Operational Risk Officer - VP Technology Risk
The Operational Risk Officer is a strategic professional who stays abreast of developments within own field and contributes to directional strategy by considering their application in own job and the business. Recognized technical authority for an area within the business. Requires basic commercial awareness. There are typically multiple people within the business that provide the same level of subject matter expertise. Developed communication and diplomacy skills are required in order to guide, influence and convince others, in particular colleagues in other areas and occasional external customers. Significant impact on the area through complex deliverables. Provides advice and counsel related to the technology or operations of the business. Work impacts an entire area, which eventually affects the overall performance and effectiveness of the sub-function/job family.
- Establishes and oversees the application of operational risk policies, technology and tools, and governance processes to create lasting solutions for minimizing losses from failed internal processes, inadequate controls, and emerging risks.
- Working with colleagues in ORM, as well as technology, business and other control functions, the Operational Risk Officer is expected to contribute to the Oversight of Technology and IT Risks, the Manager’s Control Assessment (MCA), Key Technology Operational Risks and related indicators and thresholds, Challenge of technology Risk Self Assessments, Issue management, oversight and escalation
- Independently assess’ risks and drive actions to address the root causes that persistently lead to operational risk losses by challenging both historical and proposed practices.
- Governance and oversight may include (not limited to) technology operational risk, risk for example.
- Serves as a subject matter expert for Issues Management (KPI/KRI/Corrective Action Plans)
- Monitors goals are met through performance, risk and relationship oversight of our extended supply chain
- Develops and maintains relationships across the business users and Lines of Defense to better understand and deliver customer requirements by responding to changes in the internal and external business environment
- Has the ability to operate with a limited level of direct supervision.
- Can exercise independence of judgement and autonomy.
- Acts as SME to senior stakeholders and /or other team members.
- Support his/her management in evaluating the design of process flows to help technology/IT and business managers understand the impact of control weaknesses to their technology service delivery capability.
- Provide support in the review and challenge to assess whether EIO&T Entities business/regional entities appropriately consider significant technology risk in their Management Control Assessments (MCAs).
- Analyzes a multitude of technology scorecards/performance management tools in an attempt to mitigate exposure (risk/financial/regulatory)
- Produce reports to help evaluate the extent to which technology managers can demonstrate they are in compliance with internal and external technology control standards, as well as regulatory and audit requirements.
- Advise his/her management on continuous monitoring and control test methods, and evaluate technology metrics in support of the Technology Risk Appetite Statement.
- Provide leadership in risk identification, and risk mitigation strategies in the domain of technology management.
- Engage technology managers to identify key technology control indicators and maintain effective and efficient continuous control monitoring processes.
The Operational Risk Officer will be an acknowledged thought leader in technology risk management with a minimum of 6-10 years’ experience in IT, and at least 2 years of hands-on technical experience in IT management, controls and/or information security within globally complex, dispersed and diverse organizations.
The ideal candidate will have in-depth knowledge of Technology Risk Management, Operations and Information Security practices, both poor and best.
Project management experiences a plus.
More specific proven experience, knowledge and skills that are desirable are outlined below:
• Experience with enterprise technology architecture as a holistic structure that includes people, process, and technology components combined to achieve business goals for automation.
• Knowledge with technology infrastructure components such as Networking, Mobile Applications, Banking applications and database management systems.
• Some Knowledge of Cloud security architecture, Policy Enforcement Tools, and Segregation of Duties for Change Control, Federated Identity, and Toxic Combinations.
• Working Knowledge of full system, software, and security development lifecycle, including abuse and misuse cases within development and testing specifically within the financial industry.
• Strong analytical and problem-solving skills
Strong Leadership Skills:
• The role is global, and the incumbent must be proactive and capable of leading solutions to global issues with others in different regions and time zones. May require attending virtual meetings in LATAM, EMEA and Asia Pacific.
• The successful candidate will need to be a hands-on and self-starter who can execute on the directions given by their management
Project Management Skills:
• Strong planning, organization and time management experience that is strategically oriented, and an innovative thinker.
• Able to collaboratively manage initiatives that span multiple geographic locations and time zones.
Client Relationships/Business Partnerships:
• Builds partnerships across functions and regions; collaborates well with others.
• Networks regularly and builds relationships across Risk disciplines and with businesses, operations and technology
Excellent Communication Skills:
• Both verbal and written.
• Ability to interact with and influence people/groups of widely varying disciplines and backgrounds.
• Ability and confidence to exercise influence over a wide range of individuals at all levels of technical & business leadership.
• Experienced in using active listening techniques on a consistent basis.
Strong Presentation skills:
• Comfortable with public speaking across various forums and be able to effectively and logically communicate when ideas are being challenged in an open forum.
• Comfortable interacting directly with ORM executive leadership, including in a high stress environment.
- Bachelor’s/University degree, Master’s degree preferred
Job Family Group:Risk Management
Job Family:Operational Risk
Citi is an equal opportunity and affirmative action employer.
Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.
View the EEO Policy Statement.
View the Pay Transparency Posting
Effective November 1, 2021, Citi requires that all successful applicants for positions located in the United States or Puerto Rico be fully vaccinated against COVID-19 as a condition of employment and provide proof of such vaccination prior to commencement of employment.
Junte-se ao nosso diverso
time com +
Funcionários voltados para o bem-estar social fazem voluntariado em comunidades em 90 países
Oportunidades de carreira significativas, graças à presença física em mais de 95 mercados
Promovemos uma cultura que acolhe todos os indivíduos e incentiva perspectivas diversas, onde você pode causar impacto e desenvolver sua carreira. No Citi, valorizamos colegas que demonstram altos padrões profissionais, forte senso de integridade e generosidade, curiosidade intelectual e precisão. Reconhecemos a importância de assumir sua carreira, com o compromisso de que, se você fizer, prometemos ir além para que você alcance seu objetivo.
Você não tem empregos salvos
Vagas visualizadas anteriormente
Você não viu nenhum trabalho