Skip to main content



The health and safety of our colleagues and candidates for employment are our highest priority. Accordingly, Citi continues to monitor the COVID-19 situation closely. We have implemented precautionary measures across our firm globally, including conducting all candidate interviews virtually on a temporary basis until further notice where needed.

APAC CSC Cluster Information Security Officer

Job Req ID 22457097 Primary Location Mumbai, India Job Category Operations - Core
Apply Now

The CSC Information Security Officer oversees the execution of information security requirements, serves as an information security subject-matter expert for the  APAC Citi Service Centers (CSC) and act as a Deputy to the APAC CSC IS Cluster Lead. This role will support the CSCs and work closely with Business, Operations & Technology teams, Citi Technology Infrastructure and the overall ISO community to oversee and monitor adherence with Citi IS Policy and Standards, manage risk and provide Business advise on Information Security, Insider Threat, Cross Border Data Flows/Governance and Third Party Risk.

Reports to the APAC CSC IS Cluster Lead                                                               

Key Responsibilities

  • Support businesses and functions in maintaining the confidentiality, integrity, and availability of Citi’s information resources and assets.
  • Partner with business and technology stakeholders to ensure Citi’s people, processes, and technologies comply with Citi’s IS policies and standards.
  • Assist the businesses and functions with assigning the Citi Information Classification and Data Privacy Indicator to resources in Citi System Inventory (CSI).
  • Facilitate the timely completion of required Information Security Risk Assessments.
  • Oversee the establishment and approval of Information Security Corrective Action Plans (CAPs) and /or Risk Exceptions (REs) prepared by issue owners.
  • Serve as a contact for Citi workers to report suspected or actual breach of confidentiality, integrity, or availability of Citi Information. ISOs document and report Information Security Incidents (SIRT) to Citi's Security Incident Management (SIM) Team.
  • Report key IS risks to business stakeholders, and ensure they are accountable for IS controls, risk mitigation, and remediation activities.
  • Manage IS risk by analyzing the root cause of issues, their impact to technology, and the required corrective actions.

Key Activities

  • Advise the business of the appropriate controls for safeguarding sensitive information based on Citi’s IS classification standards and the IS risks inherent and/or affecting the information assets
  • Drive constructive procedural changes to ensure effective risk-based implementation of IS requirements.
  • Work with the business to manage IS risk by analyzing the root cause of threats, likelihood and impact of issues, and then support the business in implementing the required controls.
  • Document security incidents (SIRTs) and assist security incident response investigators as instructed.
  • Oversee completion of entitlement reviews and support the EERS Review QA process.
  • Ensure remediation of identified non-compliant issues are documented and/or addressed.
  • Review Corrective Action Plans (CAPs) documented by CAP and issue owners for all IS-related gaps and ensure adequate mitigation prior to submitting issues for closure.
  • Generate and present business specific IS metrics and reports.


  • Solid risk management skills including management of third party, data protection and Information Security knowledge
  • Knowledge of key government regulations and local laws
  • Excellent consulting and problem solving skills
  • Able to convey ideas, advice and resolution options to enable business to senior management and staff
  • IT technical knowledge with a business acumen to be able to engage both business and technology teams.
  • Able to work with senior business management to implement IS strategy.
  • Industry certifications: either one of CISA/CISSP/CISM preferred; the successful candidate will be expected to obtain an IS industry certification if not already held
  • Degree: at least a Bachelors’ degree in either Computer Science/Engineering/Business/Finance; Masters’ degree a plus
  • At least 6 years of professional information security and / or technology risk management experience

Other Requirements

  • Excellent consulting and problem-solving/analytical skills.
  • Advanced presentation skills and program management
  • Good business communication skills
  • Team-player, proactive, assertive, service-oriented and has good people-skills.
  • Proven ability to manage multiple tasks and priorities.
  • Ability to manage tight time frames and communicate effectively with peers and management.
  • Flexibility to adapt to changing demands and priorities.

This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.


Job Family Group:

Operations - Core


Job Family:

Operations Support


Time Type:

Full time


Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View the "EEO is the Law" poster. View the EEO is the Law Supplement.

View the EEO Policy Statement.

View the Pay Transparency Posting

Apply Now
  • Join our team
    of 220,000+
    strong diverse employees

  • Socially minded employees volunteering in communities across 90 countries

  • Meaningful career opportunities thanks to a physical presence in over 95 markets

We foster a culture that embraces all individuals and encourages diverse perspectives, where you can make an impact and grow your career. At Citi, we value colleagues that demonstrate high professional standards, a strong sense of integrity and generosity, intellectual curiosity, and rigor. We recognize the importance of owning your career, with the commitment that if you do, we promise to meet you more than half way.

Saved Jobs

You have no saved jobs

Previously Viewed Jobs

You have no viewed jobs