Citi Group Cloud Security Senior Analyst 

Hungary 

105023957

Responsibilities:

• Full end to end security assurance activities in GCP including Vulnerability Assessments (preproduction, post-production), Purple Team exercises (Red and Blue team collaboration) to identify areas of risk and ensure any gaps are documented and remediated.

• Provide threat modeling and risk assessment services to characterize the risk and severity posture of various systems and components in the cloud environment.

• Partner with Engineering and Operations teams to create, implement, and apply DevSecOps practices and processes that are consumed by developers across all sectors in Citi.

Qualifications:

• 5+ years of experience in a similar,offensive security relatedrole

• Offensive Security-oriented mindset (threat-modeling, vulnerability assessments, penetration testing, etc.).

• Hands-on experience with cloud platforms (GCP, AWS)

• Excellent understanding of cloud security concepts/best practices in various cloud Service Providers (for example: Azure/M365).

• Familiarity with the current threat landscape which GCP exists in. Understanding of recent breaches, APTs and common TTPs used to attack these platforms.

• Familiarity with securing containers and container orchestration frameworks (such as Kubernetes).

• Programming/scripting languages a plus (Python and PowerShell preferred, but not required).

• Ability to deliver presentations to technical and non-technical individuals.

• Fluency in English

Education:

• Bachelor's Degree or equivalent working experience

Nice to haves:

• Cloud security certifications: Azure Security Engineer Associate, Microsoft 365 Certified Security Administrator Associate, AWS Security Specialty, GCP Professional Cloud Security Engineer, etc.

• Container/Kubernetes certifications: CKA, CKAD, CKS, etc.

• Other security certifications: OSCP, OSCE, GXPN, GPEN, GCIH, GWAPT, etc.

Time Type:

View the " " poster. View the .

View the .

View the