Director, Business Technology Risk and Control

The Business Risk and Control Sr Group Manager manages multiple teams through other managers. In-depth understanding of how own sub-function contributes to achieving the objectives of the function. A good understanding of the industry, direct competitors' products and services, is also necessary in order to contribute to the commercial objectives of the business. Requires thorough understanding of strategic direction of the function within the relevant part of the business, combined with a solid conceptual/practical grounding in both the function and/or area of expertise and related subject areas. Excellent communication skills required in order to negotiate internally, often at a senior level. Some external communication/negotiation may be necessary. Responsible for executing functional strategy in area managed. Determines approach to implementing functional strategy. Accountable for end results, budgeting, planning, policy formulation and contribution to future strategy of the area(s). Impact reflects size of team managed, strategic influence on the business and interaction with other functions or businesses. Full management responsibility for multiple teams, including management of people, budget and planning, to include duties such as performance evaluation, compensation, hiring, disciplinary actions and terminations and budget approval. May be doing involved or responsible for diverse (cross-discipline) activities.

The Country Technology Controls Head manages a defined set of Technology-wide Risk and Control functions and processes as the first line-of-defense function related to Technology Controls. These include Core Risk Management Processes, Technology Regulatory Reporting and Regulatory Change Management, including interfacing with the local Regulatory Authorities, Records Management.

Responsibilities:

• Lead the Enterprise-wide Risk and Control Functions comprising Core Risk Management Processes, Technology Regulatory Reporting and Regulatory Change Management, Risk Identification and Escalations.
• Engage directly with the regulators on regulatory themes that come under the responsibility of the Technology domain in the country.
• Establish a robust, conducive framework that enables effective risk and control management of all the functions and areas under Technology Controls model.
• Perform risk analysis and management and provide objective views on Technology risks, controls, and trends to the Technology Cluster Head.
• Work with the Technology function owners on risk and control matters and provide advice and guidance, support country audits, coordination of regulatory guidelines analysis / regulatory-ad hoc requests / Technology updates in forums such as Business Risk & Control Committee / Local Regulatory Reporting Governance Committee and other governance forums.
• The Country Technology Controls Head stays abreast of risks, issues, and emerging risks; to escalate and socialize to the Technology Cluster Head; to perform analysis and trending within the scope of Country Controls function.
• Provide robust R&C support to Cluster Heads by ensuring strong engagement with local Regulatory authorities.
• Help facilitate the engagement between Local and Global teams.
• Review and provide governance over the quality, completeness, and accuracy of the implementation of the Control Framework, including Risk Control Policy, Control Standard, Issue Management Policy, Lesson Learned Policy and Control Inventory.
• Manage and report on the identification of issue root cause, partnering with control and process owners to recommendations holistic corrective actions and improvements, provide check and challenge to ensure appropriate escalation in according with Issue Management and Escalation Policies.
• Review and challenge within the FLUs the effective design and management of controls to mitigate risks as required by the Control Standards, including implementation and operation, conducting the control monitoring, handling deficiencies, and escalating issues for resolution. 
• Manage implementation within teams to identify, assess, escalate, and manage risk exposures across Risk Categories (Operational Compliance, Strategic, Reputational, etc), including material, emerging and concentration risks in accordance with enterprise Policies and the establishment of Key Indicators to monitor risk exposures.
• Determine approaches to ensure adequate governance and training are in place to support management of Risk profiles.
• Apply knowledge of the business, products or services to identify and implement control points and processes throughout the business.
• Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.

Qualifications:

• 15+ years of experience, including 8-10+ years' managerial experience
• Experience managing teams with broad accountability in a complex environment. Ability to work effectively in a cross-functional organization Ability to balance strategic priorities with tactical actions Proven track record and accountability in making quick decision that have an immediate impact on business financials.
• Excellent communication skills required in order to negotiate internally, often at a senior level. Some external communication/negotiation may be necessary.
• Solid experience in Risk Management, Program/Project Management and/or Control and Compliance especially in a banking environment. This includes having direct interface with the regulators.
• Good understanding of overall Risk Management Process, Information Security, Technology Risk, Records Management, broader understanding of businesses Technology supports in the country.
• Ability to assert and influence and clearly articulate risks and issues.
• Ability to lead and drive controls across the products and functions irrespective of reporting lines.
• Ability to manage through influence (e.g., management in the absence of reporting lines or with matrix reporting).
• Ability to build rapport and work closely with key country and regional stakeholders and partners within and outside the country O&T function.
• Up-to-date understanding of key risk and control concepts and processes, tools and trends relating to risk identification, rating and prioritization, mitigation, and reporting.
• Excellent prioritization and time management skills.

Education:

• Bachelor's/University degree, Master's degree preferred.

------------------------------------------------------

Job Family Group:

------------------------------------------------------

Job Family:

------------------------------------------------------

Time Type:

------------------------------------------------------

Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View the "EEO is the Law" poster. View the EEO is the Law Supplement.

View the EEO Policy Statement.

View the Pay Transparency Posting