CrawlJobs Logo
Citi Logo Citi · IT - Administration

Information Security Technology Analyst - Governance

Philippines, City of Taguig, Metro Manila · Job Posted October 08, 2025
Apply Position
Job Link Share

Job Description

The Information Security Technology Analyst is an intermediate level position responsible for leading efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy.

Job Responsibility

  • Assist Security Incident Response Teams with incident investigations and aid in technical risk assessments
  • Coordinate with system development and infrastructure units to identify Information Security (IS) risks and the appropriate controls for development, day-to-day operation, and emerging technologies
  • Perform regular assessments based on changes in the threat landscape
  • Monitor vulnerability assessments and ethical hacks, ensuring that issues are addressed for the applications that they support
  • Provide information security support with related activities during systems development (e.g. authentication, encryption)
  • Identify and develop new and improved technical procedures and process control manuals
  • Identify significant IS threats and vulnerabilities
  • Assume informal/formal mentorship role within teams and assist with the coaching and training of new team members
  • Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets

Requirements

  • 5-8 years of relevant experience
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills
  • Proven analytical skills
  • Bachelor's degree/University degree or equivalent experience
Citi - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Information Security Technology Analyst - Governance

8 matching positions

Security Governance Risk & Compliance (GRC) Analyst

Here at Virtru you’ll help build a cutting edge security compliance program alig...
Location
Location
United States , Washington, DC
Salary
Salary:
130000.00 - 180000.00 USD / Year
virtru.com Logo
Virtru
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 5+ years of information security, IT audit and/or IT Risk Management, or GRC Analyst/Engineer experience
  • Deep understanding of at least few of the following: CMMC, NIST 800-53 & 800-171, FedRAMP, SOC 2, PCI, and/or other global privacy compliance frameworks
  • Technical acumen. Strong understanding of modern cloud technologies (AWS, GCP, Azure, etc.) and familiarity with GRC tools (Hyperproof, Vanta, Drata, etc) and SIEM tools (Datadog, Splunk)
  • You’re a relationship builder and have worked with both business and technical risk and understand how to translate risk to various levels of the organization
  • Have experience training and coaching teams to become better security and privacy practitioners
  • Like working on an autonomous agile team
  • Ability to resolve conflicts and drive issues to completion
  • Work independently with little or no supervision while maintaining a high level of efficiency
  • Hands on experience deploying and managing vulnerability scanning/cloud security posture management tools (Wiz, Prismacloud, etc.) to meet security compliance requirements
  • Real-world IR experience participating on security On-Call teams
Job Responsibility
Job Responsibility
  • Manage and implement complex controls frameworks for large systems, consisting of Cloud infrastructure and Software as a Service (SaaS) services (GCP, AWS, GitHub, Okta, etc)
  • Design and develop automation solutions for evidence collection across Cloud infrastructure, endpoints, and SaaS services
  • Conduct risk assessments across business units and processes. Identify risk findings and recommend remediation and risk mitigation strategies
  • Assist or implement automated controls to support risk mitigation efforts across various business units with stakeholders
  • Incorporate CMMC certification into Virtru’s slate of compliance assessments and ongoing monitoring activities (FedRAMP, SOC 2, PCI)
  • Facilitate the third-party vendor on-boarding and annual review process by evaluating the security of current and prospective partners
  • Participate in incident response (IR) activities, providing risk analysis and remediation support as needed
  • Enhance the team with your individualism, spirit, and love of learning
What we offer
What we offer
  • A Flexible PTO policy
  • A $1,500 annual Learning & Development Stipend
  • Frequent company-sponsored team celebrations
  • Access to an Employee Assistance Program
  • Access to Headspace, a mental health app
  • A flat 3% contribution to your retirement account
  • A high degree of flexibility
  • Competitive compensation
  • Generous parental, medical, and bereavement policies
  • 401K contribution and stock options
  • Fulltime
Read More
Arrow Right

