CrawlJobs Logo

Senior Information Security Officer

https://www.citi.com/ Logo

Citi

Location Icon

Location:
Turkey , Istanbul

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

Senior Information Security Officer (ISO Sr. Analyst - AVP) is an intermediate level position responsible for leading efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy.

Job Responsibility:

  • Address security issues identified in the various information security programs
  • Review and address issues identified within various Information Security (IS) programs and ensure all IS issues related to Internal Audit, and External Auditors are closed by their original target date
  • Improve the efficacy of governance processes by identifying risks, monitoring controls, and remediating issues
  • Establish cross-sector working relationships and complete weekly awareness discussions with local team to efficiently tackle security issues
  • Ensure risk exceptions are raised, registered and closed on a timely basis and communicate updates and changes to the global standards
  • Complete Risk Assessment process, including completing accurate inventory reporting, data classification, threat analysis, and action plans
  • Test and validate that the business complies with applicable IS requirements
  • develop and implement IS policies and procedures
  • Determine and validate appropriate level of controls are being implemented to safeguard sensitive data
  • Develop Corrective Action Plans for all Information Security-related gaps and approve all closures through reviewing evidence to ensure each closure meets Citi Requirements
  • Assume informal/formal mentorship role within teams and assist with the coaching and training of new team members
  • Has the ability to operate with a limited level of direct supervision
  • Can exercise independence of judgement and autonomy
  • Acts as SME to senior stakeholders and /or other team members
  • Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency

Requirements:

  • 5-8 years of relevant experience
  • Strong knowledge of local regulations (BRSA) and cybersecurity principles
  • Proficient in interpreting and applying policies, standards and procedures
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills
  • Proven analytical skills
  • Preferably holding IT/security certifications such as CISA, CISM, CISSP, CRISC, CEH or similar
  • Follows cybersecurity trends
  • Bachelor’s degree/University degree or equivalent experience

Additional Information:

Job Posted:
April 24, 2025

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Citi - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Senior Information Security Officer

Senior Information System Security Officer

We are seeking a highly skilled and mission-driven Senior Information Systems Se...
Location
Location
United States , Clarksburg
Salary
Salary:
Not provided
imts.us Logo
Innovative Management & Technology Services
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or a related field (or equivalent combination of education and experience)
  • 8+ years of progressive experience in information systems security, with at least 3 years in a senior-level or lead ISSO role supporting federal or state government agencies
  • Strong working knowledge of: NIST 800-53, RMF, FISMA, OWASP Top 10, and SANS Institute standards
  • SAFe Agile environments and integrating security in Agile workflows
  • Networking, Linux/Windows system administration, and secure software development practices
  • Cloud platforms (AWS, Azure, GCP) and related security tools (e.g., AWS Security Hub, Azure Defender)
  • Experience in managing security documentation, participating in audits, and working with compliance frameworks
  • Relevant certifications such as CISSP, CISM, Security+, CEH, or equivalent
  • Active Top Secret clearance is required
  • U.S. Citizenship is required
Job Responsibility
Job Responsibility
  • Lead the implementation and maintenance of system security controls in compliance with federal cybersecurity frameworks, including NIST SP 800-53, RMF, OWASP, DISA STIGs, and Common Criteria
  • Oversee the full lifecycle of Authorization to Operate (ATO) processes, including preparation of System Security Plans (SSPs), Security Assessment Reports (SARs), POA&Ms, and risk assessments
  • Serve as a senior security advisor and liaison to system owners, developers, DevOps engineers, and government stakeholders
  • Participate in technical reviews of system architecture and ensure secure design of virtualized and software-defined infrastructures
  • Support integration of security controls into CI/CD pipelines using DevSecOps principles and tools (e.g., Jenkins, GitLab CI, SonarQube, Snyk)
  • Provide security engineering support for modern cloud environments, including AWS, Azure, or Google Cloud Platform, and assess cloud-native security capabilities
  • Conduct vulnerability assessments, interpret scan results from tools like Tenable, Nessus, Splunk, or Qualys, and lead remediation efforts
  • Mentor junior ISSOs and analysts on security policies, best practices, and tool usage
  • Ensure continuous monitoring activities are aligned with organizational risk tolerance and compliance goals
What we offer
What we offer
  • competitive compensation
  • excellent benefits including tuition reimbursement and employer-contributed 401K
  • referral bonuses
  • Fulltime
Read More
Arrow Right

