CrawlJobs Logo

Senior Auditor - Resilience (Technology)

https://www.citi.com/ Logo

Citi

Location Icon

Location:
India , Mumbai

Category Icon
Category:
Finance

Job Type Icon

Contract Type:
Employment contract

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

The Senior Auditor is an intermediate level role responsible for performing moderately complex Technology audits and assessments of Citi’s risk and control environments in coordination with the Audit team. The overall objective is to utilize in-depth subject matter expertise in Resilience (Technology) to ensure that the firm meets audit standards and regulations and to work with business leaders to determine solutions for emerging issues.

Job Responsibility:

  • Consistently execute control testing and deliver audits, in a timely manner, in accordance with Internal Audit and Regulatory standards
  • Prepare the Business Monitoring Quarterly Reviews
  • Prepare Risk Assessments as required
  • Collaborate with teams across the business and determine risk impacts on the overall control environment and audit approach
  • Execute audit activities for assigned work and the associated entities
  • Apply in-depth understanding of Internal Audit standards, policies and regulations to a specific product or function area
  • Appropriately assess risk when business decisions are made, demonstrating consideration for the firm's reputation and safeguarding Citigroup, its clients, and assets, by driving compliance with applicable laws, rules, and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing, and reporting control issues with transparency

Requirements:

  • 6-8 years of Internal Audit experience
  • Internal Audit Experience from a highly regulated industry, such as Financial, Banking, Insurance, or similar
  • Highly preferred candidates will have EXECUTED WORKPAPERS through many different audit engagements
  • Audit experience in at least one of the following areas: Cyber/Infrastructure, Technology, Third Party, Operational Resilience, or Business Continuity
  • Related certifications (CIA, CISA, CISSP, CRISC, or similar) is PREFERRED
  • Effective verbal, written and negotiation skills
  • Effective project management skills
  • Effective leadership skills
  • Effective influencing and relationship management skills
  • Demonstrated ability to remain unbiased and independent in a diverse and challenging work environment
  • Bachelor's/University degree, Master's degree preferred

Nice to have:

  • Related certifications (CIA, CISA, CISSP, CRISC, or similar)
  • Effective influencing and relationship management skills
What we offer:
  • Extensive on-the-job training and exposure to senior leaders
  • Programs and services for physical and mental well-being including access to telehealth options, health advocates, confidential counseling
  • Expanded Paid Parental Leave Policy
  • Access to an array of learning and development resources
  • Generous paid time off packages
  • Resources and tools to volunteer in the communities

Additional Information:

Job Posted:
March 22, 2025

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Citi - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon
PREMIUM
More languages and countries
+ Unlock 31694 hidden job offers
Languages
English Čeština Deutsch Ελληνικά Español Français +15
Countries
United States United Kingdom India Canada Australia +
See plans
Plans from $2.99 / month

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Senior Auditor - Resilience (Technology)

Chief Auditor Technology & Business Enablement International and Wealth International Technology

