ISO Sr. Analyst

• Address security issues identified in the various information security programs
• Review and address issues identified within various Information Security (IS) programs and ensure all IS issues related to Internal Audit, and External Auditors are closed by their original target date
• Improve the efficacy of governance processes by identifying risks, monitoring controls, and remediating issues
• Establish cross-sector working relationships and complete weekly awareness discussions with local team to efficiently tackle security issues
• Ensure risk exceptions are raised, registered and closed on a timely basis and communicate updates and changes to the global standards
• Complete Risk Assessment process, including completing accurate inventory reporting, data classification, threat analysis, and action plans
• Test and validate that the business complies with applicable IS requirements
• develop and implement IS policies and procedures
• Determine and validate appropriate level of controls are being implemented to safeguard sensitive data
• Develop Corrective Action Plans for all Information Security-related gaps and approve all closures through reviewing evidence to ensure each closure meets Citi Requirements
• Assume informal/formal mentorship role within teams and assist with the coaching and training of new team members
• Operate with a limited level of direct supervision
• Assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and compliance with laws, rules and regulations

• 5-8 years of relevant experience
• Proficient in interpreting and applying policies, standards and procedures
• Consistently demonstrates clear and concise written and verbal communication
• Proven influencing and relationship management skills
• Proven analytical skills
• Amplio conocimiento y cumplimiento de regulaciones mexicanas (en materia de SI) (CNBV y BANXICO)
• Conocimientos técnicos relacionados con Seguridad de la Información y Ciberseguridad
• Deseables certificaciones CRISC, CISA, CISM, CISSP, ISO27001:2022, ISO31000:2018
• Experiencia en la elaboración de reportes y métricas ejecutivas dirigidas a la alta dirección
• Habilidades de comunicación y negociación
• Habilidades para identificar y resolver problemas
• Licenciatura en informática, Ingienería en computación, Sistemas computacionales (terminada/itulado)
• Indispensable idioma inglés al 80%
• Indispensable conocimientos avanzados en paquetería office (excel, power point, word)

Deseables certificaciones CRISC, CISA, CISM, CISSP, ISO27001:2022, ISO31000:2018