Job Description

The ICG Technology Information Security Team is responsible for managing IS risk and providing controls and compliance guidance and support to Technology Development Units by ensuring compliance with Citi IS standards, policies, and procedures. The team needs to expand its capability to ensure secure deployment and adoption of internal and public Cloud for their applications and infrastructure with the required security guardrails. The CSA will have strong technical acumen and should establish strong foundation with secure design blueprints for Cloud deployment, working with application managers, domain architects, Cloud security and corporate IS teams and other disciplines. You will join an elite team of some of the smartest minds in the business that have been tasked with designing and deploying security guardrails for secure deployment and adoption of public Cloud to ensure that they are highly resilient from Internet-borne threats. You will work on some of the most cutting edge technologies and provide value by solving real world problems that our industry as a whole is facing. Your key stakeholders will be Cloud security domain architects, application development teams, our internal vulnerability assessment teams and the IS organization as a whole.

Responsibilities

Key responsibilities for this role will be

• Engage in the initial requirements definition (including analysis of threats and risks and alignment with Citi IS and Architecture standards) for internal and public Cloud usage
• Work with enterprise Cloud security team in design and development of security guardrails for secure deployment of applications in internal and public Cloud
• Conduct threat modeling and architecture risk analysis, for Cloud deployment projects, to ensure security gaps are identified during the design and recommend remediation actions.
• Plan the resolution of any identified vulnerabilities/issues and govern them for closure
• Security review of applications including responsibility for driving requirements definition and risk analysis
• Facilitate and support threat/architecture reviews and scenario analysis/red team exercises
• Provide SME support to projects and programs
• Reduce risk by analyzing the root cause of issues, their impact, and required corrective actions

Qualifications

As Cloud Security Architect, you will review our most critical applications and their technology stack from top to bottom. Therefore, we require in depth subject matter expert knowledge of application security, with thorough understanding of infrastructure and network security in context of Cloud deployment.

• 10+ years of relevant experience
• Proven experience as Security Architect or Application Architect with Security knowledge is preferred
• Ideally candidate who has worked for a similar organization, with 5+ years of experience as application security consultant / penetration tester / security architect, with focus on secure deployment of Cloud strategy.
• Must have SME level knowledge of designing and implementing security guardrails for deploying applications in public Cloud environment.
• In depth understanding of public Cloud and application architectures and technologies
• Thorough understanding of industry and corporate technology standards for Information and Application Security
• Strong knowledge of software development/deployment methodologies in public Cloud environments
• Strong understanding of information security and risk analysis processes, including threat modeling.
• Industry certification such as CISSP, CCSP, and other vendor certification are highly preferred

————————————————-

Job Family Group:

Technology

————————————————-

Job Family:

Information Security

——————————————————

Time Type:

Full time

——————————————————

Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries (“Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View the “EEO is the Law” poster. View the EEO is the Law Supplement.

View the EEO Policy Statement.

View the Pay Transparency Posting

How to Apply

Job Types: Full-Time.

491 total views, 0 today

Apply for this Job