ISO Lead Analyst

• Support the implementation of the IS Training Plan, by verifying training participants completed the training and understand IS requirements
• Coordinate with cross-functional Operations and Technology (O&T) counterparts and teams to improve O&T risk oversight
• Provide recommendations on IS aspects of projects and assess/report Corrective Action Plans to improve IS programs and initiatives
• Escalate significant risks to the Regional/Sector IS Leadership for information or required actions
• Attend and participate in internal/external IS forums and risk committees when necessary
• Improve processes, by removing deficiencies and enhancing current tools that reduce an overall risk profile
• Ensure security practices/standards compliance and reduce security risks through enhancing controls and minimizing weaknesses in Citi’s applications portfolio
• Ensure audits are passed with a satisfactory audit rating for all IS topics
• Ensure non-compliant items are resolved through coordination with Business Manager and business staff
• Support the Global Information Security (GIS) policies, standards, and initiatives development and implementation
• Increase communication efficiency with cross-sector ISOs to resolve security issues that span multiple businesses
• Has the ability to operate with a limited level of direct supervision
• Can exercise independence of judgement and autonomy
• Acts as SME to senior stakeholders and /or other team members
• Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.

• 6-10 years of relevant experience
• Proficient in interpreting and applying policies, standards and procedures
• Consistently demonstrates clear and concise written and verbal communication
• Proven influencing and relationship management skills
• Proven analytical skills
• Bachelor degree in IT, Computing, Cybersecurity, Computer Science or equivalent
• Professional certification in Information Security and/or Cybersecurity (e.g. ISO27001, CISSP, CISM, CISA, etc) desirable
• Fluent English skills (conversational and in writing), C1 or higher
• Technical knowledge and advanced proficiency in: Clould Environments, Operating Systems, Middleware, Web platforms, Databases, Programming Languages, APIs, Network, Hosting, etc
• Data analytics experience,supported by commercial software
• Strong presentation skills
• Experience on IT Security, Risk Management, Third Party Risk Management and Internal Control
• Knowledge of regulations and standards applicable in Financial sector in Mexico (e.g. BANXICO, CNBV, etc).

• Professional certification in Information Security and/or Cybersecurity (e.g. ISO27001, CISSP, CISM, CISA, etc) desirable
• Knowledge of regulations and standards applicable in Financial sector in Mexico (e.g. BANXICO, CNBV, etc).

Hybrid role requiring office presence at least 3 days per week.