Technical Information Security Officer is an intermediate level position responsible for leading efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy.
- Works with the business to interpret and translate specific IS business program requirements into technical requirements.
- In partnership with Application Managers, works to ensure that specified Citi technical IS controls are properly embedded in applications and that the remediation of identified non-compliance issues are documented and/or addressed.
- Manages IS risk during the development of new products and applications, ensuring that risks are mitigated during the development process; e.g. ID/password, encryption, system configuration, access, and administration. Executes the Information Security Review Process (ISRP).
- Through Information Security Review Process (ISRP) and Business Impact Analysis (BIA) process, works with the Information Security Officers and Application Managers to ensure that business(es)’ applications deployed are appropriately protecting the confidentiality, integrity, and availability of information that are stored and processed.
- Works with the technology group to support and complete the application/infrastructure review process;
- Demonstrates familiarity with technological controls such as encryption, IDS/IPS, and secure server and desktop configurations.
- Assists with IS related activities during systems development and deployment; e.g. authentication, encryption.
- Ensures issues identified through penetration testing and vulnerability assessments are managed for bank applications and infrastructure.
- Facilitates the implementation of approved tools and identifies innovative enhanced security solutions / emerging technologies (identity management, access control, confidentiality and security administration) for engineering review and certification.
- Engages other security specialists, engineering team or subject matter experts when additional business knowledge is required.
- Bachelor’s degree/University degree or equivalent experience
- 5-8 years of relevant experience
- industry recognized certification (CISSP, CISA, CISM) will be additional advantage
- Consistently demonstrates clear and concise written and verbal communication in Polish and English
- Proven influencing and relationship management skills
- Proven analytical skills
What we offer:
- Work in a team of experts openly sharing their knowledge;
- Professional development experience through work in one of the top international banking institutions;
- Stable employment and opportunity to grow both within the Bank and internationally at Citi;
- Rich social package (such as: medical care, fitness card, life insurance, pension plan).