Information Systems Security Officer

The Information Systems Security Officer (ISSO) is responsible for safeguarding ...
Location
Location
United States; Canada , Athens, Georgia; Atlanta, Georgia; Toronto, Ontario
Salary
Salary:
Not provided
docebo.com Logo
Docebo
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of experience in information systems security, with a focus on compliance with NIST and DoD guidelines
  • In-depth knowledge of FedRAMP, NIST SP 800-37, NIST SP 800-53, and DoD 8510.01 policies and procedures
  • Strong technical writing skills for developing SOPs, work instructions, and senior-level briefs
  • Proficient in risk and vulnerability assessment, security infrastructure design, and continuous monitoring
  • Prior experience on obtaining FedRamp ATO
Job Responsibility
Job Responsibility
  • Own the FedRAMP/DoD RMF authorization lifecycle for assigned systems (strategy → authorization → continuous monitoring → ATO maintenance)
  • Define and maintain the FedRAMP program governance model, roles & responsibilities (including Sponsor/Authorizing Official interactions)
  • Create, own, maintain, and version-control the System Security Plan (SSP), Security Assessment Report (SAR), continuous monitoring (ConMon) artifacts, POA&Ms, SSP annexes, and all ATO package deliverables
  • Build and run the ConMon program: define telemetry requirements, dashboards, vulnerability ingestion, thresholds, incident feed, and reporting cadence
  • Triage vulnerabilities, manage POA&Ms (track remediation owners, dates, residual risk), and ensure POA&M closure meets customer and FedRAMP expectations
  • Lead the selection, engagement, and technical coordination with 3PAOs and any external assessors. Ensure assessments, testing, and SAR content are accurate and timely
  • Evaluate security impact for architectural or operational changes (Security Impact Analysis), own risk acceptance processes, and coordinate Risk Acceptance with Sponsors/Authorizing Officials
  • Integrate change control with the ConMon program to ensure authorized/approved changes are documented and do not break control baselines
  • Act as the primary internal liaison across Product, Engineering, DevOps, Security, Sales, Legal, and Marketing for anything impacting the FedRAMP posture and ATO timelines. Drive working groups and weekly syncs
  • Support pre-sales and customer conversations on FedRAMP posture and timelines alongside Sales
What we offer
What we offer
  • Generous Vacation Policy, plus extra floating holidays to use for religious or cultural events that matter to you
  • Employee Share Purchase Plan
  • Career progression/internal mobility opportunities
  • Four employee resource groups to get involved with (the Docebo Women's Alliance, PRIDE, BIDOC, and Green Ambassadors)
  • WeWork partnership and “Work from Anywhere” program
  • Fulltime
Read More
Arrow Right

