This list contains only the countries for which job offers have been published in the selected language (e.g., in the French version, only job offers written in French are displayed, and in the English version, only those in English).
The Technology and Cyber Compliance and Operational Risk Office (TCCORO) at Citi is the firm's reliable second set of eyes. Our mission is to drive comprehensive and consistent practices designed to identify, measure, monitor, report and manage operational and compliance risks while promoting the implementation of actions to address root causes which may lead to unintended operational losses or regulatory breaches. TCCORO provides the subject matter experts to challenge Enterprise, Infrastructure, Operations and Technology entities across the firm. We are the technology and cyber conscience of the bank. In line with the Operational Risk Management (ORM) and Independent Compliance Risk Management (ICRM) frameworks, we aim to ensure that the internal controls that are designed to mitigate technology and cyber risks are managed, mitigated, and aligned with our risk appetite. The TCCORO Central Assessment Support Team (CAST) Director reports to the Global Head of TCCORO and will provide leadership for this central utility responsible for executing standardized operational risk management and compliance assessment activities on behalf of TCCORO. This role is accountable for managing a team of analysts who bring together key aspects of the Operational Risk Management (ORM) framework and Compliance Risk Management (CRM) policy, including research and analysis of risk data, central compliance and risk assessment and testing, and Capability Maturity Assessments (CMA) against the first line in alignment with COBIT and CRI frameworks. This position actively supports all TCCORO in support of their oversight of CIO and Enterprise Tech organizations. A successful candidate will be a subject matter expert in technology and cyber risk in global financial services, with demonstrated expertise in operational risk management frameworks, compliance assessment methodologies, and capability maturity models. They should have a strong track record in technology and cyber risk management with excellent analytical skills, deployment of AI solutions and proven experience in building and leading centralized assessment utilities. The ideal candidate will be a strategic, proven leader with strong technical acumen, capable of influencing and challenging effectively while building and maintaining global teams.
Job Responsibility
Manages a staff of risk officers at various levels, with direct accountability for hiring and organizational structure
Has direct oversight for compensation, performance appraisals, staff development, training, etc
Provides input on performance and compensation recommendations for risk officers and utilities that provide risk related services on a matrix basis
Create a positive team environment, monitoring workloads, and supporting work-life quality of team members, and providing candid, meaningful feedback in a timely manner
Oversee the development, implementation, and execution of the TCCORO central assessment support team's operational risk management and compliance assessment programs in accordance with the ORM framework and ICRM policy requirements
Establish and execute the functional strategy for CAST, ensuring comprehensive coverage of technology and cyber compliance and operational risks and TCCORO coverage areas
Manage the planning, execution, and reporting of compliance monitoring and testing assessment activities, and Capability Maturity Assessments (CMA) utilizing AI solutions to simplify and optimize execution
Develop a robust engagement model with all TCCORO coverage teams including business segments, functions, and regional clusters
Oversee the performance of independent assessment activities (testing and ongoing monitoring) to assess the design and effectiveness of key controls designed to address technology and cyber compliance and operational risks
Requirements
15+ years of relevant experience in technology and cyber risk management, operational risk, compliance, audit, or related control functions within global financial services
Extensive experience in planning, executing, and reporting on compliance testing reviews, operational risk assessments, and regulatory issue validation activities
Senior level experience in a related role with experience in business, functional and people management, with proven abilities in executing concurrently on a portfolio of high-quality deliverables to stakeholders according to strict timetables
Proven experience in building and leading teams and functions, with demonstrated ability to scale operations and standardize methodologies
Subject matter expert in one or more industry standard risk management frameworks (including ISO27001, COBIT, TOGAF and CRI for example), and an in-depth understanding of risk mitigation strategies
Self-motivated and goal-oriented with the ability to seize the initiative, garner consensus and develop and implement an effective strategy
Demonstrates a high level of analytical rigor in formulating strategies, goals and measuring results
Sense of urgency in implementing programs and evaluating priorities
decisive, action-oriented and practical
Willingness to challenge and question the status quo, making recommendations for options and best solutions
Demonstrated strategic thinking skills
Organizationally astute, with influencing, collaboration and communication skills
Personal presence, intellect, energy and drive to succeed in a high-performance environment
Able to analyze and think through highly complex issues, but then appropriately execute and implement against a well thought through framework in a seamless manner
A global citizen who is comfortable in all geographies, regions and cultures
Strong leadership, relationship, communication, and presentation skills including the ability to adapt his/her style to suit the different needs of any audience