The Managing Director, Chief Auditor Technology & Business Enablement Internatio...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 15 years of diversified management experience in audit or a related role with a focus on cyber, technology resilience and data
  • Demonstrable technology experience, including that related to the design and operation of risk and controls frameworks
  • Demonstrable product knowledge of Markets, Services, Payments Infrastructures, Corporate and Consumer Banking and Wealth Management, including the provision of technology services within these areas
  • International experience is preferred within highly respected, diversified and complex institutions
  • Proven experience working with regulators and managing regulatory audits or inspections
  • Bachelor’s degree/University degree in computer science, data science, finance, accounting, science or a related field, or equivalent experience
  • Master’s degree preferred
  • Related certifications such as Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA), Certified in Risk and Information Systems (CRISC) or similar
  • Technical Skills: A strong level of technical knowledge related to cyber security, resilience, current and emerging technologies and systems development best practices
  • Strong knowledge of IT governance and control frameworks (e.g. COBIT, NIST, SANS)
Job Responsibility
Job Responsibility
  • Assurance Risk Assessment, Strategy & Coverage: Timely development, risk assessment, and periodic refresh of the audit plan
  • Responsible for the coordination and delivery of high-quality, value-add multiple concurrent risk-based audits
  • Engagement with senior stakeholders upon receipt of supervisory letters/other regulatory communications
  • Timely delivery of high-quality and comprehensive regulatory and internal audit issue validation
  • Support and endorse the IA Quality Assurance (QA) team
  • Ensure that IA activity is sufficient and relevant to delivering timely assurance
  • Appropriately assess risk when business decisions are made
  • In collaboration with the IA International team, ensure that country-specific technology, cyber and resilience regulatory requirements are understood
  • In collaboration with the Chief Auditor for US Wealth, USCC & Functions, support the integrated risk assessment, audit plan creation and opinion for the Global Wealth business
  • Working in close collaboration with the QA team, lead the processes across Technology & Business Enablement to assess the quality outcomes of assurance work
  • Fulltime
Read More
Arrow Right

Chief Auditor Technology & Business Enablement International and Wealth International Technology

The Managing Director, Chief Auditor Technology & Business Enablement Internatio...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 15 years of diversified management experience in audit or a related role with a focus on cyber, technology resilience and data
  • Demonstrable technology experience, including that related to the design and operation of risk and controls frameworks
  • Demonstrable product knowledge of Markets, Services, Payments Infrastructures, Corporate and Consumer Banking and Wealth Management, including the provision of technology services within these areas
  • International experience is preferred within highly respected, diversified and complex institutions
  • Proven experience working with regulators and managing regulatory audits or inspections
  • A strong level of technical knowledge related to cyber security, resilience, current and emerging technologies and systems development best practices
  • Strong knowledge of IT governance and control frameworks (e.g. COBIT, NIST, SANS)
  • Good understanding of AI and machine learning concepts, algorithms and techniques
  • Familiarity with data governance principles, data quality management and data privacy practices
  • Strong understanding of internal audit standards (e.g. IIA Standards) and risk management frameworks (e.g. COSO)
Job Responsibility
Job Responsibility
  • Timely development, risk assessment, and periodic refresh of the audit plan for the scope of the role’s area of responsibilities
  • Coordination and delivery of high-quality, value-add multiple concurrent risk-based audits
  • Engagement with senior stakeholders upon receipt of supervisory letters/other regulatory communications
  • Timely delivery of high-quality and comprehensive regulatory and internal audit issue validation
  • Support and endorse the IA Quality Assurance (QA) team to address and resolve issues found by QA
  • Ensure that IA activity is sufficient and relevant to delivering timely assurance
  • Appropriately assess risk when business decisions are made
  • In collaboration with the IA International team, ensure that country-specific technology, cyber and resilience regulatory requirements are understood
  • In collaboration with the Chief Auditor for US Wealth, USCC & Functions, support the integrated risk assessment, audit plan creation and opinion for the Global Wealth business
  • Working in close collaboration with the QA team, lead the processes across Technology & Business Enablement to assess the quality outcomes of assurance work
  • Fulltime
Read More
Arrow Right

