Who ❤️ PJ →

Full Search

This job listing has expired and may no longer be relevant!
11 May 2021

Full-Time Senior Cloud Security Architect (SVP) 21256147

Citi – Posted by ccorrale97 Anywhere

Job Description

Cloud Application Security Architect will be part of CITI’s Chief Information Security Organization (CISO). This role is an individual contributor who will be responsible for Security Architecture and Threat modeling, which includes governance, public cloud services, technical evaluation, and security reviews for Citi’s Public Cloud Providers.

This position requires close collaboration and partnership with Engineering, Information Security, Program Management, and Development organizations. The candidate will perform technical architecture review to determine where security can be, to identify threats that can be exploited, and prescribe how to mitigate those threats.

The goal of the CISO Public Cloud Security Engineering team is to enable adoption of cloud security practice through secure solutions and methodologies, improving the security posture of public cloud infrastructure, and streamlining cloud adoption while complying with standards and regulations. The responsibilities include:

• Act as a security advisor to developers, architects, engineers, security engineers and other stakeholders to ensure we design confidentiality, integrity, resiliency, and privacy into cloud platform.
• Create security specifications, develop processes and evaluate tools for the secure adoption of cloud services (AWS, GCP, Azure)
• Oversee cloud related projects to ensure appropriate usage of Public Cloud Services and security methodologies used.
• Drive adoption of embedded cloud security controls as part of the Software Development Life Cycle (SDLC) in agile methodology, including automated tools.
• Develop and improve threat model process and continuously improve towards optimal delivery
• Evaluate 3-rd party Cloud services, systems, tools and solutions.
• Collaborate with line of business development organizations as well as security engineering and testing teams in a leadership and advisory role.
• Work with standardization and regulatory frameworks such as NIST, Cloud Security Alliance, COSO, SOC 2, FIDO, etc.
• Ability to explain technical jargon to non-technical business partners.
• Solid understanding of basic application security vulnerabilities (OWASP top 10) and countermeasures to reduce related risks.
• Strong knowledge and experience Threat Modeling, utilizing any Risk Methodology

Qualifications:
• Bachelor’s (Information Security/Computer Science/Electronics and Engineering/Information Technology), or equivalent work experience
• 7+ years of experience in information security or information technology management, and 3+ years of experience in Cloud Security Architecture
• Excellent problem-solving abilities and analytical skills. Ability to see the big picture with high attention to critical details
• Strong work ethic with excellent use of discretion and judgment
• Ability to work across lines of business to lead threat modeling teams
• Works in DevSecOps environment using Atlassian work suite (Jira, Confluence)
• Ability to work under pressure, meet challenging deadlines
• Demonstrated ability to work effectively both as part of a team and independently
• Effective communicator; has excellent writing and verbal skills
• Has the ability to influence others and shape the desired outcome in areas outside of direct control
• Demonstrated ability to develop and implement process improvement initiatives.
• Generalist with a technical background in IAM, Logging, operating systems, middleware, security technologies, and network architectures
• Direct hands-on experience in securing public cloud providers, such as Amazon AWS, Azure, and GCP
• Working knowledge of Agile, SAFe, or DevSecOps
• Working knowledge of GIT, JIRA, Jenkins, CloudFormation, Terraform, and other Agile CI/CD tooling

Preferred Qualifications:
• Professional Security Certifications: CISSP, CCSP, CISA, CISM, ITIL
• Cloud Computing certifications such as CCSK, AWS, Azure, and GCP a plus
• Strong knowledge of industry standards as they relate to Cloud and Application security management to include ISO, NIST, and Cloud Security Alliance (CSA)
• Exposure to agile development, DevOps, SecOps and scrum teams
• Hands-on-experience with cloud security designs on AWS, GCP or Azure
• Development experience (python, Node)
• Strong desire to learn and contribute solutions and ideas to broader team

Leadership Qualities:
• Self-motivated with the ability to work independently and as a team member with minimal direction
• Ability to provide effective leadership and subject matter expertise in Information Security topics to senior management, technology and business partners
• Employ influencing skills to obtain buy-in and participation from various groups and stakeholders without direct control
• Build and maintain collaborative relationships with partners, clients and peers
• Ability to communicate effectively at different levels of the organization, and with various technical and business audiences
• Excellent problem solving abilities and analytical skills. Ability to see the big picture with high attention to critical details
• Dedicated and self-driven desire to research current information security landscape
• Excellent organizational, interpersonal, and project management skills
• Excellent communication skills both written and oral
• Record of accomplishment in managing work to achieve milestones on global projects on time and within budget in a fast-paced environment

————————————————-

Job Family Group:

Technology————————————————-

Job Family:

Systems & Engineering——————————————————

Time Type:

——————————————————

Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries (“Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View the “EEO is the Law” poster. View the EEO is the Law Supplement.

View the EEO Policy Statement.

View the Pay Transparency Posting

Share this role online (there may be a referral fee*)

How to Apply

https://jobs.citi.com/job/new-york/security-architect-threat-modeling-svp/287/7538899872

Job Types: Full-Time.

380 total views, 0 today

Apply for this Job