Come and join our newly established Cyber Risk Team in Warsaw!

The Technology and Cyber Compliance and Operational Risk Office (TCCORO) at Citi is the firm’s reliable second set of eyes. Our mission is to drive comprehensive and consistent practices designed to identify, measure, monitor, report and manage operational and compliance risks while promoting the implementation of actions to address root causes which may lead to unintended operational losses or regulatory breaches. TCCORO provides the specialist subject matter experts to challenge Enterprise, Infrastructure, Operations and Technology entities across the firm. We are the technology and cyber conscience of the bank. In line with the Operational Risk Management (ORM) and Independent Compliance Risk Management (ICRM) frameworks, we aim to ensure that the internal controls that are designed to mitigate technology and cyber risks are managed, mitigated, and aligned with our risk appetite.

You as Senior Analyst - Technology Risk is a developing professional who stays abreast of developments within own field and contributes to directional strategy by considering their application in own job and the business. Recognized technical authority for an area within the business. Requires basic commercial awareness. There are typically multiple people within the business that provide the same level of subject matter expertise. Developed communication and diplomacy skills are required in order to guide, influence and convince others, in particular colleagues in other areas and occasional external customers. Significant impact on the area through complex deliverables. Provides advice and counsel related to the technology or operations of the business. Work impacts an entire area, which eventually affects the overall performance and effectiveness of the sub-function/job family

What you will do:

• Supports the review of compliance and technology policies and procedures, technology and tools, and governance processes to provide credible challenge for minimizing losses from technology risks.

• Assesses technology risks and evaluates actions to address the root causes that persistently lead to operational risk losses by challenging both historical and proposed practices.

• Supports independent assurance activities to assess areas of concern including substantive and controls testing.

• Supports the monitoring, evaluation, and challenge of Key Risks and associated Key Risk Indicators triggers and thresholds.

• Reviews potential risks associated with program/project delivery on a technical level.

• Participates in various second line of defensetechnology assessments including risk assessments, control assessments, maturity assessments etc.

• Assesses technology risks associated with new initiatives and programs being proposed for implementation.

• Supports the challenge of the design, adequacy and strength of the control environment associated to technology and cyber and recommends actions to ensure the operational risk profile is in line with the technology risk appetite.  

• Assists ad-hoc activities for the TCCORO organization, including but not limited to: researching and drafting materials for presentations of deep dives into selected topics, coordinating deliverables related to audits and examinations, and maintaining associated data for executive reporting.

   Your profile:​

• 5-8 years of relevant experience.

• Bachelor’s/University degree or equivalent experience.

• Experience in technology risk assessments, metrics, enterprise technology services, risks, and controls within globally complex, dispersed and diverse organizations.

• Understanding of technology risks and controls across various information system architecture and engineering domains including: data protection, identity and access management, vulnerability management, network security, endpoint security, logging and monitoring, incident management, and third-party management; preferred expertisein  governance, risk and compliance.

• Knowledge and understanding of industry standard risk management frameworks (including ISO27001, COBIT, TOGAF and CRI for example), and an in-depth understanding of technology risk mitigation strategies.

• Excellent written and verbal communication skills.

• Relevant certifications in CISM, CRISC, CISSP, and/or CISA a plus .

• Must be a self-starter, flexible, innovative, and adaptive.

• Strong interpersonal skills with the ability to work collaboratively and with people at all levels of the organization.

• Ability to work collaboratively with regional and global partners in other functional units; and to navigate a complex organization.

• Excellent project management and organizational skills and capability to handle multiple projects at one time.

• Proficient in MS Office applications (Excel, Word, PowerPoint).  

What we can offer you :

By joining Citi Solutions Center Poland, you will not only be part of a business casual workplace with a hybrid working model (up to 2 days working at home per week), but also receive a competitive base salary (which is annually reviewed) and enjoy a whole host of additional benefits such as:

• Private Medical Care Program

• Life Insurance Program

• Pension Plan contribution (PPE Program)

• Employee Assistance Program

• Paid Parental Leave Program (maternity and paternity leave)

• Sport Card

• Holidays Allowance

• Sport and team recreation activities

• Special offers and discounts for employees

• Access to an array of learning and development resources

• A discretional annual performance related bonus

• A chance to make a difference with various affinity networks and charity initiatives

Alongside these benefits Citi is committed to ensuring our workplace is where everyone feels comfortable coming to work as their whole self every day. We want the best talent around the world to be energized to join us, motivated to stay, and empowered to thrive.

Sounds like Citi has everything you need? Then apply to discover the true extent of your capabilities.

#LI-MM1

#LI-AH4

Job Family Group:

Risk Management

Job Family:

Operational Risk

Time Type:

Full time

Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi (https://www.citigroup.com/citi/accessibility/application-accessibility.htm) .

View the "EEO is the Law (https://www.dol.gov/sites/dolgov/files/ofccp/regs/compliance/posters/pdf/eeopost.pdf) " poster. View the EEO is the Law Supplement (https://www.dol.gov/sites/dolgov/files/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf) .

View the EEO Policy Statement (http://citi.com/citi/diversity/assets/pdf/eeo_aa_policy.pdf) .

View the Pay Transparency Posting (https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf)

Citi is an equal opportunity and affirmative action employer.

Minority/Female/Veteran/Individuals with Disabilities/Sexual Orientation/Gender Identity.