Head of Operational Resilience Management

The Head of Operational Resilience Management will be responsible for developing...
Location
Location
United States , NEW YORK
Salary
Salary:
200000.00 - 250000.00 USD / Year
credit-agricole.com Logo
Crédit Agricole
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor Degree / BSc Degree or equivalent
  • Minimum 10+ years of experience in information security or related field
  • At least 3 years of experience in a senior leadership role within the banking or financial services industry
  • Incident Management: Ability to analyze, prioritize, and manage security incidents effectively
  • Strategic Thinking: Ability to align cyber risk initiatives with business objectives
  • Communication and Documentation: Strong ensure thorough documentation and clear communications over security operations activities
  • Leadership and Team Management: Proven track record of building and leading high performing teams
  • Regulatory Compliance: Expertise in navigating banking regulations
  • Industry Thought Leadership: Recognized as a subject matter expert in the cybersecurity or risk management space
  • Technical Knowledge: Strong knowledge with information security technologies such as vulnerability scanning tools, and threat intelligence tools, etc.
Job Responsibility
Job Responsibility
  • Develop and implement a comprehensive operational and cyber resiliency strategy aligned with regulatory requirements and industry standards
  • Define resilience objectives, key risk indicators (KRIs), key performance indicators (KPIs), key control indicators (KCIs) and other relevant metrics to measure the effectiveness of resiliency programs
  • Collaborate with senior leadership to embed resilience principles into business and technology processes
  • Stay ahead of emerging risks, regulatory changes, and threat landscapes to refine and enhance resilience strategies
  • Oversee the development and execution of the bank’s incident management framework, ensuring rapid response and recovery from information security and technology incidents
  • Lead and design tabletop exercises and simulations to test cyber incident response and business recovery capabilities
  • Coordinate with internal and external stakeholders (e.g., regulators, law enforcement, third-party service providers) during cyber events
  • Ensure integration of cyber resilience into broader enterprise risk management and IT security functions
  • Develop and maintain enterprise-wide business continuity and disaster recovery plans, ensuring readiness to sustain critical business operations during disruptions
  • Conduct regular BC/DR testing, audits, and training sessions to validate effectiveness and improve preparedness
  • Fulltime
Read More
Arrow Right

Head of Resilience Management for APAC-ME

Summary The Head of Resilience management for APAC-ME will be responsible for de...
Location
Location
Singapore , Singapour
Salary
Salary:
Not provided
credit-agricole.com Logo
Crédit Agricole
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of experience in operational resilience, business continuity, or risk management within the financial sector
  • Proven leadership experience
  • Deep understanding of regulatory requirements in Asia DORA, with experience managing regulatory interactions
  • Bachelor’s or Master Degree in Computer Science, Information Technology, Business continuity or equivalent
  • Professional certification such as CBCM, CBCI, CBCP (preferred)
  • Expertise in incident response methodologies, business continuity planning and in cyber resilience frameworks
  • String knowledge of CIB activities in order to be able to talk with the Business Lines and understand their constraints
  • Strong knowledge of operational resilience risk management, threat intelligence, and IT disaster recovery strategies
Job Responsibility
Job Responsibility
  • Develop and implement a comprehensive operational resiliency strategy aligned with regulatory requirements and industry standards
  • Define resilience objectives, key risk indicators (KRIs), and performance metrics to measure the effectiveness of resiliency programs
  • Collaborate with senior leadership to embed resilience principles into business and technology processes
  • Stay ahead of emerging risks, regulatory changes, and threat landscapes to refine and enhance resilience strategies
  • Oversee the development and execution of the bank’s resilience framework, ensuring rapid response and recovery from incidents
  • Lead tabletop exercises and simulations to test cyber incident response and business recovery capabilities
  • Coordinate with internal stakeholders during crisis
  • Coordinate and maintain enterprise-wide business continuity and disaster recovery plans with the different stakeholders in the Entities, ensuring readiness to sustain critical business operations during disruptions
  • Coordinate and conduct with the different stakeholders in the Entities regular BC/DR testing, audits, and training sessions to validate effectiveness and improve preparedness
  • Work closely with technology teams to ensure recovery time objectives (RTOs) and recovery point objectives (RPOs) are met for critical systems
Read More
Arrow Right

