Technical Information Security Officer (TISO) – GCG (AVP) - Citi - Irving, TX

Primary Location: United States,Texas,Irving Other Location: United States,Florida,Jacksonville Education: Bachelor's Degree Job Function: Technology Schedule: Full-time Shift: Day Job Employee Status: Regular Travel Time: No Job ID: 18059651
Job Description: The Technical Information Security Officer (TISO) will work with their peers, application managers, and the system development areas to ensure proper technology risk considerations are addressed at each phase of the system development life cycle and provide proactive solutions to correct exposures or mitigate risk.
The TISO will Interpret security standards, procedures, and guidelines for multiple platforms and diverse environments (e.g. Internet, cloud, client server, distributed, mainframe, mobile, etc.) in designing solutions, recommending enhancements or defining mitigating controls to existing systems. The individual must demonstrate an understanding of application security and will exercise judgment within existing practices and policies.
This position can be filled in or Irving, TX or Jacksonville, FL.
Other Responsibilities Include:Perform periodic security reviews on assigned applications according to Security Policy and Practices established by Citigroup to ensure all requirements are met.Be the primary security officer responsible for providing security development and testing requirements to the project teams on multiple, simultaneous, agile and waterfall projects.Implement security solutions according to Security Policy and Practices established by Citigroup.Work with IT to develop processes and procedures to ensure information security policies and standards are integrated with the organization’s applications.Define application security controls leveraging technical knowledge and problem solving skills in accordance with the secure SDLC process.Promote awareness of current policies and standards, as well as revisions and developments; provide consistent interpretation of policy to IT.Build and maintain relationship with IT to increase IS awareness within the development environments.Interfaces with the business where technical IS solutions are required and advises on the impact to the bottom line while still satisfying business objectives.Establishes and maintains relationships with domain architects, project managers, and others within the technology development unit.Manage external Vendor Business/IT service providers/consultants to adhere to Citi Security Policy and Standards.Manages risk by analyzing the root cause of issues, impact to technology and required corrective actions leveraging advanced analytical skills.Schedules, hosts, and drives meetings with multiple levels of technology management requiring strong communication, influence, and diplomacy skills to ensure that secure development procedures are addressed.Ability to periodically work across different time zones and areas.
About Citi: Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management. Our core activities are safeguarding assets, lending money, making payments and accessing the capital markets on behalf of our clients.
Citi’s Mission and Value Proposition explains what we do and Citi Leadership Standards explain how we do it. Our mission is to serve as a trusted partner to our clients by responsibly providing financial services that enable growth and economic progress. We strive to earn and maintain our clients’ and the public’s trust by constantly adhering to the highest ethical standards and making a positive impact on the communities we serve. Our Leadership Standards is a common set of skills and expected behaviors that illustrate how our employees should work every day to be successful and strengthens our ability to execute against our strategic priorities.
Diversity is a key business imperative and a source of strength at Citi. We serve clients from every walk of life, every background and every origin. Our goal is to have our workforce reflect this same diversity at all levels. Citi has made it a priority to foster a culture where the best people want to work, where individuals are promoted based on merit, where we value and demand respect for others and where opportunities to develop to are widely available to all.
Qualifications:Bachelor's Degree or equivalent work experience.2+ years of Information Security Risk Management experience.Security Certification preferred (e.g. CISSP, CSSLP, CCSP) or plan to obtain.Knowledge in the web application security areas related to but not limited to Cloud technologies, API & MicroService architecture, Restful web services, JSON, XML, SOAP, Java, TLS, OAuth, Firewalls, Load balancers, PKI, Network Security, Service management, industry regulations, OWASP knowledge.Knowledge of cloud products offered by major Cloud Service Providers including Amazon Web Services, and Microsoft Azure and Google Cloud Platform.Knowledge in Pivotal Cloud Foundry technologies helpful.Experience with Threat Modeling techniques and Risk Assessment techniques.Background in application security assurance, application vulnerability assessments, and software security.Experience protecting sensitive data in transit and in storage using encryption.Knowledge of regulatory requirements regarding privacy—including GDPR and cross-border data movement.Good project management and analytical skills with the ability to manage multiple priorities within targeted time-frames.Experience in secure SDLC, both Waterfall and particularly Agile development methodologies.Excellent written and verbal communication skills with the ability to effectively communicate with all levels.Ability to build and maintain positive working relationships across project and control teams.Experience working under minimal supervision from management with a strong commitment to team participation.Strong risk management and risk articulation skills.Leadership skills and ability to work with and influence developers, development managers, project managers, technology peers, business contacts and our Vendors is required.Strong technical aptitude with a specialization in design, implementation and review of application information security architecture, engineering and/or process.

Expired, click here to search for relevant jobs

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.