CrawlJobs Logo
Citi Logo Citi · -

Cyber Controls Lead Analyst / Business Risk Officer

Singapore, Singapore Employment contract · Job Posted March 22, 2025

Job offer has expired

Job Link Share

Job Description

The Business Risk Officer is a strategic professional who stays abreast of developments within own field and contributes to directional strategy. Recognized technical authority for an area within the business, with significant influence and impact through complex deliverables.

Job Responsibility

  • Responsible for managing and supporting multiple risk and control programs for the organization including defining the strategy, approach, processes, quality, tools and reporting that provide global risk management consistency and excellence
  • Establishes quarterly audit process of attributes to ensure proper calculation and control
  • Works closely with business partners on findings and makes recommendations on improving practices
  • Develops procedural implementation and change management process with Operations and Reporting team to ensure proper governance and controls exist
  • Examines procedures for consistency and gaps relative to regulations in addition to impacts on customer experience
  • Conducts internal testing of dispute processes to ensure control
  • Monitors exceptions to dispute policy and identifies drivers of exceptions
  • Leverages data to examine impacts to Customer Experience and Regulatory breaks
  • Has the ability to operate with a limited level of direct supervision
  • Can exercise independence of judgement and autonomy
  • Acts as SME to senior stakeholders and/or other team members
  • Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.

Requirements

  • 6-10 years relevant work experience in Business Risk & Controls
  • MS Excel, MS Access, SAS, SQL, Visual Basic a plus
  • 5+ years’ experience in financial services
  • Consistently demonstrates clear and concise written and verbal communication skills
  • Effective organizational influencing skills required
  • Third party vendor management preferred
  • Demonstrated ability to lead global team efforts
  • Excellent problem solving skills
  • Ability to see the big pictures with high attention to critical details
  • Demonstrated ability to develop and implement strategy and process improvement initiatives.

Nice to have

  • Relevant Cyber Security certifications e.g. CISA/CISM/CRISC/CISSP
  • Third party vendor management preferred.
Citi - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Cyber Controls Lead Analyst / Business Risk Officer

8 matching positions

Senior IT Risk Analyst

Berkshire Hathaway Specialty Insurance (BHSI) has an exciting opportunity for a ...
Location
Location
United States , Boston
Salary
Salary:
95000.00 - 125000.00 USD / Year
bhspecialty.com Logo
Berkshire Hathaway Specialty Insurance
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of experience in IT risk, IT audit/compliance, or cyber GRC
  • Experience running RCSAs, defining KRIs/KPIs, and presenting risk insights to senior stakeholders
  • Strong documentation skills, including writing risk narratives, control designs, control matrices, testing procedures, and remediation plans
  • Effective communication and partnership skills
  • able to challenge constructively and receive challenge professionally
  • Experience conducting vendor risk reviews, including SOC 2 analysis, control gap identification, and remediation follow‑up
  • Solid background knowledge of major risk and control frameworks (Technology, Cyber, Enterprise), such as NIST CSF, COSO ERM, COBIT, etc.
  • Working knowledge of U.S. IT regulations (e.g., SOX, CCPA/CPRA, PCI, NY‑DFS) is recommended
  • Ability to work in a team-based environment and communicate effectively and efficiently with others domestically and globally
Job Responsibility
Job Responsibility
  • Lead risk identification, risk assessment, and ongoing monitoring
  • maintain the IT risk register and ensure risks map to business objectives and risk appetite/tolerances
  • Drive Risk and Control Self‑Assessments (RCAs) with different risk and control owners
  • advise on control design for identity & access, change/release, resiliency/DR, cloud security, data protection, and vulnerability management
  • Define and socialize KRIs/KPIs, risk dashboards, trends, and heat maps
  • deliver clear status to Technology leadership, and key stakeholders
  • Partner with Vendor Risk Management Team to evaluate critical vendors (including AI‑enabled services), review SOC reports/certifications, assess control gaps, and track remediation/compensating controls through closure
  • Track risk issues, action plans, and target dates
  • validate remediation and retest where needed
  • participate in lessons‑learned and scenario exercises
What we offer
What we offer
  • Comprehensive Health, Dental and Vision benefits
  • Disability Insurance (both short-term and long-term)
  • Life Insurance (for you and your family)
  • Accidental Death & Dismemberment Insurance (for you and your family)
  • Flexible Spending Accounts
  • Health Reimbursement Account
  • Employee Assistance Program
  • Retirement Savings 401(k) Plan with Company Match
  • Generous holiday and Paid Time Off
  • Tuition Reimbursement
  • Fulltime
Read More
Arrow Right