Cybersecurity & Infrastructure Audit Lead

We are seeking a seasoned Cybersecurity & Infrastructure Audit Lead to drive end...
Location
Location
Singapore , Singapore
Salary
Salary:
168000.00 - 192000.00 SGD / Year
eamesconsulting.com Logo
Eames Consulting
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 12 years of experience in IT audit, cybersecurity, or technology risk within Big 4, consulting firms, or large enterprises
  • Proven track record in team management, including coaching, performance management, and resource planning
  • Strong knowledge of IT audit methodologies, risk and controls, and cybersecurity frameworks
  • Experience in auditing or working with infrastructure, cloud environments, and modern technology landscapes
  • Strong stakeholder management skills with experience engaging senior management and audit committees.
Job Responsibility
Job Responsibility
  • Lead and manage a team of IT auditors, ensuring high-quality delivery of audit and advisory engagements while developing team capabilities
  • Plan and execute risk-based audits across cybersecurity, IT infrastructure, cloud, DevSecOps, and emerging technologies
  • Provide advisory across the system development lifecycle (SDLC), including pre- and post-implementation reviews of controls and security frameworks
  • Engage senior stakeholders and committees, presenting audit findings, insights, and recommendations on technology risk and resilience.
What we offer
What we offer
  • Leadership role with high visibility to senior stakeholders
  • Opportunity to shape cybersecurity and infrastructure audit strategy
  • Exposure to emerging technologies including AI, cloud, and automation
  • Collaborative and forward-looking work environment.
  • Fulltime
Read More
Arrow Right
New

Operational Resilience and Business Continuity Manager

Shared responsibility for Beazley’s implementation of the Operational Resilience...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
socialvalueportal.com Logo
Social Value Portal Ltd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Degree level educated, or equivalent work experience
  • Appropriate professional qualifications or certifications such as: UK: Certification from the Business Continuity Institute (e.g. CBCI, MBCI or FBCI)
  • US: Certification from the Disaster Recovery Institute (e.g. CBCP, MBCP or CFCP)
  • UK: Institute of Risk Management Certificate or Diploma in Operational Risk or Operational Resilience
  • US: RIMS Certified Risk Management Professional
  • ISO 22301 Certified Business Continuity Professional, Lead Implementer, Lead Auditor
  • ITIL Foundation
  • Excellent written and oral communication and presentation skills
  • Experience in development and implementation of a robust business continuity program
  • Demonstrable track record of leading Business Continuity programmes large matrixed global organization
Job Responsibility
Job Responsibility
  • Work with the existing Operational Resilience & Business Continuity team to keep the Operational Resilience and Business Continuity strategy up to date, ensuring the appropriate practices and framework are implemented and reviewed on an ongoing basis
  • Monitor resilience of our Important Business Services (IBSs) and critical resources, including the development and monitoring of metrics across IBS and Critical resources
  • Contribute to the creation of the annual Operational Resilience Self-Assessment to ensure senior management teams have an accurate and accessible assessment of our resilience position which also meets regulatory requirements
  • Lead operational resilience testing strategy in agreed territories and develop a testing roadmap with the Operational Resilience team and relevant business areas to review and document the resilience and recovery options in the event of “severe but plausible disruption” scenarios
  • determining whether the test is passed or failed
  • Undertake reviews of Beazley’s key third-party suppliers, vendors and outsource providers to ensure that Operational Resilience controls are in place and requirements are being met
  • Work with the Procurement team to ensure the appropriate controls and measures are available to manage contracts and material outsource/supplier questionnaires
  • Work with Beazley change functions to ensure that operational resilience requirements are embedded in all projects, change programmes, processes and systems
  • Work with the CISO team to ensure that Operational Resilience requirements are aligned with and factored into Beazley’s Information Security Strategy
  • Establish and maintain effective relationships with key heads of departments and service owners and ensure all operational resilience matters are managed effectively
  • Fulltime
Read More
Arrow Right

