上海招聘

Description:

The IT Risk & Control Manager is responsible for executing risk and control activities such as the Global IT Security compliance programmes and legal/ regulatory programmes. Identifies and evaluates potential areas of non-compliance or risk taking into consideration impact, probability and defined risk appetite and advise management on adequate risk mitigation measures (e.g., project managers).

Where appropriate, IT Risk & Control Manager will assist and facilitate the set up remediation programmes, monitor and assess the quality of execution. IT Risk & Control Analysts also liaise with the regional team, Group Audit and other central functions as part of the normal execution of work activities.

Tasks / Responsibilities:

· IT Security and Risk Management

1. Execute risk and control programmes in line with the defined risk appetite and approach

2. Identifies environment (operational or application) modifications that should be made in order to improve security

3. Facilitate and advise the line organisation (i.e. managers) on the execution of risk programmes and outcomes

4. Perform and track completion of quality assurance assessments in preparation for upcoming audits and/or execution of legal/ regulatory or Group programmes, e.g., CBRC and PBOC

5. Perform independent reviews to identify, highlight and document risk issues. Follow-up on action items through closure of issues, e.g., self-assessments, independent risk assessment reviews (dbRACE)

6. New product approval process, advise projects and requestors on options and process.

7. Proactively manage internal and external audit processes. Verify factual correctness of issues, advise and assess individual management action plans for quality, prior to submission.

8. Contribute and provide feedback to IT risk and control-related policies/standards as a subject matter expert. Track progress of completion of these initiatives.

9. Select and develop most appropriate risk management strategy to minimize business disruption and address business needs

10. Identify and communicate trends regarding risk and risk management

11. Manages and tracks vendor issues to resolution as part of vendor certification program

· Regulatory

1. Engage GT regional leadership consistent with established processes

2. Receive requests and respond to triggers, prioritize in-region

3. Champion globally consistent approach in-region

4. Analysis and review of regulatory materials

5. Prepare regional heat maps

6. In-region SME and function representative

7. Perform research for regulatory actions

8. Log regulatory actions

9. Develop and maintain linkage between internal and external activities (Leverage internal audit management ledgers)

10. Evaluate GT initiatives for applicability to regulatory compliance

11. Perform regulatory response preparation (includes quality checks)

12. To keep abreast of new and modified regulations

13. Perform independent reviews to identify, highlight and document risk issues on IT regulatory guidelines and requirements.

14. Manages, prepares and tracks all IT regulatory reports, survey, queries and compliance requirements

Skills / Qualifications

The candidate should have at minimum 5 years combined experience in Financial Services, IT Application Development or Infrastructure Support, Information Security, Computer Audit, Compliance and/or Risk Management Technology.

· Good relationship, communication, and negotiation skills

· Good project management skills and ability to deliver timely results

· Comfortable interacting with management and discussing critical issues

· Proven initiative; self starter; highly motivated; can work independently

· Broad knowledge of Information Security and the management of IT risks

· Working knowledge of application and infrastructure technology

· CISSP/CISA or similar is preferred but not mandatory

· Literate in both English and Chinese (spoken and written)

About Citi China

Citi first established an office in China in May 1902, in Shanghai. Today Citi is offering a broad product range in China. On 2nd April, 2007, Citibank (China) Co., Ltd. was officially launched as one of the first foreign banks locally incorporated in China. On 23rd April, 2007, Citibank (China) Co., Ltd. became one of the first foreign banks to offer RMB services to Chinese residents.

Citi currently has branches and sub-branches in Beijing, Shanghai, Guangzhou, Shenzhen, Tianjin, Chengdu, Chongqing, Hangzhou, Nanjing, Guiyang, Wuxi, Changsha and Dalian, operating and offering corporate banking business as well as consumer banking business.

关于花旗中国

花旗在中国的历史可追溯至一九零二年五月。如今，花旗在中国为客户提供广泛的金融产品和服务。2007年4月2日，作为首批成功转制本地法人银行的外资银行，花旗银行（中国）有限公司正式成立。2007年4月23日，花旗银行（中国）有限公司成为首批正式对中国境内公民开展人民币业务的外资银行之一。

目前，花旗银行（中国）分别在北京、上海、广州、深圳、天津、成都、重庆、杭州、南京、贵阳、无锡、长沙和大连设有分支行,开展企业银行业务和零售银行业务。

严正声明:
花旗银行（中国）有限公司（包括其任何分支机构，以下简称“花旗银行”）在招聘过程中不会向任何应聘者收取报名费、中介费或手续费等任何费用，亦从未授权任何代理机构或个人代表花旗银行收取该等费用；
应聘者如遇到冒用花旗银行发布的招聘信息，或对招聘信息有任何疑问，请通过查询花旗银行英文招聘网站**********************/careersection/2/jobsearch.ftl?lang=en
或中文招聘网站**********************/careersection/2/jobsearch.ftl?lang=zh-CN 进行核对确认；
花旗银行在此提醒各求职者在查阅招聘信息时注意辨别真伪，谨防上当受骗；对于非花旗银行发布招聘信息所导致的任何后果，花旗银行将不予承担任何责任；
对于未经花旗银行正式授权而以花旗银行的名义发布虚假招聘信息的任何机构及个人，花旗银行将保留追究其法律责任的权利。