MyPage is a personalized page based on your interests.The page is customized to help you to find content that matters you the most.


I'm not curious
2

Director - Public Cloud Services - Governance (Risk and Controls)

Location Bronxville, United States
Posted 29-September-2021
Description

Citi s Enterprise Infrastructure Operations & Technology organization (EIO&T) is driving an innovative Cloud First strategy that works to optimize the IT environment, reduce complexity, and implement high degrees of automation to enable more agile application delivery. We aim to give Citi businesses a competitive edge by leveraging cloud scale architectures and enabling new infrastructure economics. EIO&T operates as a technology company focused on implementing scalable and innovative next gen technology solutions that will shape the future of global banking.

Roles and Responsibilities

Operations

Identify risk(s) and implement corrective action plan to mitigate risk(s).Handle negotiations with IA and ORM, and with Policy Owners when more cloud-friendly policy changes need to be influenced.Advise engineers on application of policyMonitor processes to ensure they are designed with control in mind.Ensure controls are automated and sustainable for cloud scaleManage cross border clearance as needed (GCP, Snowflake, MongoDB Atlas, Confluent Kafka, Cloudability, etc.)Oversee records management and retention of records for Citi.continual assessment of Management Controls Assessment (MCA) Efficacy for Public CloudEducate and guide Application Teams on adopting best practices for MCA I Public CloudDevelop Compliance in Public Cloud training seriesPerform self-audits as a quality control function within Public Cloud TeamAutomate reporting capabilities for Compliance matters in Public Cloud

Strategic

Define the strategy for risk and governance planDrive the initiative of embedding compliance within Public Cloud space whilst actively consulting policies and engaging with engineering teams who have multiple concurrent domains such as compute, container, db, middleware, etc.Take ownership of negotiations and lead GCP from a risk perspective.Ensure controls are automated and sustainable for cloud scale.Advise and educate Application Teams on best practices for MCA I Public Cloud.Implement compliance in Public Cloud training series.Automate reporting capabilities for Compliance matters in Public Cloud.

Basic Qualifications

Undergraduate degree in related field or equivalent experienceExperience in risk management, compliance, or security in a large IT organizationExperience with heavily regulated industriesDemonstrated ability to influence change and common-sense approaches to modern risk challengesExperience in an influence management discipline such as project management or product managementExperience developing compliance documentation, user documentation, strategy documentation, white papers or project documentation (writing samples will be requested)Experience with senior management communications and influenceDemonstrable interest in Public Cloud risk identification and mitigationDemonstrated ability to accurately interpret legal and policy documentationExperience working with NIST, COBIT, ITIL, CSA, and/or ISO risk and ITSM frameworksFamiliarity with devops and SRE practicesStrong analytical skillsStrong collaboration and interpersonal skills

Preferred Qualifications

Risk certifications such as the CIA, CISSP, CISA, CRISC, CGEIT, CDPSE, etc.Certifications in Public Cloud such as AWS Certified Cloud Practitioner, or AWS Certified Security SpecialtyLegal experience or educationExperience with data privacy concernsExperience in modern microservices architectures and deploymentsExperience working in a distributed, cloud-based environment using Azure/AWS/GCP (Docker/Kubernetes)Experience with cloud infrastructure and data services (compute, storage, networking and others)Experience with Infrastructure as Code (IaC) practices and frameworksExperience working with cloud-based relational and NoSQL databases

-------------------------------------------------

Job Family Group:

Technology

-------------------------------------------------

Job Family:

Systems & Engineering

------------------------------------------------------

Time Type:

------------------------------------------------------

Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries ('Citi ) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi .

View the ' EEO is the Law ' poster. View the EEO is the Law Supplement .

View the EEO Policy Statement .

View the Pay Transparency Posting

Related Posts:

 
Awards & Accolades for MyTechLogy
Winner of
REDHERRING
Top 100 Asia
Finalist at SiTF Awards 2014 under the category Best Social & Community Product
Finalist at HR Vendor of the Year 2015 Awards under the category Best Learning Management System
Finalist at HR Vendor of the Year 2015 Awards under the category Best Talent Management Software
Hidden Image Url