Cybersecurity GRC Tool Analyst

Cybersecurity GRC Tool Analyst to analyse the technology requirements of the var...
Location
Location
Canada
Salary
Salary:
97600.00 - 181000.00 CAD / Year
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Information Security, Information Technology, Risk Management or a related field, or equivalent experience
  • CISSP, ISO 27001 Lead Implementer, or similar certification
  • GRC platform certifications (e.g., Archer Certified Professional, ServiceNow GRC, Drata Admin, OneTrust Certified)
  • ITIL Foundation (a plus)
  • 5-7 years of experience in Information Security, IT Governance, or Risk Management
  • 5+ years of experience working with GRC platforms (e.g., Archer, ServiceNow GRC, AuditBoard, Drata, OneTrust, or similar)
  • Expert at working with Governance Risk & Compliance platforms
  • Strong understanding of cybersecurity and compliance frameworks (e.g., NIST CSF, ISO 27001)
  • Experience with basic integrations and workflow configurations
  • Strong organizational skills and attention to detail
Job Responsibility
Job Responsibility
  • Administer and maintain the GRC platform, including configurations, workflows, and reporting dashboards
  • Support the integration of the GRC tool with key enterprise systems (e.g., asset inventory, ticketing systems, vulnerability management tools)
  • Collaborate with cybersecurity, policy, risk, compliance, and IT teams to capture business requirements and translate them into functional tool capabilities
  • Assist in onboarding and managing control frameworks (e.g., ISO 27001, SOC 2, NIST CSF, FedRAMP) within the platform
  • Monitor data quality, ensure accurate reporting, and maintain platform integrity
  • Support control owners and stakeholders in using the GRC platform for assessments, evidence collection, and tracking remediation activities
  • Maintain user roles and permissions, ensuring proper access management
  • Document processes, workflows, and platform configurations
  • Provide training and guidance to end users on tool functionality and best practices
  • Coordinate with tool vendors for issue resolution, upgrades, and enhancements
What we offer
What we offer
  • Health & Wellbeing benefits
  • Personal & Professional Development programs
  • Unconditional Inclusion environment
  • Comprehensive benefits suite supporting physical, financial and emotional wellbeing
  • Fulltime
Read More
Arrow Right

Lead Analyst, Digital Data Governance & Compliance

As a member of the Information Services department, the Lead Analyst, Digital Da...
Location
Location
United States , Princeton
Salary
Salary:
115000.00 - 126000.00 USD / Year
benchmarkmakers.com Logo
Benchmark Makers
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information Management, Computer Science, Business Administration, or a related field
  • 7+ years of experience in digital data governance, compliance, data mapping, litigation hold or eDiscovery roles
  • Demonstrated experience with data governance programs, particularly in regulated and/or law firm environments
  • Working knowledge of SQL, PowerShell, and Power BI technologies
  • Strong understanding of litigation hold and internal investigation protocols
  • Familiarity with data governance and data management platforms such as Microsoft Purview, Relativity, or similar platforms
  • Strategic thinker with strong analytical and critical thinking skills
  • Excellent written and verbal communication skills
  • High integrity and sound judgment with sensitive information
Job Responsibility
Job Responsibility
  • Work closely with the Senior Manager, Digital Data Governance & Compliance to lead the strategy, implementation and management of comprehensive electronic data governance frameworks, standards, and policies
  • Develop and execute data lifecycle management processes for unstructured and structured digital content
  • Develop and execute Litigation Hold process, ensuring data relevant to ongoing or anticipated litigation is properly identified, preserved, and tracked throughout Litigation Hold lifecycle
  • Lead internal data collections in response to audits, investigations or internal reviews, ensuring completeness, chain of custody, and evidentiary standards are met
  • Lead process for maintaining enterprise data map, ensuring all data assets, flows, and repositories are documented, regularly reviewed, and updated for accuracy
  • Partner with IT, legal, privacy, and business units to identify, classify, and document digital data assets across systems and platforms
  • Collaborate with cross-functional teams (Legal, Compliance, Information Security, IT, Business Units) to identify risks, close control gaps, and support continuous improvement of data governance practices
  • Prepare and deliver training, guidance, and communications to staff regarding electronic data governance, best practices, and compliance obligations
  • Work with the Office of the General Counsel to support internal and external audits and investigations
  • Evaluate and implement digital tools for litigation hold, data mapping, governance, and eDiscovery processes
  • Fulltime
Read More
Arrow Right