Senior Information Security Officer

In a world of technology, people make the difference. We believe if we invest in...
Location
Location
United States , Reston
Salary
Salary:
Not provided
anavationllc.com Logo
AnaVation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Demonstrates strong experience with IC/DoD customer's Assessment and Authorization (A&A) process (e.g., RMF, NIST800-53, ICD503)
  • Experience in developing and implementing DoD/DIA approved information security controls, procedures and documentation for the operation of standalone classified systems
  • A Bachelor’s Degree from an accredited institute in an area applicable to this position and eight (8) years of relevant experience
  • An additional four (4) years of relevant experience may be substituted for the bachelor’s degree
  • Must presently be 8570 compliant (IAT Level 2 preferred)
  • Experience with one or more commercial government cloud service provider’s system accreditation processes
  • Experience with the Xacta
  • Experience as a Cybersecurity Control Assessor
  • Experience with Ongoing Authorizations and Assessments
  • Experience with C2S Cloud, or DevOpsSec
Job Responsibility
Job Responsibility
  • Provide subject matter expertise and consulting on security related matters for enterprise information system and network architectures, access problems, and implementation of security policies and procedures
  • Assist in overseeing and managing day-to-day operation of Information Systems
  • Optimize system operation and resource utilization and performs system capacity planning/analysis while maintaining the security posture
  • Assist team in DIA’s Authorization and Accreditation (A&A) process using RMF across the design lifecycle for classified systems obtaining and maintaining Interim Authority to Operate (ATO), ATO and Authority to Connect (ATC)
  • Create and process RMF authorization packages from submission to approval/disapproval
  • Develop and maintain IT security documents, including system security plans, risk assessments, Plan of Action and Milestones (POA&M), contingency plans, incident response plans, IT security policies and procedures
  • Provide recommendations regarding remediation and mitigation of identified vulnerabilities by developing plan of action and milestones (POA&Ms)
  • Advise developers on integrating security requirements
  • Demonstrate a strong understanding of Networks, Cloud, and IT system security authorization procedures
What we offer
What we offer
  • Generous cost sharing for medical insurance for the employee and dependents
  • 100% company paid dental insurance for employees and dependents
  • 100% company paid long-term and short term disability insurance
  • 100% company paid vision insurance for employees and dependents
  • 401k plan with generous match and 100% immediate vesting
  • Competitive Pay
  • Generous paid leave and holiday package
  • Tuition and training reimbursement
  • Life and AD&D Insurance
  • Fulltime
Read More
Arrow Right

Senior Information System Security Officer

Come join our growing team and make a difference every day! AnaVation is seeking...
Location
Location
United States , Washington
Salary
Salary:
Not provided
anavationllc.com Logo
AnaVation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, or a related field
  • Minimum of six (6) years of hands-on experience in cybersecurity and expert knowledge of Governance Risk and Compliance
  • At least three (3) years supporting and maintaining system authorizations for complex systems
  • Demonstrated expertise in the Risk Management Framework (RMF), NIST SP 800-53 Rev 5, and related federal cybersecurity policies
  • Extensive experience managing ATO/ATT processes, security control assessments, POA&M lifecycle, vulnerability management, and audit response
  • Strong leadership experience mentoring junior and mid-level ISSOs and interfacing with senior government leadership
  • Must possess at least two of the following active certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Governance, Risk and Compliance (CGRC), Certified in Risk and Information Systems Control (CRISC), Information Systems Security Management Professional (ISSMP), Certified Information Systems Auditor (CISA), Certified Cloud Security Professional (CCSP), Certified Ethical Hacker (CEH), CompTIA Security+, Project Management Professional (PMP)
  • Proficiency in tools such as JCAM, Tenable Nessus, BigFix and Splunk
  • Ability to develop, review, and present high-level security documentation and briefings
  • Strong understanding of cloud platforms (IaaS, PaaS, SaaS), supply chain risk management, and incident response procedures
Job Responsibility
Job Responsibility
  • Support the maintenance of security documentation and support system ATO and ATT efforts
  • Conduct security control assessments and provide recommendations for remediation
  • Perform biweekly audit log and vulnerability scan reviews and track POA&M items
  • Collaborate with system owners and technical teams to manage risk and respond to incident
  • Support Ongoing Authorization (OA) and continuous monitoring activities
  • Prepare and brief senior leadership on system security posture and compliance metric
  • Ensure alignment with cybersecurity policies and NIST SP 800-53, 800-37, and 800-137
What we offer
What we offer
  • Generous cost sharing for medical insurance for the employee and dependents
  • 100% company paid dental insurance for employees and dependents
  • 100% company paid long-term and short term disability insurance
  • 100% company paid vision insurance for employees and dependents
  • 401k plan with generous match and 100% immediate vesting
  • Competitive Pay
  • Generous paid leave and holiday package
  • Tuition and training reimbursement
  • Life and AD&D Insurance
  • Fulltime
Read More
Arrow Right

