assistant vice president info Security Officer for philippines (cbna - o&t)Citigroup
Workplace: MetroManila, Manila, Taguig
Salary: Agreement
Work form: Full time
Posting Date: 07/01/2026
Deadline: 21/11/2022
The Information Security Officer (ISO) is responsible for supporting and providing guidance on the implementation and execution of the IS Program as aligned with Citi Information Security Standards for the Citibank N.A. Philippines franchise. This role works closely with Business, Operations & Technology teams, Citi Technology Infrastructure and the overall ISO community to oversee and monitor adherence with Citi IS Policy and Standards, manage risk and provide Business advise on Information Security, Insider Threat, Cross Border Data Flows/Governance and Third Party Risk.
Reports to the Country Senior Information Security Officer
Key Responsibilities
Support businesses and functions in maintaining the confidentiality, integrity, and availability of Citi's information resources and assets.
Partner with business and technology stakeholders to ensure Citi's people, processes, and technologies comply with Citi's IS policies and standards.
Assist the businesses and functions with assigning the Citi Information Classification and Data Privacy Indicator to resources in Citi System Inventory (CSI).
Facilitate the timely completion of required Information Security Risk Assessments.
Oversee the establishment and approval of Information Security Corrective Action Plans (CAPs) and /or Risk Exceptions (REs) prepared by issue owners.
Serve as a contact for Citi workers to report suspected or actual breach of confidentiality, integrity, or availability of Citi Information. ISOs document and report Information Security Incidents (SIRT) to Citi's Security Incident Management (SIM) Team.
Report key IS risks to business stakeholders, and ensure they are accountable for IS controls, risk mitigation, and remediation activities.
Manage IS risk by analyzing the root cause of issues, their impact to technology, and the required corrective actions.
Key Activities
Advise the business of the appropriate controls for safeguarding sensitive information based on Citi's IS classification standards and the IS risks inherent and/or affecting the information assets
Drive constructive procedural changes to ensure effective risk-based implementation of IS requirements.
Work with the business to manage IS risk by analyzing the root cause of threats, likelihood and impact of issues, and then support the business in implementing the required controls.
Document security incidents (SIRTs) and assist security incident response investigators as instructed.
Oversee completion of entitlement reviews and support the EERS Review QA process.
Ensure remediation of identified non-compliant issues are documented and/or addressed.
Review Corrective Action Plans (CAPs) documented by CAP and issue owners for all IS-related gaps and ensure adequate mitigation prior to submitting issues for closure.
Generate and present business specific IS metrics and reports.
Qualifications:
Solid risk management skills including management of third party, data protection and Information Security knowledge
Knowledge of key government regulations and local laws
Excellent consulting and problem solving skills
Able to convey ideas, advice and resolution options to enable business to senior management and staff
IT technical knowledge with a business acumen to be able to engage both business and technology teams.
Able to work with senior business management to implement IS strategy.
Industry certifications: either one of CISA/CISSP/CISM preferred; the successful candidate will be expected to obtain an IS industry certification if not already held
Degree: at least a Bachelors' degree in either Computer Science/Engineering/Business/Finance; Masters' degree a plus
At least 5 years of professional information security and / or technology risk management experience
Other Requirements
Excellent consulting and problem-solving/analytical skills.
Advanced presentation skills and program management
Good business communication skills
Team-player, proactive, assertive, service-oriented and has good people-skills.
Proven ability to manage multiple tasks and priorities.
Ability to manage tight time frames and communicate effectively with peers and management.
Flexibility to adapt to changing demands and priorities.
This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.
Job Family Group: Technology
Job Family: Information Security
Time Type: Full time
Citi is an equal opportunity and affirmative action employer.
Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Citigroup Inc. and its subsidiaries ("Citi") invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review .
View the " " poster. View the .
View the .
View the
Citigroup
Reports to the Country Senior Information Security Officer
Key Responsibilities
Support businesses and functions in maintaining the confidentiality, integrity, and availability of Citi's information resources and assets.
