NewYorkRecruiter Since 2001
the smart solution for New York jobs

Operational Risk - Cyber Risk Security Architecture SVP

Company: Citi
Location: New York
Posted on: November 26, 2022

Job Description:


The Operational Risk Management (ORM) Group at Citi is the firms reliable second set of eyes. Our mission is to drive comprehensive and consistent practices designed to identify, measure, monitor, report and manage operational risks while promoting the implementation of actions to address root causes, which may lead to unintended operational losses. The ORM TCRO (Tech and Cyber Risk Office) team provides the specialist subject matter experts to challenge the technology and cyber risk entities across the firm. We are the technology and cyber conscience of the bank. In line with the ORM framework, we aim to ensure that the internal controls that are designed to mitigate technology and cyber risks are managed, mitigated and aligned with our risk appetite.


The Enterprise Tech/Cyber Architecture and Engineering Risk group within TCRO is responsible to influence, challenge, and provide oversight to Enterprise Tech and Cyber Architecture and Engineering/

The Operational Risk - Cyber Risk SVP is part of the Second Line function providing oversight including influencing and challenging the First Line and the businesses on cyber related risks. Oversight areas include, but are not limited to, governance, identification of risks, developing remediation strategies, and influencing the strategy and execution of the program. This position will be actively working with the ORM Business and Regional teams to provide subject matter expertise and align the oversight and challenge activities with the components of the operational risk management framework.

Primary Objective

The objective of the Operational Risk - Cyber Risk SVP is to reduce operational losses while enabling the objectives of the program at Citi, through challenge, influence, and advisory on initiatives in firm regarding cyber security.

The role will be responsible for building engagement with key stakeholders, anticipating, challenging, and mitigating risks that could affect business objectives.

Review of cyber programs and solutions for the associated risks and controls to challenge their appropriateness and effectiveness.

Review, influence, and challenge Security Architecture standards, principles, execution, and metrics.

Provide technical advisory and oversight with respect to the development and execution of the First Line security architecture.

Review the enterprise Information Security standards and procedures to provide oversight, influence, and challenge on their effectiveness, alignment to industry standards.

Influence and challenge existing and evolving/emerging enterprise cyber risks

Conduct risk reviews to identify cyber risks including but not limited to security architecture; determine effectiveness of enterprise cyber standards, measured view of risks and controls.

Engagement across broader cyber functions to oversee alignment of roadmaps and plans.

Provide thought leadership on cyber engineering and architecture, and best practices

Maintain and apply a broad and current industry perspective on cyber trends/opportunities, leading practices, and our position/capability/performance relative to direct competitors and parallel industries/organizations.


The candidate will have over 10 years of experience in technology/cyber risk, risk assessments, metrics, enterprise cyber services, risks and controls within globally complex, dispersed and diverse organizations.

More specific experience, knowledge and skills are outlined below:

Extensive experience in conducting cyber risk reviews

Strong knowledge/experience in security architecture standards and frameworks

Evaluating security architecture programs to embed security

Assessing or implementing security architecture programs

Understanding of industry standards including NIST, CRI, MITRE, COBIT etc.

Understanding of security architecture frameworks including SABSA, TOGAF etc.

Threat Modelling methodologies or frameworks including STRIDE, MITRE, OWASP etc.

Strong experience leading operational risk reviews including identification of potential issues, and coordination with various teams including leadership


--- Ability and confidence to exercise influence over a wide range of individuals at all levels of technical & business leadership.

--- Strong presentation skills: able to use data to tell a clear, compelling story

--- Strong analytical and problem-solving skills.

--- Comfortable interacting directly with technology executive leadership, including in a high stress environment.

--- Builds partnerships across functions and regions; collaborates well with others.


Job Family Group:

Risk Management -

Job Family:

Operational Risk

Time Type:

Full time

Primary Location:

New York New York United States

Primary Location Salary Range:

$164,310.00 - $246,460.00

Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries ("Citi") invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi .

View the " EEO is the Law " poster. View the EEO is the Law Supplement .

View the EEO Policy Statement .

View the Pay Transparency Posting


Effective November 1, 2021, Citi requires that all successful applicants for positions located in the United States or Puerto Rico be fully vaccinated against COVID-19 as a condition of employment and provide proof of such vaccination prior to commencement of employment.

Keywords: Citi, New York , Operational Risk - Cyber Risk Security Architecture SVP, Other , New York, New York

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Log In or Create An Account

Get the latest New York jobs by following @recnetNY on Twitter!

New York RSS job feeds