Citigroup Hiring for Assistant Vice President – EMEA Operations & Technology Risk & Control at Mumbai, India Full Time

The Business Risk and Control Manager is required to manage, implement and maintain a cohesive, effective, efficient, coordinated, and consolidated controls governance model in support of Institutional Client Groups (ICG) Technology. Working closely with a dynamic business in a large and diverse environment, you will be:

Responsibilities:

• Responsible for establishing strong working relationships with Application Development and Support teams, Information Security, Continuity of Business, as well as other Business/Operations/Infrastructure Risk Management teams.

• Coordinate Business As Usual (BAU) activities, overseeing Risk and Control activities. Provide assistance to application owners/management team to ensure Risk and Control issues and initiatives are addressed timely.

• Coordinate technology components of Internal and External audits, Compliance Assurance functions from time to time. Assist development teams in responding to audit and compliance review requests, perform review of results for completeness and accuracy as needed.

• Participates in the application of operational risk policies, technology and tools, and governance processes to create lasting solutions for minimizing losses from failed internal processes, inadequate controls, and emerging risks.

• Coordinates end to end MCA (Managers Control Assessment) process through the interaction of multiple levels of management as well as global risk and control teams. Facilitates the effective management of technology risk. Works with Technology managers to define and create Controls for their area. Monitors risk mitigation and oversight processes. Keeps Senior Technology Leaders aware of control activities.

• Evaluates the control environment by ensuring appropriate controls are in place. Identify control deficiencies through technology self-assessment testing, risk and control initiatives, and BAU meetings/discussions. Monitor progress of corrective action plans.

• Coordinates work with SMEs of various Technology related processes to create documents for Senior Technology Managers focused on audit and regulatory readiness perspective. Oversight on the communication flow in one to one meetings and email messages to ensure senior managers receive awareness and initiate corrective actions.

• Coordinates Issue and CAP (Corrective Action Plan) management process, identifying root causes, impacts to business, and corrective actions.

• Work with the Risk and Control teams to analyze the latest program and project scorecards, preparing executive summary reports for IT management and providing the updates on the technology risk appetite across the basket of applications covered as part of various partner forums and meetings.

• Facilitate compliance with Citi policies, standards, and regulations specific to information technology requirements.

• Perform and report on trend analysis, determine opportunities for process improvements and perform thematic reviews or deep dive reviews as required.

• Analyzes emerging technology exceptions and supports Technology Managers on solution designs to mitigate business exposure by leveraging expert analytical and technical skills.

• Be the manager’s backup of Technology Forums and escalate major technology control exceptions to senior management.

• Develops open communication and collaborative interaction with Technology areas and multiple groups with influence in the development process.

• Possesses extensive experience in the application and integration of globally accepted technology standards and technology control solutions to identify opportunities for process improvement. Coordinates alignment of processes across regions, where possible.

• Schedules, hosts, and drives meetings with multiple levels of management, requiring strong communication, influence skills, and diplomacy.

• May coach/motivate staff; manages performance; makes compensation decisions; ensures staff career development. Address training and development needs for assigned personnel.

Qualifications:

• 5-8 years of experience in Audit, Information Security or Risk Management.

• Awareness and execution of the Risk and Control Self-Assessment (RCSA), Managers Control Assessment (MCA), or other technology self-assessment processes is an advantage.

• Knowledge of service management (ITIL) with previous working experience in process improvements is an advantage.

• Experience and knowledge in industry recognized frameworks like COSO-IF, COBIT etc for addressing control requirements within an organization

• Experience in the application and integration of globally accepted Technology Controls standards.

• Previous experience performing Internal and/or External Audit coordination is an advantage.

• Previous experience in Production Support and Application Development roles is an advantage.

• Industry certifications, such as CISA, CISSP, CRISC and PMP would be an advantage.

Skills :

• Good interpersonal, written, and verbal communication skills

• Good organizational skills, ability to work under pressure and prioritize within tight deadlines while maintaining total accuracy.

• Ability to influence others and quickly earn the confidence of others.

• High level of attention to detail.

• Self-starter and able to work in a diverse, global environment.

• Ability to analyze large amounts of data, decipher items relevant to the development unit covered, and determine corresponding risk.

• Ability to work as part of a team and also independently under own supervision.

• Possess the ability to develop and maintain good working relationships with various levels of management.

• Ability to coordinate/manage initiatives from end-to-end with minor supervision.

• Strong knowledge of Microsoft Office with Excel, Outlook, and PowerPoint skills.

• Strong affinity to manage Control practices demonstrating a pragmatic risk-based approach.

Competencies :

• Formulates and defines systems scope and objectives for complex projects through research and fact-finding combined with an understanding of applicable business systems and industry standards.

• Consults with users and clients to solve issues/problems through in-depth evaluation of business processes, systems, and industry standards; recommends solutions on a pro-active front.

• Considers the business implications of the application of technology to the current business environment; identifies and communicates risks and impacts.

• Provides evaluative discernment based on analysis of factual information in complicated and unique situations.

Education:

• Bachelor’s/University degree or equivalent experience, Master’s degree preferred.

Job Family Group:

Risk Management

Job Family:

Business Risk & Control

Time Type:

Full time

Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries (“Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi (https://www.citigroup.com/citi/accessibility/application-accessibility.htm) .

View the “EEO is the Law (https://www.dol.gov/sites/dolgov/files/ofccp/regs/compliance/posters/pdf/eeopost.pdf) ” poster. View the EEO is the Law Supplement (https://www.dol.gov/sites/dolgov/files/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf) .

View the EEO Policy Statement (http://citi.com/citi/diversity/assets/pdf/eeo_aa_policy.pdf) .

View the Pay Transparency Posting (https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf)

Citi is an equal opportunity and affirmative action employer.

Minority/Female/Veteran/Individuals with Disabilities/Sexual Orientation/Gender Identity.