Skip to main content



The health and safety of our colleagues and candidates for employment are our highest priority. Accordingly, Citi continues to monitor the COVID-19 situation closely. We have implemented precautionary measures across our firm globally, including conducting all candidate interviews virtually on a temporary basis until further notice where needed.

Technology/Cyber Operational Risk; Director – Head of Enterprise Technology Architecture & Engineering Risk

Job Req ID 22526692 Location(s) New York, New York Job Category Risk Management
Apply Now

Job Description
The Operational Risk Management (ORM) Group at Citi is the firms reliable second set of eyes. Our mission is to drive comprehensive and consistent practices designed to identify, measure, monitor, report and manage operational risks while promoting the implementation of actions to address root causes which may lead to unintended operational losses. The ORM Enterprise Technology and Cyber Risk (ETCR) group provides the specialist subject matter experts to challenge Enterprise, Infrastructure, Operations and Technology entities across the firm. We are the technology and cyber conscious of the bank. In line with the ORM framework, we aim to ensure that the internal controls that are designed to mitigate technology and cyber risks are managed, mitigated, and aligned with our risk appetite.

Reporting into the Global Head of Enterprise Tech/Cyber Architecture & Engineering Risk, the Head of Technology Architecture & Engineering Risk will be providing leadership with oversight for enterprise technology Risk. 

Ideal candidate will be strategic, proven leader, strong technically, provide thought leadership, having strong industry engagement, and strong relationship builder that can influence and challenge effectively; will have experience with building and maintain teams, providing guidance and mentorship.

The following highlight the coverage area responsibilities for this position:
•    Provide leadership to the Second Line influence and challenge of enterprise technology architecture and engineering programs including Enterprise Architecture, Cloud, Enterprise infrastructure, inventory, SDLC, Tech Policies and Standards, and any other enterprise technology architecture and engineering activity. Ability to identify aggregate technology risk across the enterprise.
•    Oversight of the establishment and implementation of architecture, standards and frameworks as prescribed through the Chief Technology Office.
•    Oversight of the enterprise Operations & Technology including the review of the standards and programs across the enterprise, and oversight of entire enterprise technology portfolio
•    Influence, and challenge on emerging technologies including Artificial Intelligence/Machine Learning, and Digital Ledger Technology
•    Actively engaged in the industry on latest in Technology Risk, and Emerging Operational Risks. 
•    Oversight of planning, and implementation of enterprise Public Cloud program including governance, SDLC, controls, and implementation
•    Provide oversight, Influence and challenge as the organization implements the Transformation program
•    Oversight of the establishment and implementation of SDLC and it’s automation.
•    Oversight of the planning, delivery, and governance of enterprise Inventory Data and Enterprise Application Services including standards, governance, data modeling and other technical specs, APIs, and developer experience.
•    Oversight of the delivery and performance of enterprise technology infrastructure solutions, including the standards and governance for safe adoption and leverage of cloud solutions
•    Able to present and lead discussions with key Regulators, internal and external auditors, as well the Risk and Audit sub-committees.
Building upon Citi’s Operational Risk Management Framework, this Director position will have responsibility to perform independent assessment of technology and other operational inherent risks in Citi’s infrastructure and security programs and services and reviewing the acceptability of residual risk.
Working with colleagues in Risk, as well as technology, business and other control functions, the Head of Enterprise Technology Architecture & Engineering Risk will contribute to the following:
•    Governance and Oversight of technology risk while supporting the development of policy and standards; oversight of Key Operational Risks; challenge risk self-assessments and scenario analysis; issue management oversight and escalations. 
•    Advise on best practices leveraging expertise and industry insights

Additional responsibilities include:
•    Participation in various enterprise councils including Enterprise Architecture Council and Data Architecture Council.
•    Manage Emerging Operational Risks process and it’s tracking 
•    Development of Position Papers to facilitate the establishment of key principles for governing and execution. 
•    Evaluate the design of controls and help technology and business managers understand the impact of control weaknesses to their service delivery capability.
•    Review and challenge coverage area appropriately consider significant operational risk in their Management Control Assessments (MCAs).
•    Evaluate the extent to which Citi follows internal and external control standards, as well as regulatory and audit requirements.
•    Review of the performance of universal key indicators and other metrics in support of the Technology and Cyber Risk Appetite Statements.
•    Coordinate with Operational Risk Management partners, and provide technology risk SME guidance

Knowledge /Experience
The Head of Enterprise Technology Architecture & Engineering Risk will be an acknowledged thought leader in technology risk management with over 15 years of technical experience in technology, team management, infrastructure, and emerging technologies with globally complex, dispersed, and diverse organizations.

This individual should have the following experience and skills:
•    Strong knowledge of enterprise technologies and associated risks
•    Effectively lead a strong team of technology risk and control professionals
•    Knowledge of full system, software, and security development lifecycle.
•    Experience with the management and oversight of technology infrastructure components such as Network, servers, databases, and data center design and operations.
•    Strong knowledge of risks with emerging technologies, such as AI/ML, and Blockchain
•    Knowledge of Information Security and Cyber security controls, technologies, operations, and operational response processes.
•    Knowledge of Cloud security and controls, including secure design patterns and governance
•    Experience with reviewing and evaluating Enterprise technology architecture design and solutions to include reviewing the people, process, and technology components.
•    Knowledge of the risks and underlying controls that support the integration, testing and support to business application and services, to include ATMs, Payment Systems, Mobile Applications, and Banking applications.
•    Working familiarity with data warehousing and big data environments.
•    Strong analytical and problem-solving skills
•    Experience presenting to Executive Committees and other senior forums

Strong Leadership Skills:
•    Provides leadership in risk identification, key risk indicator identification, and risk mitigation strategies in the domain of technology management.
•    Engages business and technology managers to identify key control indicators and maintain effective and efficient continuous control monitoring processes.
•    Strong analytical and problem-solving skills.
•    Excellent communication and presentation skills


Job Family Group:

Risk Management


Job Family:

Operational Risk


Time Type:

Full time


Primary Location:

New York New York United States


Primary Location Salary Range:

$170,000.00 - $300,000.00


Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View the "EEO is the Law" poster. View the EEO is the Law Supplement.

View the EEO Policy Statement.

View the Pay Transparency Posting


Effective November 1, 2021, Citi requires that all successful applicants for positions located in the United States or Puerto Rico be fully vaccinated against COVID-19 as a condition of employment and provide proof of such vaccination prior to commencement of employment.

Apply Now
  • Join our team
    of 220,000+
    strong diverse employees

  • Socially minded employees volunteering in communities across 90 countries

  • Meaningful career opportunities thanks to a physical presence in over 95 markets

We foster a culture that embraces all individuals and encourages diverse perspectives, where you can make an impact and grow your career. At Citi, we value colleagues that demonstrate high professional standards, a strong sense of integrity and generosity, intellectual curiosity, and rigor. We recognize the importance of owning your career, with the commitment that if you do, we promise to meet you more than half way.

Saved Jobs

You have no saved jobs

Previously Viewed Jobs

You have no viewed jobs