Operational Resilience And Business Continuity Manager

Shared responsibility for Beazley's implementation of the Operational Resilience...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
socialvalueportal.com Logo
Social Value Portal Ltd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Degree level educated, or equivalent work experience
  • Appropriate professional qualifications or certifications such as: UK: Certification from the Business Continuity Institute (e.g. CBCI, MBCI or FBCI)
  • US: Certification from the Disaster Recovery Institute (e.g. CBCP, MBCP or CFCP)
  • UK: Institute of Risk Management Certificate or Diploma in Operational Risk or Operational Resilience
  • US: RIMS Certified Risk Management Professional
  • ISO 22301 Certified Business Continuity Professional, Lead Implementer, Lead Auditor
  • ITIL Foundation
  • Excellent written and oral communication and presentation skills
  • Experience in development and implementation of a robust business continuity program
  • Demonstrable track record of leading Business Continuity programmes large matrixed global organization
Job Responsibility
Job Responsibility
  • Work with the existing Operational Resilience & Business Continuity team to keep the Operational Resilience and Business Continuity strategy up to date, ensuring the appropriate practices and framework are implemented and reviewed on an ongoing basis
  • Monitor resilience of our Important Business Services (IBSs) and critical resources, including the development and monitoring of metrics across IBS and Critical resources
  • Contribute to the creation of the annual Operational Resilience Self-Assessment to ensure senior management teams have an accurate and accessible assessment of our resilience position which also meets regulatory requirements
  • Lead operational resilience testing strategy in agreed territories and develop a testing roadmap with the Operational Resilience team and relevant business areas to review and document the resilience and recovery options in the event of severe but plausible disruption scenarios
  • determining whether the test is passed or failed
  • Undertake reviews of Beazley's key third-party suppliers, vendors and outsource providers to ensure that Operational Resilience controls are in place and requirements are being met
  • Work with the Procurement team to ensure the appropriate controls and measures are available to manage contracts and material outsource/supplier questionnaires
  • Work with Beazley change functions to ensure that operational resilience requirements are embedded in all projects, change programmes, processes and systems
  • Work with the CISO team to ensure that Operational Resilience requirements are aligned with and factored into Beazley's Information Security Strategy
  • Establish and maintain effective relationships with key heads of departments and service owners and ensure all operational resilience matters are managed effectively
  • Fulltime
Read More
Arrow Right
New

Head of IT Risk Officer for APAC-ME

The Information Technology Risk Office (ITRO), within Risk Management and Contro...
Location
Location
Singapore , Singapour
Salary
Salary:
Not provided
credit-agricole.com Logo
Crédit Agricole
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s or Master Degree in Computer Science, Information Technology or equivalent
  • Professional certification such as CISA, CISSP, CISM (preferred)
  • 10+ years of experience in operational resilience, business continuity, or risk management within the financial sector
  • Proven leadership experience
  • Deep understanding of regulatory requirements in APAC-ME Region, with experience managing regulatory interactions
  • Strong executive presence with the ability to engage and influence C-suite leaders and board members
  • Proven ability to lead cross-functional teams and drive enterprise-wide resilience initiatives
  • Excellent verbal and written communication skills, with experience presenting to regulators, auditors, and senior stakeholders
  • Ability to thrive in a high-pressure environment, managing crises and business disruptions with a structured and strategic approach
  • Expected to work with stakeholders from different time zone (Asia, NY, London, Paris)
Job Responsibility
Job Responsibility
  • Contribute to Group and Regional ICT risk management by monitoring and reporting ICT risk levels across local and regional information systems and processes
  • Prepare ICT risk reporting for management and governance bodies
  • Provide a local vision for ICT risk deliverables, reflecting regional IT environments and operational realities
  • Support alignment of ICT risks with business strategy and risk appetite
  • Perform and coordinate annual ICT risk assessments and IT Risk Self‑Assessments (IT Radar)
  • Ensure full coverage of all nine ICT risk domains
  • Monitor emerging ICT risks related to technology evolution, operational changes, suppliers, or incidents
  • Identify early indications of material risks or potential risk appetite breaches
  • Perform regulatory watch on ICT‑related regulations and supervisory expectations (e.g. MAS TRM, HKMA)
  • Analyse regulatory requirements and identify gaps against existing ICT risk practices
  • Fulltime
Read More
Arrow Right