Business Information Security Officer300k以上

学历:本科 | 工作年限:八年以上 | 年龄:年龄不限
最后刷新:2020/04/02 12:00:00

微信扫一扫:分享

微信里点“发现”,扫一下

立即沟通 申请职位
  • 快速申请
  • 登录申请
Business Information Security Officer 职位描述
JOB DESCRIPTION
 Integrates Country BISO priorities into day-to-day business.
 Communicates with the country BISO and business managers; escalates as appropriate.
 Provides general IS consulting services including interpretation and/or clarification.
 Supports the business by reviewing Third Party contract language as it relates to IS.
 Exercises oversight to the IS program within the business, including programs, policies, and related reporting.
 Helps security incident response teams resolve and close the investigation of incidents with proactive suggestions.
 Assists in the definition and implementation of IS standards at the business level to ensure that procedures and practices comply with Citi standards.
 Participates in the IS community on committees and cross-business / functional opportunities.
 Enforces compliance; demonstrates extensive understanding of IS standards and best practices across multiple disciplines.
 Reviews status of business IS program and oversees corrective action when necessary.
 Develops corrective action language for all IS-related gaps and approves all closures by reviewing evidence to ensure the closure meets Citi requirements or industry best practices.
 Collaborates to create Risk Acceptances (RAs), Risk Exceptions (REs), and Corrective Action Plans (CAPs) in the appropriate tools (iCAPs, CIRAS, etc.).
 Ensures that approvals and reviews are executed when needed.
 Performs IS awareness and training activities, including IS education of new employees. Ensures IS awareness materials are distributed per CISS requirements. Monitors / tracks IS training per CISS requirements.
 Assists with Third Party IS Assessment (TPISA) follow-up.
 Ensures IS Risk Assessment is performed according to Citi standards by partnering with the businesses throughout the ISRA process and determines the impact of control deficiencies.
 Ensures Information Owners periodically review CSI IS-related information and it is accurate.
 Engages a TISO, SME or another senior ISO where additional technical knowledge is required.
 Educates and advises the business on safe IS practices and current, changing, and/or recommended IS requirements.
 Provides periodic IS risk management reports highlighting key issues and corrective action plans.
 Coordinates IS activities with business plans.
 Articulates the value of IS controls and its bottom line impact.
 Seeks opportunities to enhance the efficiency of policies and procedures.
 Partners with business coordinators in other disciplines; e.g., MCA, CoB, Records Management, Fraud Management, etc.
 Reviews IS action plans with management and monitors implementation of approved plans.
 Leverages the ISO network to pool resources, seek out best practices, and create efficiencies.
 Monitors vulnerability assessments and ethical hacks, ensuring that issues are addressed for all applications that are not managed by Citi technology groups. For example, vendor-managed / hosted.
 Manages risk by analyzing the root cause of issues, impact to business, and required corrective actions by leveraging analytical skills.
 Guides the business to ensure that IS risks, controls, and tests are embedded in the IS component of MCA.

REQUIREMENTS
 Bachelor's degree in Computer Engineering, Computer Science, or related discipline
 Minimum 3 years of working experience in IS and at least 2 IS programs including, but not limited to, Audit Reviews, Risk Assessment, Awareness & Training, Identity Access & Management, Data Protection, Incident Management, Vulnerability Assessment. Knowledge of key government regulations and local laws
 Solid business experience, preferably in risk management activities
 Well understand the IS risks that are inherent to a business
 Strong communication skill both for oral and writing in Chinese and English
 Responsible and Reliable
 Minimum one held or working toward (CISSP, CISM, CISA)
智能匹配
  • Hi,我是51金融圈AI算法机器人小5 ~ 经过4年的培训与学习,我已经成功学会了筛选简历,同时也能计算简历与职位的匹配度,要不要试试看呢 ~

    立即测试匹配度
51金融圈为求职招聘者提供花旗银行集团Business Information Security Officer职位,薪资:300k以上,地点:上海市,更有Business Information Security Officer的职位描述、相似职位等等介绍信息。
花旗银行集团 公司介绍
花旗银行(Citibank)是花旗集团属下的一家零售银行,其主要前身是1812年6月16日成立的纽约城市银行(City Bank of New York),经过近两个世纪的发展、并购在21世纪初期一度成为全世界最大的银行控股公司。花旗在全球近一百五十个国家及地区设有分支机构,总部位于美国纽约市公园大道399号。它是当今世界资产规模最大、利润最多、全球连锁性最高、业务门类最齐全的金融服务集团之一。它是由花旗公司与旅行者集团于1998年合并而成,并于同期换牌上市的。换牌上市后,花旗集团运用增发新股集资于股市收购、或定向股权置换等方式进行大规模股权运作与扩张,并对收购的企业进行花旗式战略输出和全球化业务整合,使花旗集团在短短五年时间里,总资产规模扩大了71%,股东权益增加92%,资本实力不断提高;总收入提高72%,利润增长 2.6倍,表现出不凡的盈利能力;其股票在进行一次送股(每3股送1股)和 22次分红派息(每股分红共计$3.82)的情况下,每股净值仍提高了一倍,价格翻了一番。花旗股票是纽约股市著名的绩优蓝筹股。


花旗集团在全球一百多个国家约为二亿客户提供服务,包括个人、机构、企业和政府部门。提供广泛的金融产品服务从消费银行服务及信贷、企业、投资银行服务、以及经纪、保险和资产管理等,非任何其它金融机构可以比拟。现汇集在花旗集团下的主要有花旗银行、旅行者人寿、养老保险、美邦、Citi-financial、Banamex和Primerica。
查看全部
花旗银行集团 工作地点
上海市浦东新区花园石桥路33号花旗大厦
公司基本信息
花旗银行集团

花旗银行集团

公司性质:外资(欧美)

所属行业:银行

公司规模:10000人以上

公司网址: http://www.citibank.com.cn/homepage/cn/cn_homepage.htm

公司其他职位
职位发布者
花旗银行集团