CrawlJobs Logo

Cyber Controls Lead Analyst / Business Risk Officer

https://www.citi.com/ Logo

Citi

Location Icon

Location:
Singapore , Singapore

Category Icon
Category:
-

Job Type Icon

Contract Type:
Employment contract

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

The Business Risk Officer is a strategic professional who stays abreast of developments within own field and contributes to directional strategy. Recognized technical authority for an area within the business, with significant influence and impact through complex deliverables.

Job Responsibility:

  • Responsible for managing and supporting multiple risk and control programs for the organization including defining the strategy, approach, processes, quality, tools and reporting that provide global risk management consistency and excellence
  • Establishes quarterly audit process of attributes to ensure proper calculation and control
  • Works closely with business partners on findings and makes recommendations on improving practices
  • Develops procedural implementation and change management process with Operations and Reporting team to ensure proper governance and controls exist
  • Examines procedures for consistency and gaps relative to regulations in addition to impacts on customer experience
  • Conducts internal testing of dispute processes to ensure control
  • Monitors exceptions to dispute policy and identifies drivers of exceptions
  • Leverages data to examine impacts to Customer Experience and Regulatory breaks
  • Has the ability to operate with a limited level of direct supervision
  • Can exercise independence of judgement and autonomy
  • Acts as SME to senior stakeholders and/or other team members
  • Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.

Requirements:

  • 6-10 years relevant work experience in Business Risk & Controls
  • MS Excel, MS Access, SAS, SQL, Visual Basic a plus
  • 5+ years’ experience in financial services
  • Consistently demonstrates clear and concise written and verbal communication skills
  • Effective organizational influencing skills required
  • Third party vendor management preferred
  • Demonstrated ability to lead global team efforts
  • Excellent problem solving skills
  • Ability to see the big pictures with high attention to critical details
  • Demonstrated ability to develop and implement strategy and process improvement initiatives.

Nice to have:

  • Relevant Cyber Security certifications e.g. CISA/CISM/CRISC/CISSP
  • Third party vendor management preferred.

Additional Information:

Job Posted:
March 22, 2025

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Citi - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Cyber Controls Lead Analyst / Business Risk Officer

Cyber Manager's Control Assessment (MCA) Lead Analyst

This role will report to the Cybersecurity MCA Group Manager, responsible for pr...
Location
Location
Hungary , Budapest
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Have at least 8+ years of relevant experience
  • Experience in Manager’s Control Assessment (MCA), Operational Risk, Information Security, Cybersecurity, Risk Management, and/or Governance, Risk and Control (GRC)
  • Risk Management, Cybersecurity, and/or Project Management certifications are a plus (e.g. CRISC, CISA, CISM, CISSP, PMP)
  • Proven experience in implementing sustainable solutions and improving processes
  • Bring creative approaches to help us drive value for clients
  • Ability to influence decisions with senior leadership and business partners when confronted with differing opinions on information security risks
  • Proficiency with Microsoft Office, advanced Excel skills (e.g. macros, pivots, complex formulas)
  • Knowledge of data visualization/analytics business applications such as Tableau, QlikView, and Microsoft Power BI
  • Familiarity with Machine Learning and Artificial Intelligence (AI) is a plus
  • Fluent in English (ability to read, write, and speak)
Job Responsibility
Job Responsibility
  • Manage the planning, coordination, and execution of MCA Transformation program for CISO
  • Drive MCA best practices, transformation, and execution consistency across business/functions
  • Lead efforts in Global Process MCA Profiles (GPMPs) and Continuous Risk Management (CRM) for CISO
  • Gain expert-level knowledge of MCA Standard, Procedure, and tools to support future-state MCA
  • Support CISO Business Processes, Control Owners, and Global Assessment Unit (GAU) Owners in their responsibilities related to MCA execution
  • Identify and document key controls necessary for mitigation of cybersecurity risk
  • Be a hands-on Subject Matter Expert (SME) with the ability to drive problem solving and root cause analyses, simplify complex messages and summarize key points
  • Partner with CISO’s Enterprise Architecture Methodology (EAM) Lead team by which taxonomies and processes interlink with each other, establishing a multifaceted matrix to inform decision-making and simplification
  • Foster constructive dialogue and facilitate open discussion, sharing of knowledge and experience with customers and stakeholders
  • Actively manage relationships with CISO business partners and risk management teams to achieve sustained success
What we offer
What we offer
  • Cafeteria Program
  • Home Office Allowance (for colleagues working in hybrid work models)
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms at our offices
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
  • Flexible work arrangements to support you in managing work - life balance
  • Career progression opportunities across geographies and business lines
  • Fulltime
Read More
Arrow Right