Senior Information Security & OT Officer

Senior Information Security & OT Officer role at METLEN Energy & Metals, focusin...
Location
Location
Greece , Athens
Salary
Salary:
Not provided
https://www.metlengroup.com Logo
Metlen Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information science, Information systems or a related scientific field
  • Master’s degree will be considered an asset
  • +5 years of experience in Information Security or Cybersecurity roles
  • Strong technical background in cybersecurity and OT security
  • Proven experience in managing information security in OT environments is a strong plus
  • Solid understanding of ISO 27001, ISA/IEC 62443, and NIS2 directives
  • Strong knowledge of risk management methodologies and compliance frameworks
  • Excellent collaboration and communication skills for multi-site and cross-border coordination
Job Responsibility
Job Responsibility
  • Respond to audit requirements for all international sites including factories, energy plants, and solar fields
  • Participate in cyber incident response processes related to international and local industrial installations
  • Guide technical leaders and support information security compliance in Greek and international operations
  • Propose cybersecurity architectures and solutions to safeguard operational technology (OT) infrastructure
  • Participate in management committees to inform senior leadership on cyber risks and compliance issues
  • Work closely with international IT business partners on cybersecurity topics across the global footprint
What we offer
What we offer
  • Competitive remuneration package
  • Ticket Restaurant Card
  • Group Health Insurance Plan
  • Preferential household electricity plan
  • Pension Plan
  • Fulltime
Read More
Arrow Right

Information Security Administration Service Delivery Senior Analyst

The Identity and Access Management (IAM) Information Security Administration (IS...
Location
Location
Hungary , Budapest
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years’ experience in an Information Security Administration environment (ISA provisioning, compliance reviews, incident/change management handling security engineering or related IS field) is desirable
  • Bachelor's degree or higher desired or the candidate should have proven equivalent work experience
  • Technical experience in security administration supporting a large user environment
  • Solid understanding of industry standard security practices desirable
  • knowledge of programming languages preferred
  • Spanish language (both verbal and written) is required
  • Good command of English language (both verbal and written)
  • Advanced proficiency with Microsoft Office tools and software
  • SSCP/CISSP/ITIL/PMP/Citi Lean certificate is an advantage
  • Be able to work independently and without any influence from manager
Job Responsibility
Job Responsibility
  • Provide customer service support and collaborate with other groups within the business and throughout Citi
  • Initiate process changes and improvements based on Lean methodology
  • Aid in guiding complex projects, utilizing pertinent tools and methodologies
  • Coach others, identifying development needs and resources to reach stretch capabilities
  • Able to handle simple thru complex, multi-tiered escalations, problems by utilizing key information security administration practices, policies and providing excellent customer service
  • Lead to resolve severity escalations and responsible for the team to identify root cause and create corrective action plan(s) as necessary
  • Create, track and complete Specific, Measurable, Achievable, Relevant, and Time-Bound (SMART) goals for projects and initiatives
  • Utilize complex Microsoft Office tools to create links between workflows with different formats
  • Advocate for change initiatives, and overcome resistance through an in-depth understanding of complex change theory
  • Communicate the need for change, involve stakeholders in the change process and apply change theory to complete successful adoption
What we offer
What we offer
  • Cafeteria Program
  • Home Office Allowance (for colleagues working in hybrid work models)
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms at our offices
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
  • Flexible work arrangements to support you in managing work - life balance
  • Career progression opportunities across geographies and business lines
  • Fulltime
Read More
Arrow Right

