Asia Cyber Security Operations Lead (Director)

Job Summary

Citigroup seeks an experienced, proactive, and innovative Asia Cybersecurity Operations (CSO) Cluster Lead, representing Japan, Japan, Australia (JANA) and Asia South. This role will be a peer to the Deputy Fusion Center Head and will support the overall cybersecurity posture of the firm by leading efforts across Security Operations Centers, Offensive Security, Vulnerability Management, and the Cyber Fusion Center. This role will contribute to protecting the firm, its customers, and partners from sophisticated global cyber threats, assisting in leading operational excellence, fostering customer focus, and supporting large-scale cyber and digital transformations across the cluster.

Key Responsibilities

The Asia Cybersecurity Operations Cluster Lead will assist and, in some cases, directly manage and optimize key Cybersecurity operational capabilities under the guidance of the Global Head of Cyber Fusion and relevant regional leadership, including:

• Cybersecurity Operations Cluster Leadership: Contribute to and manage aspects of Cybersecurity Incident Response and Crisis Management within the JANA and Asia South regions.
• Oversee Hunting Operations and Threat Defense initiatives to proactively identify and neutralize threats.
• Lead and manage Penetration Testing, Vulnerability Management, and Red Team activities within the cluster.
• Support Third-party incident response and management processes.
• Assist in Critical Vulnerability response and remediation initiatives.
• Participate in and lead specific Cyber Exercises Program activities.
• Contribute to Cyber Threat Intelligence efforts and analysis.
• Support Cyber Data Analytics and reporting for regional operations.
• Assist in the development and implementation of Cybersecurity risk mitigation programs.

Strategic Support

Pro-actively support the Global Head in evolving the Cyber Fusion function and other cybersecurity operational capabilities, contributing to the development and implementation of a comprehensive strategy aligned with Citigroup's business enablement & efficiency objectives and security posture within the JANA and Asia South regions. Help foster a culture of innovation, collaboration, and continuous improvement within the team.

Transformation and Innovation

Assist in driving large-scale cyber transformations, leveraging industry best practices and emerging technologies to enhance the firmwide security posture. Support the adoption of innovative solutions to address evolving threats.

Collaboration and Alignment

Communicate effectively with relevant stakeholders, providing updates on cyber events and incidents, threat landscape, and Cybersecurity performance as directed, both regionally and globally.

Qualifications

• Experience: 15+ years of experience in cybersecurity and financial services, with demonstrated leadership experience within security operations or similar functions.
• Track Record: Proven track record of contributing to and managing security operations and supporting transformative change.
• Technical Acumen: Strong understanding of the cyber threat landscape, attack vectors, and mitigation strategies. Expertise in aspects of Security Operations Centers (SOC), Incident Response, Hunting Operations, Threat Defense, Penetration Testing, Vulnerability Management, Red Team operations, threat intelligence, and cybersecurity models.
• Skills: Strong communication, interpersonal, and team collaboration skills, with the ability to operate effectively across diverse regional cultures.
• Work Environment: Ability to work effectively in a fast-paced, high-pressure environment.

Skills Profile

Leadership & Strategic Vision:

• Cybersecurity Leadership: Demonstrated ability to lead and motivate cybersecurity teams, manage projects, and contribute to strategic direction under pressure across multiple functions (SOC, Offensive Security, VM, Fusion Center).
• Strategic Thinking: Capacity to assist in developing and implementing comprehensive Cybersecurity strategy aligned with business objectives and industry best practices across the JANA and Asia South regions.
• Transformation & Innovation: Experience supporting large-scale cyber and digital transformations, fostering a culture of innovation and continuous improvement.
• Communication: Effective communication and interpersonal skills, including presenting to various stakeholders on cybersecurity incidents and emerging threats.
• Mentorship & Talent Development: Ability to mentor, coach, and develop cybersecurity talent within assigned teams or initiatives.

Cybersecurity Operations Expertise:

• Incident Response & Crisis Leadership: Experience supporting complex incident response and crisis management activities, demonstrating decisive decision-making and effective communication in high-stakes situations. This includes experience with third-party incident management and critical vulnerability response.
• Hunting Operations & Threat Defense: Demonstrated experience in proactively searching for and responding to threats, and implementing defensive strategies.
• Penetration Testing & Red Team Operations: Strong understanding and experience with offensive security methodologies, including planning and executing penetration tests and red team engagements.
• Vulnerability Management: Expertise in managing vulnerabilities, including identification, assessment, prioritization, and remediation strategies.
• Threat Intelligence & Analytics: Strong understanding of cyber threat intelligence principles and practices, including experience with threat intelligence platforms and cyber data analytics.
• Security Operations: Expertise in security operations methodologies, technologies, and best practices, including experience with SIEM, SOAR, EDR, and other leading security tools.
• Insider Threat & Compliance: Knowledge of insider threat programs and global compliance monitoring frameworks.

Technical Acumen & Innovation:

• Emerging Technologies: Familiarity with emerging security technologies, including ML/AI-driven security solutions, and the ability to evaluate and implement innovative solutions.
• Cloud Security: Experience with cloud security best practices and technologies.
• Digital Transformation: Understanding of digital transformation principles and how they impact cybersecurity strategy and operations.

Collaboration & Partnership:

• Cross-Functional Collaboration: Proven ability to collaborate effectively with diverse stakeholders, including technology teams, business functions, and management across different regions.
• External Partnerships: Experience supporting relationships with external partners, including industry peers, vendors, and government agencies.

Key skills/competency

• Cybersecurity Operations
• Incident Response
• Vulnerability Management
• Threat Intelligence
• Penetration Testing
• Security Operations Center (SOC)
• Red Team Operations
• Cyber Fusion Center
• Risk Mitigation
• Information Security