Third Party Information Security Assessor
hace 1 semana
As a bank with a brain and a soul, Citi creates economic value that is systemically responsible and in our clients' best interests.
As a financial institution that touches every region of the world and every sector that shapes your daily life, our Enterprise Operations & Technology teams are charged with a mission that rivals any large tech company.
Our technology solutions are the foundations of everything we do.
We keep the bank safe and provide the technical tools our workers need to be successful.
We design our digital architecture and ensure our platforms provide a first-class customer experience.
Our operations teams manage risk, resources, and program management.
We focus on enterprise resiliency and business continuity.
We develop, coordinate, and execute strategic operational plans.
Essentially, Enterprise Operations & Technology re-engineers client and partner processes to deliver excellence through secure, reliable, and controlled services.
Trust is part of our DNA at Citi.
As such, we take safeguarding our customer data very seriously.
The Chief Information Security Office (CISO) is made up of deeply dedicated and talented colleagues who work together to ensure the safety of Citi's and our clients' assets and information.
We manage information security as an end-to-end program - one with a clear mandate and accountability.
Our mission is to continually execute and enhance a global security program that is fully anchored to modern control and security frameworks, fully aligned with the technology of the firm, threat-focused and data-driven, and deeply integrated across all Citi businesses globally.
Being talent-driven, we are focused on attracting, developing, and retaining diverse and inclusive talent with a high technical skill level.
As a member of our team we will provide you with career development opportunities at all stages of your career.
Our employees model a passion for protecting Citi and our clients and believe in treating others with dignity and respect.
Third Party Information Security Assessor
**Description**:
The Third Party Information Security Assessor performs detailed examinations of Citi's North America suppliers' information security practices and controls.
IS Assessor responsibility is to confirm supplier adherence to the same high information security standards to which Citi holds itself accountable and to identify & communicate information security risks related to our customer and business sensitive information.
In accordance with Citi's established Third Party Information Security Assessment (TPISA) process and framework, the essential duties are as follows.
- Coordinate with TPISA stakeholders to initiate, scope and plan controls assessments of new and existing suppliers.
- Perform assessments remotely via conference calls or, in very limited cases, on-site at supplier locations.
- Obtain and review supplier responses and supporting documentation to validate supplier appropriate implementation of information security controls.
Analyze the information to identify information security weaknesses or non-compliance with Citi standards.
- Produce detailed documentation of assessments and perform threat analyses of gaps identified.
- Communicate supplier information security issues to stakeholders, ensuring their understanding of associated risks and actions needed to remediate those risks.
**Qualifications**:
- Industry certification such as CISSP, CISA or CISM required.
- 6+ years experience in a similar IT Audit, Assessor, or Information Security Officer role.
- Excellent technical and/or IT audit background in/practical knowledge of a wide variety of technologies.
Technologies include server infrastructure & operating systems, network & web infrastructures, database architecture and intrusion detection/prevention systems.
- Self-starter with the ability to manage and prioritize responsibilities through the effective use of time management techniques.
- Team player with proven skills in influencing people without having direct management authority and motivating them to successfully complete tasks within required timelines.
- Self-driven performer with established skills in tracking self and project performance, anticipating and recognizing problems and escalating issues appropriately.
- Exemplary ability to interact and communicate both written and verbally with people at all levels, both technical and non-technical, in a dynamic environment where interactions are not always in person.
- Excellent risk analysis and problem solving skills.
- Must be flexible to ensure assessments are performed by the mandated compliance date and be able to manage multiple assessments simultaneously.
**Critical competencies**:
- Must be able to communicate fluently in English
**Education**
- Bachelor's Degree (in Technology, Information Security or related major), or equivalent work experience.
- **Job Family Group**:
Technology
- **Job Family**:
Information Security
-
Third Party Information Security Assessor
hace 3 días
San Francisco, Heredia, Costa Rica Citi A tiempo completoAs a bank with a brain and a soul, Citi creates economic value that is systemically responsible and in our clients' best interests.As a financial institution that touches every region of the world and every sector that shapes your daily life, our Enterprise Operations & Technology teams are charged with a mission that rivals any large tech company.Our...
-
Citi Third Party Information Security Assessor
hace 2 días
San Francisco, Heredia, Costa Rica Citi A tiempo completoCiti's commitment to information security is unwavering, and we take great care in ensuring that our suppliers meet the same high standards of security as we do. As a Third Party Information Security Assessor, you will play a critical role in upholding this commitment by conducting thorough examinations of our North America suppliers' information security...
-
Third Party Risk Assessor
hace 1 semana
San Francisco, Heredia, Costa Rica Citi A tiempo completoCiti's Enterprise Operations & Technology teams deliver technology solutions that enable the bank's operations. As a Third Party Information Security Assessor, you will contribute to the delivery of a secure and reliable services.The Chief Information Security Office (CISO) executes a global security program anchored to modern control and security...
-
Third Party Risk Assessor
hace 1 semana
San Francisco, Heredia, Costa Rica Citi A tiempo completoCiti, a leading global financial institution, requires a skilled Third Party Information Security Assessor to join its team. This critical role involves performing thorough examinations of Citi's North America suppliers' information security practices and controls to ensure adherence to high standards.The successful candidate will analyze information...
-
Third Party Cybersecurity Assessor
hace 6 días
San Francisco, Heredia, Costa Rica Citi A tiempo completoAbout Our TeamCiti's Chief Information Security Office (CISO) is comprised of dedicated and talented colleagues working together to ensure the safety of Citi's and our clients' assets and information. We are committed to managing information security as an end-to-end program with clear mandates and accountability.Job DescriptionThe Third Party Information...