Operational Risk Review Lead Analyst

Operational Risk Review Lead Analyst – Technology. The Operational Risk Review (...
Location
Location
Poland , Warsaw
Salary
Salary:
Not provided
usbank.com Logo
U.S. Bank National Association
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree, or equivalent work experience
  • Seven to ten years of applicable experience
  • Advanced knowledge of technology, systems, data governance, cyber and / or information security risks as well as industry trends that impact Bank operations
  • Advanced Risk, Compliance, and Audit competencies
  • Advanced understanding of the business line’s operations, products, services, systems, and associated risks
  • Strong business acumen and credibility to help business line(s) proactively identify and address risks
  • Strong process facilitation, project management, and analytical skills
  • Excellent presentation, interpersonal, written, and verbal communication skills
  • Proficient computer navigation skills using a variety of software packages, including Microsoft Office applications and word processing, spreadsheets, databases, and presentations
Job Responsibility
Job Responsibility
  • Administration and execution of testing activities within Independent Risk Review Assessment (IRRA)
  • Evaluate processes and controls to ensure effective risk management framework
  • Confirm compliance with internal policies applicable laws and regulations related to technology, data governance, resiliency, cyber, AI, system and information security
  • Identify control and process weaknesses through design assessments and testing activities
  • Partner with the business line and Risk Management groups to recommend and influence solutions that mitigate operational risks
  • Effective verbal communication of testing results to the Manager
  • Draft well written reports
  • Respond to and/or escalate significant risks as appropriate
  • Provide oversight, coaching, feedback, etc. specific to the work completed by supporting Analysts
What we offer
What we offer
  • Exciting, fast-paced and diverse working environment
  • Benefits to help you protect your health and financial security
  • Development resources for career growth
  • Fulltime
Read More
Arrow Right

Operational Risk Review Analyst

The Operational Risk Review (ORR) Technology Analyst (“Analyst”) is responsible ...
Location
Location
Poland , Warsaw
Salary
Salary:
Not provided
usbank.com Logo
U.S. Bank National Association
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree, or equivalent work experience
  • Typically more than five years of applicable experience
  • Basic or intermediate knowledge of technology, systems, data governance, cyber and / or information security risks as well as industry trends that impact Bank operations
  • Basic or intermediate Risk, Compliance, and Audit competencies
  • Solid understanding of the business line’s operations, products, services, systems, and associated risks
  • Solid business acumen and credibility to help business line(s) proactively identify and address risks
  • Average process facilitation, project management, and analytical skills
  • Average presentation, interpersonal, written, and verbal communication skills
  • Proficient computer navigation skills using a variety of software packages, including Microsoft Office applications and word processing, spreadsheets, databases, and presentations
  • Applicable professional certifications (e.g., CISA, GSNA, CISSP, CRISC, CIA) are preferred
Job Responsibility
Job Responsibility
  • Execution of testing activities within Independent Risk Review Assessment (IRRA)
  • Evaluate processes and controls to ensure effective risk management framework
  • Test execution within projects and activities that confirm compliance with internal policies applicable laws and regulations related to technology, data governance, resiliency, cyber, AI, system and information security
  • Identification of control and process weaknesses through design assessments and testing activities
  • Work with the ORR Technology Manager to partner with the business line and Risk Management groups to recommend and influence solutions that mitigate operational risks
  • Effective verbal communication of testing results to the ORR Technology Lead Analyst and/or Technology Manager
  • Responding to and/or escalating significant risks as appropriate
What we offer
What we offer
  • Exciting, fast-paced and diverse working environment with employees of many different nationalities
  • Benefits to help you protect your health and financial security
  • Peace of mind
  • Career growth with development resources that give you the opportunity to stretch and shine
  • Fulltime
Read More
Arrow Right