Chief Information Security Officer

The Chief Information Security Officer (CISO) is responsible for establishing an...
Location
Location
Romania , Bucharest
Salary
Salary:
Not provided
https://www.inetum.com Logo
Inetum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 10 years of experience in a combination of risk management, information security, and IT or operational development functions (at least five years in a senior management leadership role)
  • Proven experience in a senior information security role
  • Strong understanding of cybersecurity frameworks and best practices
  • Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels, ranging from board members to technical specialists
  • Ability to lead and motivate the information security team to achieve tactical and strategic goals, even when only 'dotted line' reporting lines exist
  • Ability to set up and develop a network
  • Relevant certifications (e.g., CISSP, CISM) are a plus
  • Proficient in English
Job Responsibility
Job Responsibility
  • Establish and maintain the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected
  • Lead the development and implementation of a comprehensive cybersecurity program, manage IT risk, and ensure compliance with regulatory requirements
  • Foster a collaborative environment and ensure effective communication across teams
  • Provide strong leadership and manage multiple missions simultaneously
  • Involve in strategic planning and make informed decisions to support the organization's goals
  • Define and promote the entity's cybersecurity governance, including cyber fraud, according to the group framework
  • Emphasize IT risk management and ensure the security of IT production
  • Work closely with the other teams to conduct entity-wide cybersecurity projects and provide expertise
  • Assist and manage cyber crises to minimize impact on the organization
  • Report on the entity's cybersecurity and IT risks to senior management and stakeholders
What we offer
What we offer
  • Full access to foreign language learning platform
  • Personalized access to tech learning platforms
  • Tailored workshops and trainings to sustain your growth
  • Medical subscription
  • Meal tickets
  • Monthly budget to allocate on flexible benefit platform
  • Access to 7 Card services
  • Wellbeing activities and gatherings
  • Fulltime
Read More
Arrow Right

Mid-Level Information System Security Officer

Come join our growing team and make a difference every day! AnaVation is seeking...
Location
Location
United States , Washington, DC
Salary
Salary:
Not provided
anavationllc.com Logo
AnaVation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, or a related field
  • Minimum of four (4) years of hands-on experience in cybersecurity
  • Knowledge of Governance Risk and Compliance with at least one (1) year maintaining an Authorization to Operate (ATO) for a moderate or high-impact federal information system
  • Strong working knowledge with Federal policies, program standards, and NIST Special Publications guidelines
  • Experience drafting, reviewing, and maintaining system security documentation
  • Proficient in using various security tools
  • Strong communication, written, and presentation skills
  • Provide support and mentorship for Tier I ISSOs
  • Familiarity with vulnerability scanning tools and interpreting results
  • Must possess at least one of the following certifications: CISSP, CISM, CGRC, CRISC, ISSMP, CISA, CCSP, CEH, CompTIA Security+, PMP
Job Responsibility
Job Responsibility
  • Support the maintenance of security documentation and support system ATO and ATT efforts
  • Conduct security control assessments and provide recommendations for remediation
  • Perform biweekly audit log and vulnerability scan reviews and track POA&M items
  • Collaborate with system owners and technical teams to manage risk and respond to incident
  • Support Ongoing Authorization (OA) and continuous monitoring activities
  • Prepare and brief senior leadership on system security posture and compliance metric
  • Ensure alignment with DOJ cybersecurity policies and NIST SP 800-53, 800-37, and 800-137
What we offer
What we offer
  • Generous cost sharing for medical insurance for the employee and dependents
  • 100% company paid dental insurance for employees and dependents
  • 100% company paid long-term and short term disability insurance
  • 100% company paid vision insurance for employees and dependents
  • 401k plan with generous match and 100% immediate vesting
  • Competitive Pay
  • Generous paid leave and holiday package
  • Tuition and training reimbursement
  • Life and AD&D Insurance
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Poland Jobs Germany Jobs Ireland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy