Cyber Security Architect (VP)

The Cyber Security Architect is an intermediate level position responsible for driving efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy.

Responsibilities:

• Plan, research, and design security architecture for IT systems and applications (internally developed as well as vendor supplied) for processing multiple classification levels of data on prem, and cloud.
• Determine the security controls for above, document appropriately and partner with IT architecture/development stakeholders to implement during early in system development life cycle
• Perform security architecture and risk assessment of internally developed or acquired IT systems and applications using best practices including threat modelling. Ensure that security design and controls are consistent with organization's security architecture principals.
• Provide security recommendations including automated controls, configurations on projects, processes, risk exceptions, corrective action plans, and risk reduction initiatives
• Collaborate with the internal and external technology teams to drive the development of strategies and plans for improving both architecture and application security
• Establish relationships with cross-functional areas including Business, Technology, and Compliance stakeholders and serve as a SECURITY subject-matter expert
• Manage risk by analyzing the root cause of security issues, determining compensating controls, and driving remediation
• Support Global Information Security policies, standards, and initiatives development and implementation by representing in different Citi action groups such as Delegated Action Groups (DAG).

Qualifications:

• Additional technical certifications are preferred
• Demonstrated ability to research and apply current information regarding the IS field
• Consistently demonstrates clear and concise written and verbal communication
• Proven analytical skills
• Threat modelling using industry standard methodologies (e.g. STRIDE/DREAD) Experience developing Reference Security Architecture and Design Patterns to support proactive and automated controls
• Security architecture assessments for one or more IT systems such as Web, Mobile, APIs/Microservices, Cloud (AWS/GCP/Azure/Oracle)
• Strong knowledge of security for applications related to authentication / authorization, data protection, session management, data validation, and end point protections.

What we’ll provide you:

• 27 days annual leave (plus bank holidays)
• A discretional annual performance related bonus
• Private Medical Care & Life Insurance
• Employee Assistance Program
• Pension Plan
• Paid Parental Leave
• Special discounts for employees, family, and friends
• Access to an array of learning and development resources

Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law.

If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi. View Citi’s EEO Policy Statement and the Know Your Rights poster.