Lead Analyst, Digital Data Governance & Compliance

As a member of the Information Services department, the Lead Analyst, Digital Da...
Location
Location
United States , Chicago
Salary
Salary:
105000.00 - 120000.00 USD / Year
benchmarkmakers.com Logo
Benchmark Makers
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information Management, Computer Science, Business Administration, or a related field
  • 7+ years of experience in digital data governance, compliance, data mapping, litigation hold or eDiscovery roles
  • Demonstrated experience with data governance programs, particularly in regulated and/or law firm environments
  • Working knowledge of SQL, PowerShell, and Power BI technologies
  • Strong understanding of litigation hold and internal investigation protocols
  • Familiarity with data governance and data management platforms such as Microsoft Purview, Relativity, or similar platforms
  • Strategic thinker with strong analytical and critical thinking skills
  • Excellent written and verbal communication skills
  • High integrity and sound judgment with sensitive information
Job Responsibility
Job Responsibility
  • Work closely with the Senior Manager, Digital Data Governance & Compliance to lead the strategy, implementation and management of comprehensive electronic data governance frameworks, standards, and policies
  • Develop and execute data lifecycle management processes for unstructured and structured digital content
  • Develop and execute Litigation Hold process, ensuring data relevant to ongoing or anticipated litigation is properly identified, preserved, and tracked throughout Litigation Hold lifecycle
  • Lead internal data collections in response to audits, investigations or internal reviews, ensuring completeness, chain of custody, and evidentiary standards are met
  • Lead process for maintaining enterprise data map, ensuring all data assets, flows, and repositories are documented, regularly reviewed, and updated for accuracy
  • Partner with IT, legal, privacy, and business units to identify, classify, and document digital data assets across systems and platforms
  • Collaborate with cross-functional teams (Legal, Compliance, Information Security, IT, Business Units) to identify risks, close control gaps, and support continuous improvement of data governance practices
  • Prepare and deliver training, guidance, and communications to staff regarding electronic data governance, best practices, and compliance obligations
  • Work with the Office of the General Counsel to support internal and external audits and investigations
  • Evaluate and implement digital tools for litigation hold, data mapping, governance, and eDiscovery processes
  • Fulltime
Read More
Arrow Right

Lead Analyst, Digital Data Governance & Compliance

As a member of the Information Services department, the Lead Analyst, Digital Da...
Location
Location
United States , Los Angeles
Salary
Salary:
115000.00 - 126000.00 USD / Year
benchmarkmakers.com Logo
Benchmark Makers
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information Management, Computer Science, Business Administration, or a related field
  • 7+ years of experience in digital data governance, compliance, data mapping, litigation hold or eDiscovery roles
  • Demonstrated experience with data governance programs, particularly in regulated and/or law firm environments
  • Working knowledge of SQL, PowerShell, and Power BI technologies
  • Strong understanding of litigation hold and internal investigation protocols
  • Familiarity with data governance and data management platforms such as Microsoft Purview, Relativity, or similar platforms
  • Strategic thinker with strong analytical and critical thinking skills
  • Excellent written and verbal communication skills
  • High integrity and sound judgment with sensitive information
Job Responsibility
Job Responsibility
  • Work closely with the Senior Manager, Digital Data Governance & Compliance to lead the strategy, implementation and management of comprehensive electronic data governance frameworks, standards, and policies
  • Develop and execute data lifecycle management processes for unstructured and structured digital content
  • Develop and execute Litigation Hold process
  • Lead internal data collections in response to audits, investigations or internal reviews
  • Lead process for maintaining enterprise data map
  • Partner with IT, legal, privacy, and business units to identify, classify, and document digital data assets
  • Collaborate with cross-functional teams (Legal, Compliance, Information Security, IT, Business Units) to identify risks, close control gaps, and support continuous improvement
  • Prepare and deliver training, guidance, and communications to staff
  • Work with the Office of the General Counsel to support internal and external audits and investigations
  • Evaluate and implement digital tools for litigation hold, data mapping, governance, and eDiscovery processes
  • Fulltime
Read More
Arrow Right

Cyber Defense Analyst

The cyber defense analyst for Services within the Business, Functions and Techno...
Location
Location
Mexico , Ciudad De Mexico
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Ensure business and technology remain within risk tolerance for all applicable Cybersecurity risk appetites and sustain it with the consistent operating model
  • Enhance current vulnerability management (VTM) operating model in line with BFT Risk Governance organization with Path-to-appetite and reporting
  • Timely escalate to CISO Leadership and Businesses and ensure VTM risk treatment responses are entered in a timely fashion
  • Support Vulnerability Organization to improve the quality and integrity of VTM/GEM reports
  • Continue supporting vulnerability management Uplift Program activities and reduce risk while reducing stakeholders’ pain-points (data/reporting, false positives, processes)
  • Perform root cause analysis of VA Issues and identification of repeated offenders for high risk vulnerabilities
  • Conduct security reviews to check for security compliance to Bank’s requirements
  • Identify areas of repeating SIRT incidents, related trending and work with technology team and ISO contacts in reducing repeat volume instances
  • Identify opportunities for improving SIRT workflow efficiencies and developing reporting which better reports on root causes for bringing down repeat instance volumes
  • Work with SIM and ISO community to facilitate the adherence of SIRT reporting timelines as per defined within SIRT standard, as well as identify deviations and its cause
Job Responsibility
Job Responsibility
  • Ensure business and technology remain within risk tolerance for all applicable Cybersecurity risk appetites and sustain it with the consistent operating model
  • Enhance current vulnerability management (VTM) operating model in line with BFT Risk Governance organization with Path-to-appetite and reporting
  • Timely escalate to CISO Leadership and Businesses and ensure VTM risk treatment responses are entered in a timely fashion
  • Support Vulnerability Organization to improve the quality and integrity of VTM/GEM reports
  • Continue supporting vulnerability management Uplift Program activities and reduce risk while reducing stakeholders’ pain-points (data/reporting, false positives, processes)
  • Perform root cause analysis of VA Issues and identification of repeated offenders for high risk vulnerabilities
  • Conduct security reviews to check for security compliance to Bank’s requirements
  • Identify areas of repeating SIRT incidents, related trending and work with technology team and ISO contacts in reducing repeat volume instances
  • Identify opportunities for improving SIRT workflow efficiencies and developing reporting which better reports on root causes for bringing down repeat instance volumes
  • Work with SIM and ISO community to facilitate the adherence of SIRT reporting timelines as per defined within SIRT standard, as well as identify deviations and its cause
  • Fulltime
Read More
Arrow Right