Data Transfer Office Senior Analyst – Governance and Controls

The Data Transfer Office Senior Analyst – Governance and Controls will be respon...
Location
Location
Hungary , Budapest
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4-6 years of relevant experience in Data Privacy, Data Privacy Operations, Information Security or Cyber related risk management or in an Internal Audit, Risk Management, or Control Management related role
  • Working knowledge of Data Privacy Compliance laws, rules, regulations, risks, and appropriate controls
  • Familiarity with privacy related technology considerations such as cookies, mobile devices, biometrics and geolocation data is desired
  • Fluency in English
  • Knowing the most effective and efficient processes to get things done, with a focus on continuous improvement
  • Ability to anticipate and balance the needs of multiple stakeholders, while monitoring tight deadlines or unexpected requirement changes
  • Ability to communicate effectively
  • Strong project management skills
  • Risk-based thinking and analytical mindset
  • Up-to-date understanding of key Data Privacy risk and control concepts, tools and trends
Job Responsibility
Job Responsibility
  • Develop and maintain the data transfer governance framework and associated internal controls
  • Monitor the effectiveness of controls, conduct thematic issue reviews, manage Data Transfer Oversight (DTO) issues, and assess data transfer risks
  • Liaise with internal and external stakeholders, lead audit preparedness activities, and engage key business units on data governance matters
  • Support the development and preparation of materials for the Enterprise Data Transfer Forum
What we offer
What we offer
  • Cafeteria Program
  • Home Office Allowance (for colleagues working in hybrid work models)
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms at our offices
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
  • Flexible work arrangements to support you in managing work - life balance
  • Career progression opportunities across geographies and business lines
  • Fulltime
Read More
Arrow Right

Avp-analyst (digital finance & artificial intelligence risk management)

At Moody's, we unite the brightest minds to turn today’s risks into tomorrow’s o...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
moodys.com Logo
Moody's
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 9+ years of experience, including 5+ years in technology governance, risk, and control, covering self assessments, control evaluation, and regulatory compliance within financial services, with a strong focus on AI and digital finance
  • Broad technology experience across digital finance, AI, data, and large scale systems, operating in highly regulated, global environments with significant complexity
  • Hands on experience with GRC platforms (e.g., OpenPages or similar) and strong proficiency with the Microsoft Office suite
  • Proven ability to navigate product and tool development, particularly at the intersection of technology and data, partnering closely with engineering and business teams
  • Strong stakeholder management skills, building and sustaining effective relationships between business, technology, risk, and compliance stakeholders
  • Demonstrated capability to evaluate and prioritize strategic initiatives, balancing competing stakeholder needs and driving alignment across AI, digital finance, technology, and data priorities
  • Highly effective, independent contributor with strong analytical thinking, communication skills, adaptability, and experience leading or contributing to large, cross functional global initiatives
  • Master’s or Bachelor’s in a technology discipline (Computer Science, Information Management, Computer Engineering, Cyber Security or equivalent)
  • Relevant certification is desirable, e.g., CISSP, CISM, CISA. Working knowledge of Risk Management life cycles based on established frameworks: NIST, ORX, ISO 27001
Job Responsibility
Job Responsibility
  • Implement and maintain risk controls for digital finance and AI processes as first line of defense (1LOD) for Digital Economy team
  • Identify, assess, and mitigate operational and technology risks across AI models, platforms, and digital finance tools
  • Collaborate with business units to embed risk management practices into day-to-day operations and ensure compliance with governance standards
  • Maintain complete, accurate, and timely documentation of controls, RCSAs, mitigation plans, and all risk activities within GRC tools to support effective monitoring and reporting
  • Monitor emerging AI and digital finance risks, escalate issues promptly, and drive timely remediation actions
  • Develop and track Key Risk Indicators (KRIs) and ensure adherence to tolerance levels
  • Support risk governance through committee reporting and by maintaining policies and procedures aligned with enterprise risk, regulatory, and compliance requirements
  • Provide training and guidance to business teams on AI and digital finance risk management practices
  • Partner with technology and vendor teams to manage risks related to platforms, models, third party dependencies, and data usage
  • Drive continuous improvement of risk processes, reducing complexity while enhancing efficiency, scalability, and control effectiveness
Read More
Arrow Right

