Public Cloud Technology Controls Lead Analyst

Chennai, Tamil Nadu
Permanent
Full-time

8 days ago

Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments, and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management.As a bank with a brain and a soul, Citi creates economic value that is systemically responsible and in our clients’ best interests. As a financial institution that touches every region of the world and every sector that shapes your daily life, our Cloud Technology Services teams are charged with a mission that rivals any large tech company. Our technology solutions are the foundations of everything we do from keeping the bank safe, managing global resources, and providing the technical tools our workers need to be successful to designing our digital architecture and ensuring our platforms provide a first-class customer experience. We reimagine client and partner experiences to deliver excellence through secure, reliable, and efficient services.About Our Team:Within Citi's Technology & Business Enablement organization, two partner teams come together to deliver technology excellence and manage the safety, soundness and risk mitigation of those technologies: Cloud Technology Services (CTS) and Technology Controls.Citi's Cloud Technology Services (CTS) team provides the critical technical foundation for Citi’s operations and is responsible for delivering reliable IT solutions, scalable infrastructure services, and secure capabilities while creating a trusted customer experience and enabling Citi’s workforce to be the best for our clients. Making the bank simpler, greener, and better connected while powering it with trusted, well-secured data, and automating policy enforcement through code are all at the heart of our refreshed global strategy. Data Quality, Simplification, Environmental Stability, Automation, and Service Excellence are the key pillars and priorities on our strategic journey.CTS is driving an innovative Cloud First strategy that works to optimize the IT environment, reduce complexity, and implement high degrees of automation to enable more agile application delivery. We aim to give Citi businesses a competitive edge by leveraging cloud scale architectures and enabling new infrastructure economics.The Technology Controls function supports the CTS Public Cloud services team, specializing in technology risk and controls management for Public Cloud Infrastructure and Platform as a Service (IaaS/PaaS) capabilities across providers such as Amazon Web Services (AWS), Google Cloud Platform (GCP), and data platforms, and for Artificial Intelligence solutions offered by Cloud Service Providers.Responsibilities:

Partner with IA and 2nd Line of Defense, and with Policy Owners when more cloud-friendly policy changes need to be influenced

Advise engineers on application of policy and actively consult policies and prioritization of codified controls with engineering teams who have multiple concurrent domains such as compute, containers, DB, middleware, etc.
Ensure processes are designed with control in mind and drive transformational change to reduce adoption friction (process bureaucracy that slows down public cloud adoption) while improving sustainability of risk management processes

Coordinate cross border clearance as needed

Assess the effectiveness of existing controls, identifying areas for improvement, and executing necessary changes and ensure controls are automated and sustainable for cloud scale, and achieve defense in depth

Collaborate with key stakeholders to assess potential risks, develop risk mitigation activities, and define the acceptable level of risk across various areas of operation.
Stay informed about regulatory changes and industry best practices related to control management, ensuring the controls program aligns with these standards.
Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency, as well as effectively supervise the activity of teams and create accountability with those who fail to maintain these standards

Qualifications:

Relevant work experience in Technology Risk & Controls, or Risk/Security/Compliance organization in a large organization in a heavily regulated industry, with at least 2 years of experience in Public Cloud Risk, Governance, Compliance and/or Control.
Ability to identify, measure, and manage key risks and controls.
Track record leading Control related projects, programs, and/or simplifying processes while ensuring risk is adequately managed
Ability to see the big pictures with high attention to critical details, supporting an ability to develop and implement strategy and process improvement initiatives with strong leadership, decision-making, and problem-solving skills, and strong analytical skills to evaluate complex risk and control activities and processes.
Demonstrated ability to influence change and common-sense approaches to modern risk challenges
Demonstrated ability to develop and implement strategy and process improvement initiatives.
Demonstrable interest in Public Cloud risk identification and mitigation, and familiarity with DevOps and Site Reliability Engineering (SRE) practices
Demonstrated ability to accurately interpret legal and policy documentation and experience working with NIST, COBIT, ITIL, CSA, and/or ISO risk and ITSM frameworks

Preferred Qualifications:

Experience with as First Line of Defense with Second/Third Line of Defense, and regulators, or experience as Second or Third Line of Defense
Risk certifications such as the CISM, CISSP, CISA, CRISC, CGEIT, CDPSE, etc. and certifications in Public Cloud such as AWS Certified Cloud Practitioner, AWS Certified Security Specialty, or cloud agnostic certifications like CCAK, CCSK, CompTIA Cloud+, CET
Experience in an influence management discipline such as project management or product management
Experience with data privacy concerns and outsourcing regulations
Experience in modern microservices architectures and deployments (docker/kubernetes); experience working in a distributed, cloud-based environment using Azure/AWS/GCP; experience with cloud infrastructure and data services (compute, storage, networking and others); experience with Infrastructure as Code (IaC) practices and frameworks; experience working with cloud-based relational and NoSQL databases

Education:

Bachelor's/University degree or equivalent experience

Job Family Group: Controls Governance & OversightJob Family: Assessment & DesignTime Type: Full timeMost Relevant Skills Analytical Thinking, Business Insights, Communication, Constructive Debate, Controls Lifecycle, Issue Management, Process Design, Program Management, Risk Management, Stakeholder Management.Other Relevant Skills For complementary skills, please see above and/or contact the recruiter.Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law.If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review .View Citi’s and the poster.

Citigroup

Apply Now