Governance, risk and compliance technical analyst intern

This is a 10 week internship program that runs from May 27th, 2026 to August 7th...
Location
Location
United States , San Diego; San Francisco
Salary
Salary:
35.00 USD / Hour
gofundme.com Logo
GoFundMe
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Confidently maintain clear and concise communication with colleagues while working in a remote or hybrid environment
  • Inquisitive with a solution-oriented mindset
  • Demonstrate excellent analytical, problem-solving, time-management, and multitasking abilities
  • Passionate about staying current on regulatory changes, industry guidance, and card scheme compliance
Job Responsibility
Job Responsibility
  • Coordinate external auditor requests and facilitate meetings with Information Technology, Engineering Teams, Security and Control Owners
  • Build trust center tiles to communicate internal controls to customers and regulatory bodies
  • Assist in evidence collection for IT control reviews, infrastructure, change management and product releases
  • Assist in building communication portfolios, customer journeys and feedback forms for all audit stakeholders to ensure consistency in reaching audit goals, and note potential opportunities, risks, or complications
What we offer
What we offer
  • Competitive pay and comprehensive healthcare benefits
  • Financial assistance for things like hybrid work, family planning
  • Generous parental leave
  • Flexible time-off policies
  • Mental health and wellness resources
  • Learning, development, and recognition programs
  • Fulltime
Read More
Arrow Right

Incident Response Technician - Bilingual English/Japanese

The Incident Response Technician - Bilingual English/Japanese role involves anal...
Location
Location
United States , Jersey City
Salary
Salary:
117000.00 - 156000.00 USD / Year
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience working in Cybersecurity Operations or Information Security
  • Bilingual English/Japanese
  • Bachelor's degree in Information Technology, Cyber Security, Computer Science, or related discipline
  • Relevant technical and industry certifications, such as CISSP, ISSMP, SANS, GIAC, GCIA, CISM, CEH, GCFA, GCFE, GCIH, or GSEC are preferred
  • Experience in one or more security domains including Incident Response and Forensics, Security Governance and Oversight, Security Risk Management, Network Security, or Threat and Vulnerability Management preferred
  • Experience with information security risk management, including information security audits, reviews, and risk assessments
  • Strong Incident Response knowledge and experience
  • Theoretical and practical knowledge with Mac OS, Linux, Windows operating systems and clouds
  • Experience with security data collection, analysis and correlation
  • Well-developed analytic, qualitative, and quantitative reasoning skills
Job Responsibility
Job Responsibility
  • Conduct analysis of artifacts to determine methods of intrusion and best course of resolution while driving security improvement
  • Investigate potential cybersecurity events across multiple environments using various tools and techniques
  • Development of information security policies, standards, and procedures
  • Support inquiries from compliance teams such as IT risk management and internal and external auditors to ensure documentation is complete and processes are in compliance with information security policies
  • Create reports analyzing activities or trends both within and outside of the organization
  • Support the development of security operations detections, playbooks, and automations to ensure threat detection, monitoring, response, and forensics activities align with best practices, minimize gaps in detection and response, and provide comprehensive mitigation of threats
  • Reviews internal logs and alerts to identify potential cybersecurity events
  • Triage cases based on output from automated alerts, and determine when to escalate to other teams
  • Monitors external service provider activity to detect potential cybersecurity events
  • Analyzes security data from all systems in real time to spot and thwart potential threats, attacks, and other violations
What we offer
What we offer
  • Medical insurance
  • Dental insurance
  • Vision insurance
  • Flexible spending or health savings account
  • Life and AD&D insurance
  • Short and long term disability coverage
  • Paid time off
  • Employee assistance
  • Participation in a 401k program with company match
  • Additional voluntary or legally-required benefits
  • Fulltime
Read More
Arrow Right