Head of Information Security Engineering & Operations

About Our Team:
The Chief Information Security Office (CISO) is home to deeply talented colleagues that work to ensure the safety of Citi's clients', our revenue, our employees and our proprietary data. We manage information security as one end-to end program – one with a clear mandate and accountability. Our mission is a program that is fully anchored to modern control and architectural frameworks, is fully aligned with the enterprise architecture of the firm and is deeply integrated into the sectors and functions.

Functions and Technology is an important enabler of Citi's strategy, supporting the needs of Finance, Risk, HR, Chief Data Office, Chief Operating Office technology, Global Legal Affairs, and Compliance, Internal Audit, Chief Technology Office, Technology Infrastructure, Cyber Security Services, etc. Its mission is to deliver world-class technology solutions for Citi's Global Functions using common data, analytics, and platforms.

Citi's Technology Infrastructure (CTI) services cover 14 functions from End user services, Compute/Network/Storage/Data, Generative AI platforms, Public/Private Cloud, Data Center hosting, Mainframe and Host systems to production operations. CTI is responsible for establishing and executing Citi’s core technology strategy, supporting all of Citi’s businesses across Markets, Services, Banking, Wealth, US Personal Banking, Risk, Finance, and Functions. The CISO organization is responsible for administering information security program for Citi and offers cyber security products and services to Citi and its clients.The Head of Information Security Engineering & Operations for Foundational Services is a senior management position responsible for partnering with the Business, Functions and Technology (BFT) CISO teams to protect the bank, securely enable the business and manage cybersecurity risk. This role reports to Global head of Cyber Security for Global Functions and Technology. 

The Opportunity:

Are you a strategic and influential leader with a passion for information security and a proven track record in managing cyber risk within a complex, global organization. Business Functions Technology CISO is seeking a highly motivated and experienced Sr Information Security (ISO) group managerto join our First Line of Defense and lead information security operations for Foundational Services business unit. Foundational Services provides exceptional IT solutions and support across several domains with a focus on making the firm’s technical platform simpler and more secure. The organization is responsible for delivering reliable IT solutions and scalable infrastructure services (e.g. Public and Private Cloud, Digital workspace, Cyber security products) , while protecting Citi and its clients by managing cybersecurity risk within the company’s defined risk appetite and ensuring that an appropriate level of cybersecurity governance, capabilities, and controls are in place. This role reports directly to global head Cyber Security for Functions and Technology.In this critical role, you will be responsible for developing and executing the cyber risk strategy for our global functions and technology business units, ensuring alignment with the company's overall risk appetite. You will lead a team of information security officers, collaborate with diverse stakeholders across the organization, and play a key role in protecting our critical assets from evolving cyber threats. This is an exceptional opportunity to shape the cyber risk landscape of a leading financial institution and contribute to our continued success.

Job Overview:

Key responsibilities include

• Manage and validate deliverables of all Information Security (IS) programs, ensuring closure per agreed timelines and goals
• Manage a large/complex team or multiple teams, overseeing resources, budget, operations, and short to medium term planning
• Promote security culture in business and technology partners enabling secure product delivery for clients.
• Partner with peers in BFT CISO, and Global Information Security Program Managers to improve programs, and processes
• Ensure risks are identified, assessed, mitigated and controlled, and assist Security Incident Response Teams as the Business IS Consultant
• Ensure that decisions are inconsideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations.
• Actively mitigates delivery risks and resolve critical issues.
• Contribute to, and help deliver, the CISO and Business Functions & Technology (BFT) cyber strategies, and securely enable business and technology activities and programs
• Keep oneself appraised of emerging technology and changing threat landscape. Advise business and technology stakeholders on the appropriate course of action, promoting security as an enabler for business innovation and digitization.
• Act as primary interface with senior leadership in business, technology, CISO and other partners to effectively manage security objectives for large complex initiatives/programs
• Build internal and external networks to ensure alignment with industry best practices, and to maintain current knowledge regarding cybersecurity threats and risks.

Qualifications include:

• 15+ years of progressive experience in information security or cybersecurity within financial services or other highly regulated environments.
• Demonstrated success in building, leading, and scaling global cybersecurity teams that align with financial institution priorities
• Good understanding of modern cybersecurity frameworks (e.g., CRI, NIST, ISO), with practical application to banking operations, architecture, and controls.
• Strong track record of successful transformation of security operations and/or services
• Sound technical expertise and hands on experience in technology and security in one or more areas such as Public/Private Cloud security (AWS, Azure, Google, Oracle, IBM), Data Services, Cyber Security Products, AI/ML, Web/Mobile Applications
• Experience in leading a team of information security officers/architectsand proven track record delivering robust security solutions for both clients and internal workforce
• Strong leadership, strategic thinking, and large-scale planning abilities.
• Strong interpersonal and communication skills with the ability to simplify complex information security topics and influence at all levels of the organization
• Excellent problems solving abilities and analytical skills
• Ability to organize, prioritize, and lead multiple deliverables simultaneously across a large highly matrixed, global corporate environment.
• Ability to understand not only emerging industry trends as far as cyber security is concerned, but also the landscape of emerging threats, making appropriate adjustments within the operations.

Education:

• University degree (Master’s degree preferred) or equivalent experience in IT
• Professional certifications, such as CISSP/CISM/CISA/CSSLP, or relevant security certifications from AWS/Google/Azure/SANS

------------------------------------------------------

Job Family Group:

------------------------------------------------------

Job Family:

------------------------------------------------------

Time Type:

------------------------------------------------------

Primary Location:

------------------------------------------------------

Primary Location Full Time Salary Range:

In addition to salary, Citi’s offerings may also include, for eligible employees, discretionary and formulaic incentive and retention awards. Citi offers competitive employee benefits, including: medical, dental & vision coverage; 401(k); life, accident, and disability insurance; and wellness programs. Citi also offers paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays. For additional information regarding Citi employee benefits, please visit citibenefits.com. Available offerings may vary by jurisdiction, job level, and date of hire.

------------------------------------------------------

Most Relevant Skills

------------------------------------------------------

Other Relevant Skills

------------------------------------------------------

Anticipated Posting Close Date:

------------------------------------------------------

Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law.

If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View Citi’s EEO Policy Statement and the Know Your Rights poster.