Job Description

Citi Internal Audit is a dynamic global function of over 2,500 professionals located across more than 60 countries, covering Citi\'s global businesses and service to clients and customers through its network in 98 countries. Through a culture of continuous improvement, Citi IA is focused on maintaining its position as a best-in-class IA function and is committed to investing in people, learning and development, innovation, and methodology programs. The Internal Audit mission is to provide independent, objective, reliable, valued and timely assurance to the Board, senior management and regulators of Citigroup and Citibank (and its subsidiaries), over the effectiveness of culture, ethical conduct, governance, risk management, and controls that mitigate current and evolving risks and to enhance the control environment. Citi operates in over 100 countries and provides consumers, corporations, governments, and institutions with a broad range of financial services and products. Citi strives to create the best outcomes for clients and customers with financial ingenuity that leads to solutions that are simple, creative, and responsive. The Chief Auditor for Markets, Services, Wealth & US Personal Banking Technology will lead and develop a team of approximately sixty staff globally and will report to the Chief Auditor for Operations & Technology. The incumbent will be responsible for building and managing relationships with senior Operations & Technology management, including the co-Chief Information Security Officers, and the Heads of Markets technology, Services Technology, Wealth Technology and US Personal Banking Technology. In addition, the role will work closely with product and functional Internal Audit (IA) management to ensure the creation and delivery of an end-to-end technology plan for the four businesses that provides high quality assurance over the key risks for technology processes globally. Specifically, this will include a material book of work for integrated audit work, where technology supports business-led audits or visa-versa. Critical thinking and executive presentation skills will be important requirements of the role, as themes related to risks and issues across the organization will be identified and presented to key stakeholders, such as senior management, the Audit Committee, regulators, and external audit functions. The incumbent requires a wide ranging, yet detailed knowledge of technology processes, as well as a strong understanding of the fundamental risks associated with a large investment and consumer bank. The role will entail considerable co-ordination and development of resources to meet the plan and will therefore also require strong people management and communication skills. As a member of the broader senior leadership of Internal Audit (IA), the incumbent is also responsible for contributing to the overall management and development of Citi\xe2\x80\x99s audit approach, to position Citi IA as the leading IA function in the financial services industry. Key Responsibilities:

• Technology Audit Plan: Design and implement an audit plan for the function that considers emerging and established technology risk; industry best practices and external frameworks (e.g., NIST, COBIT, SANS Top 20); regional and country-level technology regulatory requirements; and an end-to-end view of technology processes that cross business functions, geographies, and platforms.

• Internal Stakeholder Management: Develop and maintain strong working relationships with teams both within Operations & Technology Audit, as well as across IA Product and Functions teams globally. Leverage the feedback achieved from this to continually improve the definition and risk assessment of the audit universe as well as identify new and optimized ways of auditing the environment to maximize the insight achieved. Proactively interact with the associated first and second line of defense teams across Technology to provide credible challenge and positively influence Citi culture, ethical conduct, governance, risk management and control frameworks.

• Regulatory Relationship Management: As part of the broader Operations & Technology IA Leadership Team, contribute to managing IA\xe2\x80\x99s regulatory relationships resulting in constructive two-way dialogue, trust in the IA function and general reliance being placed on IA\xe2\x80\x99s work related to Citi Technology. Oversee the validation of regulatory issues while meeting timelines and regulatory intent.

• IA team: Attract, motivate and develop a highly effective, diverse, talented and trusted team. Work with other IA Chief Auditors to maximize the efficiency and effectiveness of IA resources, taking into consideration the experience and location of the team, as well as leveraging different audit approaches and best practice. Identify and develop talent, providing long-term career opportunities both within IA and across other parts of Citi.

Experience & Qualifications:

• Demonstrable technical technology experience, including that related to the design and operation of risk and controls frameworks associated with this, that preferably includes internal audit experience.
• Demonstrable product knowledge of Markets, Payments Infrastructures, Wealth Management and Consumer Banking areas, including the provision of technology services within these areas, and a broad experience of the management of regulatory requirements and associated regulatory interaction.
• Executive presence and expert in building and maintaining strong open relationships with executive stakeholders, working as a partner, exerting influence, and providing credible challenge in a constructive manner.
• Advanced understanding of culture, ethical conduct, governance, risk management and control frameworks in leading international organizations.
• Ability to quickly comprehend the full risk implications of complex global issues, escalate to the appropriate level and provide advice and on pragmatic commercial solutions.
• Thought leader in current and emerging technology and systems development best practices. Experienced in providing constructive, real-time risk and control feedback on large-scale technology implementations and ongoing operations (e.g. Private & Public Cloud infrastructures, Distributed Ledger technology, AI/ML technology, application and infrastructure architectures and technology governance)
• Outstanding performer, open minded, resilient, agile, energetic, self-starter, articulate and empathetic whilst being confident to deliver opinions to bring about positive outcomes.
• Strong leadership skills including a track record of identifying and developing world class talent. Experienced in leading large, dispersed professional teams.
• Educated to degree level or holder of a relevant professional qualification (e.g. CISA, CISSP, CCSP or other relevant technology certification).

Education:

• Bachelor\xe2\x80\x99s degree/University degree or equivalent experience
• Master\xe2\x80\x99s degree preferred.

Candidates applying for this role must be aware that it is a Certified Role, subject to the FCA and PRA Certification Regime. The Certification Regime is one element of the Individual Accountability Regime which came into effect on 7 March 2016. Under the Certification Regime, Citi UK regulated entities (Citi entities) must ensure that employees working in certain roles categorised as specified significant harm functions (Certified Roles) are assessed as fit and proper to carry out their role. Under the guidance provided by the FCA and PRA, firms should have regard to the following when assessing fitness and propriety:

• Honesty, integrity and reputation
• Financial soundness
• Competence and capability

In order to comply with the requirements of the Certification Regime, Citi entities must take reasonable care to ensure that an employee does not perform a Certified Role without first being certified as Fit and Proper. For this reason, you will be assessed for this role against the Fit and Proper requirements, as described above. This assessment will be carried out through extensive interviews, self-disclosures, permitted criminal record checks, regulated reference checks, credit checks and other background screening checks. - Job Family Group: Internal Audit - Job Family: Audit - Time Type: Full time - Citi is an equal opportunity and affirmative action employer. Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Citigroup Inc. and its subsidiaries ("Citi\xe2\x80\x9d) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi. View the "EEO is the Law" poster. View the EEO is the Law Supplement. View the EEO Policy Statement. View the Pay Transparency Posting