Experience in analyzing domain email activity and deploying SPF, DKIM and DMARC authentication
  • Experience with enterprise phishing defense concepts and technologies
  • Minimum 3+ years working in security engineering or security operations role, with a focus on email security
  • Cross-functional understanding of email operations, security practices and the user experience
  • Highly technical and analytical expertise, with a proven deep background (preferred 5+ years’ IT experience in addition to cybersecurity) in technology design, implementation, and delivery
  • Strong understanding of and demonstrated experience with the tools and sources available to conduct email and threat analysis
  • Ability to identify and develop new processes to address cross-functional and cross-business requirements and implement
Job Responsibility
Job Responsibility
  • Provide expertise and experience to existing and future functions and projects focused on email threats and controls
  • Actively monitor and research cyber threats with a direct or indirect impact to the Citi brand
  • Analyze and provide oversight of analysis of email threats and controls
  • Provide leadership, solution design, and hands-on development support for email security controls
  • Develop and manage processes to track identified incidents to resolution
  • Develop weekly, monthly, quarterly, and annual metrics and reports as needed
  • Develop written analytical reports and give presentations on findings
  • Triage information received from vendors and process that information through previously defined internal workflows
  • Manage third party vendors to ensure proper delivery of services
  • Manage meetings with internal stakeholders to address open issues and identify process improvements
  • Fulltime
Read More
Arrow Right

Principal Analyst, Control Testing, Certification and Assurance

The newly created 1st Line Control Office function within Vocalink Limited (VLL)...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
mastercard.com Logo
Mastercard
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong understanding and experience of working with control frameworks and standards (e.g. ISO27001, NIST, CRI, or PCI DSS)
  • Strong understanding and experience of conducting security related audits/reviews and managing/coordinating external audits including certification audits
  • Experience of resolving varied and complex certification and assurance issues
  • Knowledge and experience of all areas of security and IT general controls across a variety of platforms and environments
  • Proven experience in control testing or assurance within security in a regulated environment
  • Strong investigative and analytical experience (e.g. enquiry, scanning, analysis, interviewing, testing), problem-solving, and decision-making skills
  • Experience collaborating cross-functionally to identify and implement good practice security audit management and assurance processes
  • Ability to assess control design and operating effectiveness in complex environments and to identify control gaps and improvement opportunities
  • Excellent communication and stakeholder engagement skills
  • Experience of managing and coaching junior team members
Job Responsibility
Job Responsibility
  • Lead and manage external audits for technical standards, e.g. PCI DSS and PCI PIN
  • Support the Vice President and Director of Certification and Assurance in the development and maintenance of the annual Control Testing, Certification and Assurance plan
  • Supporting and deputising for the Director of Certification and Assurance in the discharge of their responsibilities, as required
  • Provide strategic input into the evolution and continuous improvement of Certification and Assurance team processes and procedures
  • Maintain certification related documentation
  • Prepare and lead the organisation for annual certification audits
  • Lead the assessment and validation of controls and processes against a variety of security standards and obligations
  • Lead the team on the management of certifications, (e.g., ISO27001, PCI DSS) and assurance activities (e.g., ISAE3000)
  • Conduct periodic testing of key and non-key controls in line with the Control Testing Methodology
  • Evaluate compliance with internal policies, standards, regulatory requirements, and customer obligations
  • Fulltime
Read More
Arrow Right