Senior IT Risk Analyst

Berkshire Hathaway Specialty Insurance (BHSI) has an exciting opportunity for a ...
Location
Location
United States , Boston
Salary
Salary:
95000.00 - 125000.00 USD / Year
bhspecialty.com Logo
Berkshire Hathaway Specialty Insurance
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of experience in IT risk, IT audit/compliance, or cyber GRC
  • Experience running RCSAs, defining KRIs/KPIs, and presenting risk insights to senior stakeholders
  • Strong documentation skills, including writing risk narratives, control designs, control matrices, testing procedures, and remediation plans
  • Effective communication and partnership skills
  • able to challenge constructively and receive challenge professionally
  • Experience conducting vendor risk reviews, including SOC 2 analysis, control gap identification, and remediation follow‑up
  • Solid background knowledge of major risk and control frameworks (Technology, Cyber, Enterprise), such as NIST CSF, COSO ERM, COBIT, etc.
  • Working knowledge of U.S. IT regulations (e.g., SOX, CCPA/CPRA, PCI, NY‑DFS) is recommended
  • Ability to work in a team-based environment and communicate effectively and efficiently with others domestically and globally
Job Responsibility
Job Responsibility
  • Lead risk identification, risk assessment, and ongoing monitoring
  • maintain the IT risk register and ensure risks map to business objectives and risk appetite/tolerances
  • Drive Risk and Control Self‑Assessments (RCAs) with different risk and control owners
  • advise on control design for identity & access, change/release, resiliency/DR, cloud security, data protection, and vulnerability management
  • Define and socialize KRIs/KPIs, risk dashboards, trends, and heat maps
  • deliver clear status to Technology leadership, and key stakeholders
  • Partner with Vendor Risk Management Team to evaluate critical vendors (including AI‑enabled services), review SOC reports/certifications, assess control gaps, and track remediation/compensating controls through closure
  • Track risk issues, action plans, and target dates
  • validate remediation and retest where needed
  • participate in lessons‑learned and scenario exercises
What we offer
What we offer
  • Comprehensive Health, Dental and Vision benefits
  • Disability Insurance (both short-term and long-term)
  • Life Insurance (for you and your family)
  • Accidental Death & Dismemberment Insurance (for you and your family)
  • Flexible Spending Accounts
  • Health Reimbursement Account
  • Employee Assistance Program
  • Retirement Savings 401(k) Plan with Company Match
  • Generous holiday and Paid Time Off
  • Tuition Reimbursement
  • Fulltime
Read More
Arrow Right

Operational Risk Review Lead Analyst

Operational Risk Review Lead Analyst – Technology. The Operational Risk Review (...
Location
Location
Poland , Warsaw
Salary
Salary:
Not provided
usbank.com Logo
U.S. Bank National Association
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree, or equivalent work experience
  • Seven to ten years of applicable experience
  • Advanced knowledge of technology, systems, data governance, cyber and / or information security risks as well as industry trends that impact Bank operations
  • Advanced Risk, Compliance, and Audit competencies
  • Advanced understanding of the business line’s operations, products, services, systems, and associated risks
  • Strong business acumen and credibility to help business line(s) proactively identify and address risks
  • Strong process facilitation, project management, and analytical skills
  • Excellent presentation, interpersonal, written, and verbal communication skills
  • Proficient computer navigation skills using a variety of software packages, including Microsoft Office applications and word processing, spreadsheets, databases, and presentations
Job Responsibility
Job Responsibility
  • Administration and execution of testing activities within Independent Risk Review Assessment (IRRA)
  • Evaluate processes and controls to ensure effective risk management framework
  • Confirm compliance with internal policies applicable laws and regulations related to technology, data governance, resiliency, cyber, AI, system and information security
  • Identify control and process weaknesses through design assessments and testing activities
  • Partner with the business line and Risk Management groups to recommend and influence solutions that mitigate operational risks
  • Effective verbal communication of testing results to the Manager
  • Draft well written reports
  • Respond to and/or escalate significant risks as appropriate
  • Provide oversight, coaching, feedback, etc. specific to the work completed by supporting Analysts
What we offer
What we offer
  • Exciting, fast-paced and diverse working environment
  • Benefits to help you protect your health and financial security
  • Development resources for career growth
  • Fulltime
Read More
Arrow Right