Continuity of Business and Crisis Management Lead Analyst

The COB & CM Lead Analyst is a strategic professional who stays abreast of devel...
Location
Location
India , Chennai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 9-13 years experience with Third Party oversight, risk and/or relationship management
  • Knowledge of Citi business operations
  • Ability to manage projects, expectations and maintain key relationships
  • Familiarity with the emerging regulatory environment as it relates to Third Party risk management
  • Advanced project management, data analysis and reporting ability
  • with a good understanding of supporting technologies (applications, reporting tools, and data presentation)
  • Excellent verbal and written communication skills
  • Bachelor’s/University degree, Master’s degree preferred
Job Responsibility
Job Responsibility
  • Develops and manages security and or COB solutions for multiple functional areas
  • Subject matter expert in at least one security and/or COB technology or policy discipline
  • Defines, implements, and applies area wide security and or COB policies and standards by leveraging knowledge of globally accepted information security and or COB principles
  • Identifies and utilizes a global risk management model
  • Manage all related COB deliverables such as : Business Impact Analysis, Business Recovery Plans, Crisis Management plans, Table Top Exercises
  • Filter and disseminate updates from Citi’s Office of Emergency Management (OEM) and / or Cyber Fusion Center to respective COB entity BRC and provide guidance on crisis planning/ actions as needed
  • Has the ability to operate with a limited level of direct supervision
  • Can exercise independence of judgement and autonomy
  • Acts as SME to senior stakeholders and /or other team members
  • Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency
  • Fulltime
Read More
Arrow Right

Manager, 1st Line Controls Testing, Certification and Assurance

Our Purpose Mastercard powers economies and empowers people in 200+ countries an...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
mastercard.com Logo
Mastercard
Expiration Date
May 29, 2026
Flip Icon
Requirements
Requirements
  • Experience of working with security related control frameworks and standards (e.g. ISO27001, NIST, CRI, or PCI-DSS)
  • Experience of conducting security related audits/reviews and managing/coordinating external audits including certification audits
  • Ability to assess control design and operating effectiveness in complex environments and to identify control gaps and improvement opportunities
  • Experience of resolving certification and assurance issues
  • Knowledge and experience of all areas of security
  • Strong investigative and analytical experience (e.g. enquiry, scanning, analysis, interviewing, testing), problem-solving, and decision-making skills
  • Experience collaborating cross-functionally to identify and implement good practice security audit management and assurance processes
  • Excellent communication and stakeholder engagement skills
  • Certifications such as ISO27001 Lead Auditor, CISA, CISM, CISSP, PCI SSC ISA, CRISC, or equivalent is desirable
  • Bachelor's degree in Computer Science, Cyber Security, Information Technology, or a related field
Job Responsibility
Job Responsibility
  • Maintain certification and assurance related documentation
  • Prepare the organisation for annual certification audits
  • Support the assessment and validation of controls and processes against a variety of security standards and obligations
  • Support the team in the management of VLL certifications, e.g. ISO27001 and PCI DSS
  • Support the team in the management of other assurance activities, e.g. ISAE3000
  • Conduct periodic testing of key and non-key controls in line with the Control Testing Methodology
  • Evaluate compliance with internal policies, standards, regulatory requirements, and customer obligations
  • Prepare and review control testing documentation, including test procedures, results, and identified gaps
  • Ensure timely escalation of control deficiencies and support remediation tracking
  • Create and quality assure reports and team outputs
  • Fulltime
!
Read More
Arrow Right
New

Entry Level Recruitment Consultant

Phaidon International is a multi-award-winning talent partner, recognised for se...
Location
Location
United States , Charlotte
Salary
Salary:
45000.00 USD / Year
phaidoninternational.com Logo
Phaidon International
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Ambition: You want to build something, earn well, and grow fast
  • Communication: You're confident, clear, and know how to adapt your style
  • Professionalism: You show up prepared, follow through, and carry yourself with maturity
  • Work ethic: Whether it's sport, part-time work, internships or academics, you've shown what you're made of
  • Degree: Bachelor's Degree
Job Responsibility
Job Responsibility
  • Client Development: From Fortune 500 giants to the fastest-growing start-ups, from day one you'll build and manage relationships with hiring managers and business leaders across your specialist sector
  • Candidate Engagement: Identify and headhunt top mid-to-senior and executive-level professionals
  • End-to-End Process Management: Own the full recruitment cycle, from introductions and interviews through to offer negotiation and post-placement support
  • Embrace Technology and Data: We equip our consultants with best-in-class tools and data to work smarter and move faster
What we offer
What we offer
  • Uncapped commission from day 1
  • Award-winning internal training
  • Leading healthcare benefits
  • Fulltime
Read More
Arrow Right