About our Team:

　　The Chief Information Security Office (CISO) is home to deeply talented colleagues that work to ensure the safety of Citi's clients', our revenue, our employees and our proprietary data. We manage information security as one end-to end program – one with a clear mandate and accountability. Our mission is a program that is fully anchored to modern control and architectural frameworks, is fully aligned with the enterprise architecture of the firm and is deeply integrated into the sectors and functions.

　　Citi has an extensive and robust AI program, with strong global partnerships and business activities in progress. We view Generative AI as a significant opportunity, one we want to move quickly and embrace, but also one we want to embed security principles and engineering excellence into early.

　　The Generative AI Security Assurance Analyst reports into the CISO organization with dedicated functional alignment to Citi’s generative AI enablement group to establish and maintain security assurance for company's adoption of generative AI technology. You will be responsible for analysis of generative AI usage and manage the GRC (governance, risk, and compliance) functions related to generative AI implementation, ensuring compliance with Citi as well as global regulations.

　　Key Responsibilities -

　　Governance, Risk and Compliance (GRC)

　　Develop, implement, and manage a comprehensive security assurance measures for generative AI usage across the company.

　　Provide thought leadership and creativity to mature generative AI security governance embedding into our existing cyber risk appetite framework

　　Stay abreast of relevant global regulations, industry standards, executive memos, analyst views, and technology trends.

　　Provide expertise and guidance on the interpretation and implementation of regulatory requirements to CISO functions.

　　Drive security assurance maturity through relevant CISO governance framework, policy, standard, and metrics development

　　Support business during regulatory examinations, and projects ensuring alignment with regulatory expectation

　　Perform security assessments of technology and security solutions enabling generative AI usage across Citi

　　Develop, and manage security guardrails for generative AI implementations

　　Identify, track, and manage information security issues. Provide remediation/mitigation recommendations and oversee plans to ensure that generative Ai based implementations comply with Citi standards as well as meet regulatory requirements.

　　Support Global Information Security policies, standards, and initiatives development and implementation by representing in different Citi action groups such as Delegated Action Groups (DAG).

　　Partner with CISO GRC in both leading and supporting capacities to manage generative AI assurance function

　　Perform program , and project management functions for CISO generative AI use cases. Ensure successful execution of the various projects under their remit

　　Implement, Monitor, and Challenge KRIs and KPIs to help drive program performance

　　Interface with CISO functions (Architecture, engineering. SecOps, etc.) technology, cyber and operational risk management, Auditors, Regulators, and other stake holders to communicate and manage program/project performance

　　Build internal and external networks to ensure alignment across programs, industry best practices, and to maintain current knowledge regarding AI/ML/Gen AI information security/cyber developments

　　What you will bring

　　Essential Experience

　　Extensive Information Security assurance/GRC experience in is required

　　Proven program/project management experience for is required.

　　Good understanding of information security, AI/Machine Learning/generative AI or data science is required

　　Experience or knowledge of business applications leveraging generative Ai is recommended

　　Demonstrated knowledge of software development processes (SDLC / Agile / Iterative / DevOps)

　　A demonstrated knowledge of information security standards, rules and regulations related to information security and data confidentiality and other various security standards and policies.

　　Experience interfacing with regulators and internal audit is required

　　Ability to keep up to date with technology and security.

　　Leadership

　　Good leadership, strategic thinking, and large-scale planning abilities.

　　Able make informed decision and appropriate adjustments.

　　Good interpersonal and communication skills with the ability to influence at all levels of the organization, while being able to simplify complex IS topics

　　Ability to operate effectively across a highly matrixed, global business environment.

　　Ability to apply a broad and comprehensive understanding across multiple functional areas.

　　Strong work ethic, and an excellent use of discretion and judgment.

　　Ability to organize, prioritize, and lead multiple deliverables simultaneously across a large, global corporate environment.

　　Excellent problems solving abilities and analytical skills

　　Bonus points for

　　Demonstrated experience with cyber engineering and operations, which could include DevSecOps and MLSecOps is a plusEducation:

　　Bachelor’s / Masters degree/University degree or equivalent experience performing a similar role.What we’ll provide you

　　By joining Citi London, you will not only be part of a business casual workplace with a hybrid working model (up to 2 days working at home per week), but also receive a competitive base salary (which is annually reviewed), and enjoy a whole host of additional benefits such as:

　　27 days annual leave (plus bank holidays)

　　A discretional annual performance related bonus

　　Private Medical Care & Life Insurance

　　Employee Assistance Program

　　Pension Plan

　　Paid Parental Leave

　　Special discounts for employees, family, and friends

　　Access to an array of learning and development resources

　　Alongside these benefits Citi is committed to ensuring our workplace is where everyone feels comfortable coming to work as their whole self, every day. We want the best talent around the world to be energized to join us, motivated to stay and empowered to thrive.

　　#LI-AS1

　　Technology

　　Information Security

　　Full time

　　Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

　　Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi (https://www.citigroup.com/citi/accessibility/application-accessibility.htm) .

　　View the "EEO is the Law (https://www.dol.gov/sites/dolgov/files/ofccp/regs/compliance/posters/pdf/eeopost.pdf) " poster. View the EEO is the Law Supplement (https://www.dol.gov/sites/dolgov/files/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf) .

　　View the EEO Policy Statement (http://citi.com/citi/diversity/assets/pdf/eeo_aa_policy.pdf) .

　　View the Pay Transparency Posting (https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf)

　　Citi is an equal opportunity and affirmative action employer.

　　Minority/Female/Veteran/Individuals with Disabilities/Sexual Orientation/Gender Identity.