-
Information Security Governance Specialist
hace 3 días
San Francisco, Heredia, Costa Rica Citi A tiempo completoCiti's Enterprise Operations & Technology team is committed to delivering secure, reliable, and controlled services to our clients. As a key member of this team, the Third Party Information Security Assessor plays a vital role in ensuring that our suppliers meet the highest standards of information security.About the Role:The Third Party Information Security...
-
Third Party Information Security Expert
hace 2 días
San Francisco, Heredia, Costa Rica Citi A tiempo completoJob DescriptionThis is a critical role within the Third Party Information Security (TPISA) Program team at Citi. As a Senior IS Professional, you will be responsible for assessing, managing, and mitigating information security risks related to the bank's use of third-party vendors.The ideal candidate will have a strong background in information security and...
-
Information Security Auditor
hace 1 semana
San Francisco, Heredia, Costa Rica Citi A tiempo completoCiti's Enterprise Operations & Technology teams drive the delivery of technology solutions that support the bank's operations. As a Third Party Information Security Assessor, you will be part of a team dedicated to ensuring the security of Citi's and our clients' assets and information.The Chief Information Security Office (CISO) is responsible for executing...
-
Information Security Specialist
hace 1 semana
San Francisco, Heredia, Costa Rica Citi A tiempo completoCiti, a bank with a brain and a soul, creates economic value that is systemically responsible and in the best interests of our clients. Our Enterprise Operations & Technology teams are charged with a mission to design, develop, and execute strategic operational plans.As a financial institution that touches every region of the world and every sector that...
-
Senior Third Party Information Security Analyst
hace 2 días
San Francisco, Heredia, Costa Rica Citi A tiempo completoAbout the RoleThis exciting opportunity is part of the global Third Party Information Security (TPISA) Program at Citi. The successful candidate will focus on activities to assess, manage, and mitigate information security risks associated with the bank's use of third parties.Key responsibilities include:Conducting assessments and developing mitigation...
-
Security Risk Consultant
hace 3 días
San Francisco, Heredia, Costa Rica Citi A tiempo completoAs a global financial institution, Citi plays a crucial role in maintaining the security and integrity of our clients' information. The Third Party Information Security Assessor is a key position within our Enterprise Operations & Technology team, responsible for ensuring that our suppliers meet the same high standards of information security as we do.Job...
-
Information Security Risk Manager
hace 6 días
San Francisco, Heredia, Costa Rica Citi A tiempo completoAbout This RoleWe are seeking a skilled Information Security Risk Manager to join our team at Citi. As a key member of our Enterprise Operations & Technology group, you will play a crucial role in ensuring the safety and security of our customer data.Job SummaryThe Third Party Information Security Assessor performs detailed examinations of Citi's North...
-
Third Party Info Security Specialist
hace 2 días
San Francisco, Heredia, Costa Rica Citi A tiempo completoThis is a Third Party IS Assessment (TPISA) Analyst role where the individual will work closely with the TPISA Program management team and other stakeholders to address questions and requests related to the Third Party Information Security Assessment process.**Responsibilities**:- Individually contribute, lead or participate as a team member on projects, as...
-
San Francisco, Heredia, Costa Rica Citi A tiempo completoRole OverviewThe Third Party Information Security (TPISA) Program at Citi is seeking a highly skilled IS Professional to join our team. As a member of the global TPISA Program team, you will be responsible for assessing, managing, and mitigating information security risks related to the bank's use of third-party vendors.Key responsibilities include:Assessing...
-
Enterprise Security Specialist
hace 1 semana
San Francisco, Heredia, Costa Rica Citi A tiempo completoCiti's Enterprise Operations & Technology teams are responsible for delivering technology solutions that underpin the bank's operations. As a Third Party Information Security Assessor, you will play a critical role in ensuring the safety of Citi's and our clients' assets and information.The Chief Information Security Office (CISO) is dedicated to executing...
-
Third Party Onboarding Project Coordinator
hace 2 semanas
San Francisco, Heredia, Costa Rica Citi A tiempo completo**Job Description:**We are looking for a Third Party Onboarding Project Coordinator who can facilitate the escalation of high-risk Third Party incidents or perpetual performance failures affecting compliance to Citi's Information Security Standards. The ideal candidate will have experience working across a diverse set of stakeholders with positive...
-
Cybersecurity Compliance Expert
hace 1 semana
San Francisco, Heredia, Costa Rica Citi A tiempo completoAt Citi, we take pride in managing information security as an end-to-end program with clear mandate and accountability. We are now seeking a talented Third Party Information Security Assessor to join our team and contribute to our mission.This critical role involves performing thorough examinations of Citi's North America suppliers' information security...
-
Senior Information Security Controls Assessor
hace 2 semanas
San Francisco, Heredia, Costa Rica Experian A tiempo completoJob DescriptionAs a Senior Control Assurance Assessor, you'll test security controls both on-premise and in the cloud to ensure design implementation, safeguarding Experian's assets.You'll assess control design, performance, and compliance with standards and regulations, reporting to the Information Security Control Assurance Testing Manager.Identifying...
-
Third-Party Risk Manager
hace 1 semana
San Francisco, Heredia, Costa Rica Citi A tiempo completoThird-Party Risk Management Role:Citi is seeking a Third-Party Risk Manager to join our team. This role will be responsible for executing third-party risk management activities, ensuring that all items are handled in a controlled and compliant manner. The ideal candidate will have a clear understanding of Citi's policies and procedures impacting third-party...
-
Third Party Compliance Officer
hace 3 días
San Francisco, Heredia, Costa Rica Citi A tiempo completoCiti is seeking a highly skilled Third Party Compliance Officer to join our team. The successful candidate will be responsible for ensuring that all third-party management activities are executed in compliance with Citi's policies and procedures.Key Responsibilities:Perform pre-contract due diligence and post-contract ongoing monitoring activities based on...
