- Primary Location: United Kingdom,Northern Ireland,Belfast
- Education: Bachelor's Degree
- Job Function: Risk Management
- Schedule: Full-time
- Shift: Day Job
- Employee Status: Regular
- Travel Time: No
- Job ID: 19011327
A Technology Control Lead is required to assist in implementing and maintaining a cohesive, effective, efficient, coordinated, and consolidated controls governance model in support of ICG Technology. Working closely with a dynamic business in a large and diverse environment, you will:
- Responsible for establishing strong working relationships with Application Development, Information Security, Continuity of Business, as well as other Business/Operations/Infrastructure Risk Management teams.
- Provide assistance to application owners/management team to ensure Risk and Control issues and initiatives are addressed timely.
- Reviews escalations of dashboard deviations (Project Quality Control, Issue and CAP management, End of Vendor Support, Production Access Control, Vulnerability assessments, SDLC documentation compliance, Engagement Form submission, FID management, CoB tests of applications, entitlement reviews - EERS, DB compliance exceptions in FortiDB, SSH trust public key exceptions, Citi SSO, Export license, Employee Due Diligence reviews, Third Party management, and Cross Border Data Clearance) after evaluating preliminary assessments.
- Manage technology components of Internal and External audits. Assist development teams in responding to audit requests, perform review of work for completeness and accuracy as needed.
- Actively identify control deficiencies through technology self-assessment testing, risk and control initiatives, and BAU meetings/discussions. Monitor progress of corrective action plans.
- Work with the Risk and Control teams to analyze the latest program and project scorecards, preparing execute summary reports for IT management.
- Perform Managers Control Assessment (MCA) testing of IT General Controls. Analyze test results and open corrective action plans as needed. Identify emerging risks and prepare Quarterly Risk
- Assessment (QRA) documents to summarize overall MCA results.
- Be the coordinator’s backup of Issue management, Quality Control, Bi-weekly risk committee, Business risk committees, ISRP-SCO certifications, Technology Risk Assessment, and Regulatory Matrix subjects. Prepares executive and specialized reports accordingly.
- Works with SMEs of various Technology related processes to create documents for Senior Technology Managers focused on audit and regulatory readiness. Communication flows in one to one meetings as well as email messages.
- Collaborates with the CoB Coordinator to address supporting actions of Technology teams.
- Facilitate compliance with Citi policies, standards, and regulations.
- Perform and report on trend analysis; find opportunities for process improvements.
- Identify the need for and develops new and improved procedures and process control manuals.
- Proven success in a team environment. Understand technical solutions and their implications. Effective leadership and strong influence/negotiation skills.
- Schedules, hosts, and drives meetings with multiple levels of management requiring strong communication, influence skills, and diplomacy.
Knowledge / Experience:
- Experience performing IT Business Analysis, Project Management, or similar work required.
- Extensive years of experience in Audit, Information Security or Risk Management.
- Awareness and execution of the Risk and Control Self-Assessment (RCSA), Managers Control Assessment (MCA), or other technology self-assessment processes is an advantage.
- Knowledge of service management (ITIL) with previous working experience in process improvements is an advantage.
- Previous experience performing Internal and/or External Audit coordination is an advantage.
- Previous experience in Production Support and Application Development roles is an advantage.
- Industry certifications, such as CISA, CISSP, and PMP would be an advantage.
- Bachelor’s Degree Required.
- Excellent interpersonal, written, and verbal communication skills.
- Be able to handle pressure and prioritize within tight deadlines while maintaining total accuracy.
- Ability to influence others and quickly earn the confidence of others.
- High level of attention to detail.
- Self starter and able to work in a diverse, global environment.
- Ability to analyze large amounts of data, decipher items meaningful to the development unit covered, and determine corresponding risk.
- Ability to work as part of a team and also independently under own supervision.
- Possess the ability to develop and maintain good working relationships with various levels of management.
- Ability to coordinate/manage initiatives from end-to-end with minor supervision.
- Strong knowledge of Microsoft Office with Excel, Outlook, and PowerPoint skills.
- Strong affinity to manage Control practices demonstrating a pragmatic risk-based approach.
- Formulates and defines system scope and objectives for complex projects through research and fact-finding combined with an understanding of applicable business systems and industry standards.
- Consults with users and clients to resolve issues/problems through in-depth evaluation of business processes, systems and industry standards; takes personal responsibility in recommending solutions or resolving issues.
- Considers the business implications of the application of technology to the current business environment; identifies and communicates risks and impacts.
- Provides understanding of business analysis concepts and principles and a basic knowledge of concepts and principles in other technology areas.
- Applies comprehensive understanding of how multiple areas collectively integrate to contribute towards achieving business objectives.
- Provides evaluative discernment based on analysis of factual information in complicated and unique situations.
- Appreciates differences in style or perspective and uses differences to contribute to decisions or actions and organizational success.
- Communicates accurate and meaningful verbal and written information to the right people at the right time; listens and asks questions to ensure clarity and challenges effectively.
Exceptional candidates who do not meet these criteria may be considered for the role provided they have the necessary skills and experience.
Demonstrates an appreciation of a diverse workforce. Appreciates differences in style or perspective and uses differences to add value to decisions or actions and organisational success.
Citi is an Equal Opportunities Employer