Operational Risk Review Analyst

The Operational Risk Review (ORR) Technology Analyst (“Analyst”) is responsible ...
Location
Location
Poland , Warsaw
Salary
Salary:
Not provided
usbank.com Logo
U.S. Bank National Association
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree, or equivalent work experience
  • Typically more than five years of applicable experience
  • Basic or intermediate knowledge of technology, systems, data governance, cyber and / or information security risks as well as industry trends that impact Bank operations
  • Basic or intermediate Risk, Compliance, and Audit competencies
  • Solid understanding of the business line’s operations, products, services, systems, and associated risks
  • Solid business acumen and credibility to help business line(s) proactively identify and address risks
  • Average process facilitation, project management, and analytical skills
  • Average presentation, interpersonal, written, and verbal communication skills
  • Proficient computer navigation skills using a variety of software packages, including Microsoft Office applications and word processing, spreadsheets, databases, and presentations
  • Applicable professional certifications (e.g., CISA, GSNA, CISSP, CRISC, CIA) are preferred
Job Responsibility
Job Responsibility
  • Execution of testing activities within Independent Risk Review Assessment (IRRA)
  • Evaluate processes and controls to ensure effective risk management framework
  • Test execution within projects and activities that confirm compliance with internal policies applicable laws and regulations related to technology, data governance, resiliency, cyber, AI, system and information security
  • Identification of control and process weaknesses through design assessments and testing activities
  • Work with the ORR Technology Manager to partner with the business line and Risk Management groups to recommend and influence solutions that mitigate operational risks
  • Effective verbal communication of testing results to the ORR Technology Lead Analyst and/or Technology Manager
  • Responding to and/or escalating significant risks as appropriate
What we offer
What we offer
  • Exciting, fast-paced and diverse working environment with employees of many different nationalities
  • Benefits to help you protect your health and financial security
  • Peace of mind
  • Career growth with development resources that give you the opportunity to stretch and shine
  • Fulltime
Read More
Arrow Right

Data Transfer Office Senior Analyst – Governance and Controls

The Data Transfer Office Senior Analyst – Governance and Controls will be respon...
Location
Location
Hungary , Budapest
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4-6 years of relevant experience in Data Privacy, Data Privacy Operations, Information Security or Cyber related risk management or in an Internal Audit, Risk Management, or Control Management related role
  • Working knowledge of Data Privacy Compliance laws, rules, regulations, risks, and appropriate controls
  • Familiarity with privacy related technology considerations such as cookies, mobile devices, biometrics and geolocation data is desired
  • Fluency in English
  • Knowing the most effective and efficient processes to get things done, with a focus on continuous improvement
  • Ability to anticipate and balance the needs of multiple stakeholders, while monitoring tight deadlines or unexpected requirement changes
  • Ability to communicate effectively
  • Strong project management skills
  • Risk-based thinking and analytical mindset
  • Up-to-date understanding of key Data Privacy risk and control concepts, tools and trends
Job Responsibility
Job Responsibility
  • Develop and maintain the data transfer governance framework and associated internal controls
  • Monitor the effectiveness of controls, conduct thematic issue reviews, manage Data Transfer Oversight (DTO) issues, and assess data transfer risks
  • Liaise with internal and external stakeholders, lead audit preparedness activities, and engage key business units on data governance matters
  • Support the development and preparation of materials for the Enterprise Data Transfer Forum
What we offer
What we offer
  • Cafeteria Program
  • Home Office Allowance (for colleagues working in hybrid work models)
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms at our offices
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
  • Flexible work arrangements to support you in managing work - life balance
  • Career progression opportunities across geographies and business lines
  • Fulltime
Read More
Arrow Right

Avp-analyst (digital finance & artificial intelligence risk management)

At Moody's, we unite the brightest minds to turn today’s risks into tomorrow’s o...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
moodys.com Logo
Moody's
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 9+ years of experience, including 5+ years in technology governance, risk, and control, covering self assessments, control evaluation, and regulatory compliance within financial services, with a strong focus on AI and digital finance
  • Broad technology experience across digital finance, AI, data, and large scale systems, operating in highly regulated, global environments with significant complexity
  • Hands on experience with GRC platforms (e.g., OpenPages or similar) and strong proficiency with the Microsoft Office suite
  • Proven ability to navigate product and tool development, particularly at the intersection of technology and data, partnering closely with engineering and business teams
  • Strong stakeholder management skills, building and sustaining effective relationships between business, technology, risk, and compliance stakeholders
  • Demonstrated capability to evaluate and prioritize strategic initiatives, balancing competing stakeholder needs and driving alignment across AI, digital finance, technology, and data priorities
  • Highly effective, independent contributor with strong analytical thinking, communication skills, adaptability, and experience leading or contributing to large, cross functional global initiatives
  • Master’s or Bachelor’s in a technology discipline (Computer Science, Information Management, Computer Engineering, Cyber Security or equivalent)
  • Relevant certification is desirable, e.g., CISSP, CISM, CISA. Working knowledge of Risk Management life cycles based on established frameworks: NIST, ORX, ISO 27001
Job Responsibility
Job Responsibility
  • Implement and maintain risk controls for digital finance and AI processes as first line of defense (1LOD) for Digital Economy team
  • Identify, assess, and mitigate operational and technology risks across AI models, platforms, and digital finance tools
  • Collaborate with business units to embed risk management practices into day-to-day operations and ensure compliance with governance standards
  • Maintain complete, accurate, and timely documentation of controls, RCSAs, mitigation plans, and all risk activities within GRC tools to support effective monitoring and reporting
  • Monitor emerging AI and digital finance risks, escalate issues promptly, and drive timely remediation actions
  • Develop and track Key Risk Indicators (KRIs) and ensure adherence to tolerance levels
  • Support risk governance through committee reporting and by maintaining policies and procedures aligned with enterprise risk, regulatory, and compliance requirements
  • Provide training and guidance to business teams on AI and digital finance risk management practices
  • Partner with technology and vendor teams to manage risks related to platforms, models, third party dependencies, and data usage
  • Drive continuous improvement of risk processes, reducing complexity while enhancing efficiency, scalability, and control effectiveness
Read More
Arrow Right

