Brief Description of the Organization
Citi, the leading global financial services company, has some 200 million customer accounts and does business in more than 100 countries, providing consumers, corporations, governments and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, and wealth management. Additional information may be found at www.citigroup.com or www.citi.com.
IT Risk Management Analyst - SDLC
Organization & Background
Operations & Technology Risk Management’s (OTRM) primary functions are to support the identification, assessment, and management/mitigation of risk across O&T related to franchise, reputational, and operational risk. The Information Technology Risk Management function in OTRM is responsible for the implementation of a comprehensive IT Risk Management Framework.
We are seeking an experienced and accomplished Technology Risk Analyst, who will proactively influence Technology Risk Management practices. This candidate will analyze various sources of risks for technology domains. This individual should have a skills required include a broad knowledge of technology processes, prior experience analyzing a wide range of technology risks, proven ability to develop and foster relationships and excellent verbal and written communication.
Roles & Responsibilities:
•Synthesize data from risk events, errors, audits and regulatory reviews, KRIs and conceptualizes and proactively communicate key themes, trends and emerging issues to Senior Management.
•Analyze and categorize IT risks identified across all sources / processes
•Review and report risks/ communication with internal business / functional areas
•Assist in the design and implementation of a risk management framework as per Industry best practice.
•Provide input into Operational Risk processes and Regulatory Compliance processes.
Desired Candidate Profile:
•Prior involvement in key incidents/errors and the ability to synthesize data, conceptualize and get to the root cause of processes that created the risk.
•Proven ability to proactively recognize emerging issues and influence risk managers to recognize the risk.
•Strong understanding of technology and development life cycle processes (SDLC, technology operations, business continuity, etc)
•Extensive knowledge of Waterfall and Agile system development life cycle concepts with an ability to quickly learn a complex, distributed computing environment.
•Working knowledge of COBIT and ISO27001
•Preferred industry experience in IT Risk Management / Operational Risk
•Ability to analyse complex data from various sources, identify risks and provide solutions
•5+ years experience in IT Risk Management
•5+ years experience with SDLC
•Strong oral, written communication and negotiation skills
•Significant attention to detail
•Strong Office capabilities (expert in Excel & Powerpoint)
•Strong organizational skills
•Strong analytical skills
•Ability to execute work projects both locally and remotely
•Self- starter with ability to self- direct as needed and escalate as appropriate