Cyber and Information Security Risk Manager, Senior Vice President

Are you looking for a career move that will put you at the heart of a global financial institution? Then bring your skills in risk identification, project management and communication to Citi’s Business Disruption Risk Team. By joining Citi, you will become part of a global organisation whose mission is to serve as a trusted partner to our clients by responsibly providing financial services that enable growth and economic progress.

Team/Role Overview

This role is critical for safeguarding the bank's financial stability and sustained growth by expertly managing Cyber & Information Security risks. The position involves identifying, assessing, measuring, monitoring, and reporting on these risks, ensuring all operations align with the Markets defined risk appetite. This professional provides a comprehensive view of the cyber threat landscape, enabling proactive anticipation, assessment, and mitigation of potential security risks across the Markets Business.

What you’ll do

• Proactively identify and assess evolving Cyber & Information Security risks across the business and technology landscape.
• Design and lead strategic initiatives to enhance cyber and information security controls and processes, ensuring alignment with risk appetite.
• Collaborate effectively with business unit leaders and diverse stakeholders to embed robust cyber risk management practices into business operations.
• Partner with 2nd line functions (e.g., Information Security Compliance, Operational Risk Management) to interpret and apply cyber risk requirements and policies accurately.
• Engage with 3rd line functions (e.g., Internal Audit, Compliance Assurance) to facilitate independent assessments, address findings, and drive resolution of cyber and information security issues.
• Maintain comprehensive oversight of cyber risk posture through continuous monitoring of metrics, activity, and corrective action plan execution.
• Prepare and present clear, concise updates on emerging cyber risks, control effectiveness, and strategic enhancements to senior management and governance committees.
• Ensure rigorous adherence to information security policies and regulatory requirements, including maintaining a robust Manager’s Control Assessment (MCA) for Cyber & Information Security.
• Serve as a primary liaison for all internal and external audit engagements related to Cyber & Information Security.
• Lead and mentor a team focused on cyber risk assessment, regulatory compliance, and efficient reporting and resolution of security‑related matters.

What we’ll need from you

• Significant progressive experience in Cyber & Information Security Risk Management, IT Risk, Security Compliance, or IT Audit, with significant experience in a financial services environment.
• Demonstrated expertise in identifying, assessing, measuring, monitoring, and reporting on complex cyber and information security risks.
• Proven track record of designing and leading initiatives to enhance security controls and processes.
• Extensive experience collaborating with and managing expectations of diverse stakeholders, including business unit leaders, technical teams, and 2nd and 3rd line functions (e.g., Information Security Compliance, Operational Risk, Internal Audit, Regulators).
• Strong understanding of evolving cyber threat landscapes, regulatory requirements (e.g., NIST, ISO 27001, GLBA), and industry best practices.
• Proficient in maintaining risk and control frameworks, including Manager’s Control Assessment (MCA), specifically for Cyber & Information Security risks.
• Exceptional communication and presentation skills, with the ability to articulate complex cyber risk concepts and their business impact to senior management and governance committees.
• Ability to act as a primary liaison for all audit and regulatory engagements pertaining to Cyber & Information Security.
• Strong leadership capabilities with experience in leading and mentoring risk management professionals.
• Bachelor’s degree required; Master’s degree or relevant professional certifications (e.g., CISSP, CISM, CRISC) preferred.

What we can offer you

We work hard to have a positive financial and social impact on the communities we serve. In turn, we put our employees first and provide the best-in-class benefits they need to be well, live well and save well. By joining Citi London, you will not only be part of a business casual workplace with a hybrid working model (up to 2 days working at home per week), but also receive a competitive base salary (which is annually reviewed), and enjoy a whole host of additional benefits such as:

• Generous holiday allowance starting at 27 days plus bank holidays; increasing with tenure.
• A discretionary annual performance related bonus.
• Private medical insurance packages to suit your personal circumstances.
• Employee Assistance Program.
• Pension Plan.
• Paid Parental Leave.
• Special discounts for employees, family, and friends.
• Access to an array of learning and development resources.

Alongside these benefits Citi is committed to ensuring our workplace is where everyone feels comfortable coming to work as their whole self every day. We want the best talent around the world to be energized to join us, motivated to stay, and empowered to thrive.

Sounds like Citi has everything you need? Then apply to discover the true extent of your capabilities.

Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law.

If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.