Partner with business and technology stakeholders to ensure Citi's people, processes, and technologies comply with Citi's IS policies and standards.
Assist the businesses and functions with assigning the Citi Information Classification and Data Privacy Indicator to resources in Citi System Inventory (CSI).
Facilitate the timely completion of required Information Security Risk Assessments.
Oversee the establishment and approval of Information Security Corrective Action Plans (CAPs) and /or Risk Exceptions (REs) prepared by issue owners.
Serve as a contact for Citi workers to report suspected or actual breach of confidentiality, integrity, or availability of Citi Information. ISOs document and report Information Security Incidents (SIRT) to Citi's Security Incident Management (SIM) Team.
Report key IS risks to business stakeholders, and ensure they are accountable for IS controls, risk mitigation, and remediation activities.
Manage IS risk by analyzing the root cause of issues, their impact to technology, and the required corrective actions.
Key Activities
Advise the business of the appropriate controls for safeguarding sensitive information based on Citi's IS classification standards and the IS risks inherent and/or affecting the information assets
Drive constructive procedural changes to ensure effective risk-based implementation of IS requirements.
Work with the business to manage IS risk by analyzing the root cause of threats, likelihood and impact of issues, and then support the business in implementing the required controls.
Document security incidents (SIRTs) and assist security incident response investigators as instructed.
Oversee completion of entitlement reviews and support the EERS Review QA process.
Ensure remediation of identified non-compliant issues are documented and/or addressed.
Review Corrective Action Plans (CAPs) documented by CAP and issue owners for all IS-related gaps and ensure adequate mitigation prior to submitting issues for closure.
Generate and present business specific IS metrics and reports.
Qualifications:
Solid risk management skills including management of third party, data protection and Information Security knowledge
Knowledge of key government regulations and local laws
Excellent consulting and problem solving skills
Able to convey ideas, advice and resolution options to enable business to senior management and staff
IT technical knowledge with a business acumen to be able to engage both business and technology teams.
Able to work with senior business management to implement IS strategy.
Industry certifications: either one of CISA/CISSP/CISM preferred; the successful candidate will be expected to obtain an IS industry certification if not already held
Degree: at least a Bachelors' degree in either Computer Science/Engineering/Business/Finance; Masters' degree a plus
At least 5 years of professional information security and / or technology risk management experience
Other Requirements
Excellent consulting and problem-solving/analytical skills.
Advanced presentation skills and program management
Good business communication skills
Team-player, proactive, assertive, service-oriented and has good people-skills.
Proven ability to manage multiple tasks and priorities.
Ability to manage tight time frames and communicate effectively with peers and management.
Flexibility to adapt to changing demands and priorities.
This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.
Job Family Group: Technology
Job Family: Information Security
Time Type: Full time
Citi is an equal opportunity and affirmative action employer.
Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Citigroup Inc. and its subsidiaries ("Citi") invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review .
View the " " poster. View the .
View the .
View the
Citigroup
Other Info
Taguig City, Metro Manila
Permanent
Full-time
Permanent
Full-time
Submit profile
Citigroup
About the company
Citigroup jobs
Taguig, Metro Manila
Spanish-Speaking Personal Injury Legal Assistant / Case Manager (Work from Home)
TSG Outsourcing
MetroManila, ManilaAgreement
Freelance Digital Marketing Officer (Full Time | Permanent WFH)
Allied Fusion Services, Inc.
Cebu, Cebu₱30,000 - 35,000 per month
Junior E-Commerce Specialist (Virtual Assistant / Freelancer)
Philippines Light Leather, Inc.
Cebu, CebuAgreement
Position assistant vice president info Security Officer for philippines (cbna - o&t) recruited by the company Citigroup at MetroManila, Manila, Taguig, Joboko automatically collects the salary of , finds more jobs on Assistant Vice President Info Security Officer for Philippines (CBNA - O&T) or Citigroup company in the links above