Continuity of Business and Crisis Management Lead Analyst

The COB & CM Lead Analyst is a strategic professional who stays abreast of devel...
Location
Location
India , Chennai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 9-13 years experience with Third Party oversight, risk and/or relationship management
  • Knowledge of Citi business operations
  • Ability to manage projects, expectations and maintain key relationships
  • Familiarity with the emerging regulatory environment as it relates to Third Party risk management
  • Advanced project management, data analysis and reporting ability
  • with a good understanding of supporting technologies (applications, reporting tools, and data presentation)
  • Excellent verbal and written communication skills
  • Bachelor’s/University degree, Master’s degree preferred
Job Responsibility
Job Responsibility
  • Develops and manages security and or COB solutions for multiple functional areas
  • Subject matter expert in at least one security and/or COB technology or policy discipline
  • Defines, implements, and applies area wide security and or COB policies and standards by leveraging knowledge of globally accepted information security and or COB principles
  • Identifies and utilizes a global risk management model
  • Manage all related COB deliverables such as : Business Impact Analysis, Business Recovery Plans, Crisis Management plans, Table Top Exercises
  • Filter and disseminate updates from Citi’s Office of Emergency Management (OEM) and / or Cyber Fusion Center to respective COB entity BRC and provide guidance on crisis planning/ actions as needed
  • Has the ability to operate with a limited level of direct supervision
  • Can exercise independence of judgement and autonomy
  • Acts as SME to senior stakeholders and /or other team members
  • Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency
  • Fulltime
Read More
Arrow Right
New

Pharmacy Technician

We’re building a world of health around every individual — shaping a more connec...
Location
Location
United States , Drexel Hill
Salary
Salary:
Not provided
https://www.cvshealth.com/ Logo
CVS Health
Expiration Date
June 22, 2026
Flip Icon
Requirements
Requirements
  • Must comply with any state board of pharmacy requirements or laws governing the practice of pharmacy, which includes but is not limited to, age, education, and licensure/certification
  • If the state board of pharmacy does not address or mandate a minimum age requirement, must be at least 16 years of age
  • If the state board of pharmacy does not address or mandate a minimum educational requirement, must have a high school diploma or equivalent, or be actively enrolled in high school or high school equivalency program
  • State-level licensure and national certification requirements vary by state, click here to learn more
  • Regular and predictable attendance, including nights and weekends
  • Ability to complete required training within designated timeframe
  • Attention and Focus
  • Customer Service and Team Orientation
  • Communication Skills
  • Mathematical Reasoning
Job Responsibility
Job Responsibility
  • Living our purpose by following all company SOPs at each workstation to help our Pharmacists manage and improve patient health
  • Following pharmacy workflow procedures at each pharmacy workstation (i.e., production, pick-up, drive-thru, and drop-off) for safe and accurate prescription fulfillment
  • Contributing to positive patient experiences by showing empathy and genuine care
  • Completing basic inventory activities, as permitted by law, and as directed by the pharmacy leadership team
  • Contributing to a high-performing team, embracing a growth mindset, and being receptive to feedback
  • Remaining flexible for both scheduling and business needs, while contributing to a safe, inclusive, and engaging team dynamic
  • Understanding and complying with all relevant federal, state, and local laws, regulations, professional standards, and ethical principles
  • Delivering additional patient health care services (e.g., immunizations, point-of-care testing, and voluntarily staffing offsite clinics), where allowable by law and supported by required training and certification
  • Where permissible, the Pharmacy Technician may also support immunizations, which includes the following responsibilities: Completing additional licensure and training requirements, in compliance with state Board of Pharmacy regulations, to obtain Technician Immunizer status to support preparing and administering vaccines
  • Educating patients about the importance of vaccines and referring patients to the Pharmacist-on-duty for vaccination questions
What we offer
What we offer
  • medical, dental, and vision coverage
  • paid time off
  • retirement savings options
  • wellness programs
  • and other resources, based on eligibility
  • Fulltime
Read More
Arrow Right