Business Information Security Analyst – LATAM
Citigroup Inc
Costa Rica,
hace 15 días


Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions.

Citi provides consumers, corporations, governments and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management.

Our core activities are safeguarding assets, lending money, making payments and accessing the capital markets on behalf of our clients.

Citi’s mission is to serve as a trusted partner to our clients by responsibly providing financial services that enable growth and economic progress.

To do so, we must operate with integrity and accountability. Key to this mandate is operating as an intelligence-led, learning organization with robust information security (IS) standards.

The Business Information Security Analyst is required to support the analytic requirements of LATAM Business Information Security Officers (BISOs).

It includes monitoring of Key Risk Indicators, data trending and analysis, assessing the overall effectiveness of IS Programs, track the status of issues and corrective action plans, identifying emerging and evolving risks, and assessing compliance against Citi Information Security Standards and regulatory requirements.

Working closely with BISOs and businesses in a large enterprise environment, the candidate will :

  • Establish strong working relationships with Application Development, Information Security Officers (BISOs and TISOs), Risk and Compliance Officers and Global Information Security Program teams, as well as other Business / Operations / Infrastructure Risk Management teams
  • Actively support the execution of the IS program and other plans developed by the Business or as applicable.
  • Proactively identify control deficiencies through self-assessment testing, risk and control initiatives, and understand business risk tolerance in order to identify solutions and provide guidance.
  • Strong working knowledge related to Governance, Controls, Development and Monitoring.
  • Report IS issues / risks to the Business as applicable with appropriate documentation and supports the response to security events.
  • Determine the appropriate levels of controls to safeguard sensitive data and validate those controls are being implemented.
  • Coordinate Business As Usual (BAU) activities, overseeing reports to senior management (regular and ad-hoc). Provide assistance to application owners, process owners, third party owners and management team to ensure Information Security issues and initiatives are addressed timely
  • Analyze and follow up on open corrective action plans as needed
  • Work with the ISO, application, and reporting teams to analyze latest program and project scorecards, preparing execute summary reports for IS management
  • Perform and report on trend analysis, identifying opportunities for process improvements
  • Qualifications

  • Bachelor’s Degree or equivalent work experience- Experience performing IS / IT Business Analysis, Project Management or similar work required-
  • 3+ years of experience in Finance, Information Security, information Technology, Compliance or Risk Management- Awareness and execution of the Risk and Control Assessments.

  • Previous experience in producing management reports is an advantage- Excellent interpersonal, written and verbal communication skills-
  • Good organizational skills, ability to work under pressure and prioritize within tight deadlines while maintaining total accuracy-

    Ability to influence others and quickly earn the confidence of others- High level of attention to detail- Quick learner and able to work in diverse, global environment-

    Ability to analyze large amounts of data, decipher items relevant to the development unit covered, and determine corresponding risk-

    Ability to work as part of a team, and also independently under own supervision- Possess the ability to develop and maintain good working relationships with various levels of management-

    Ability to coordinate / manage initiatives from end-to-end with minor supervision.- Strong knowledge of Microsoft Office with Excel, Outlook, and PowerPoint skills-

    Strong affinity to manage Control practices demonstrating a pragmatic risk-based approach Specific Qualifications - Fluent in English and Spanish. Portuguese desirable.

  • ISO / IEC 27001 / 27002
  • Desirable at least 1 Certification related to Information Security (CISSP, CISA, CISM or equivalent), or the provision to obtain it within 12 months from the date of incorporation to the position.
  • Travel

    Step 2
    Añadir a los favoritos
    Eliminar de mis favoritos
    Mi Correo Electrónico
    Al hacer clic en la opción "Continuar", acepto que neuvoo recolecte y procese mis datos de conformidad con lo establecido en su Política de privacidad . Tengo derecho a darme de baja o retirar mi autorización en cualquier momento.
    Formulario de postulación