A Cyber Architect (CA) is required to assess and manage technology risks and provide compliance guidance per Citi IS and application security standards and provide support to Technology Development Units in their internal and public solution implementations. The role involves understanding business objectives, identifying potential security risks, and creating robust security frameworks to mitigate these risks.
Responsibilities
Key responsibilities for this role will be:
- Engage in the initial requirements definition (including analysis of threats and risks and alignment with Citi IS and Architecture standards) for internal and publicly facing applications supporting the Markets organization.
- Work with enterprise Cloud security team in design and development of security guardrails for secure deployment of applications in internal and public Cloud
- Conduct threat modeling and architecture risk analysis, for Citi hosted efforts as well as for Cloud deployment projects, to ensure security gaps are identified during the design and recommend remediation actions.
- Help to assign risk associated with threats and architecture design elements being reviewed.
- Help plan the resolution of any identified vulnerabilities/issues and help govern them for closure
- Security review of applications including responsibility for driving requirements definition and risk analysis
- Facilitate and support threat/architecture reviews and scenario analysis/red team exercises
- Provide SME support to projects and programs
- Reduce risk by analyzing the root cause of issues, their impact, and required corrective actions
Qualifications
As Cyber Security Architect, you will review our most critical applications and their technology stack from top to bottom. Therefore, we require in depth subject matter expert knowledge of application security, with thorough understanding of infrastructure and network Security.
- 10+ years of relevant experience
- Proven experience as Security Architect or Application Architect with Security knowledge is preferred
- Ideally candidate who has worked for a similar organization, with 5+ years of experience as application security consultant / penetration tester / security architect, with focus on secure deployment of Cloud strategy.
- Must have SME level knowledge of designing and implementing security guardrails for deploying applications in public Cloud environment.
- In depth understanding of public Cloud and application architectures and technologies
- Thorough understanding of industry and corporate technology standards for Information and Application Security
- Strong knowledge of software development/deployment methodologies
- Strong understanding of information security and risk analysis processes, including threat modeling.
- Industry certification such as CISSP, CCSP, and other vendor certification are highly preferred
Education:
- Bachelor’s degree/University degree or equivalent experience
- Master’s degree preferred
This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.
Full timeTampa Florida United States$113,840.00 - $170,760.00
Anticipated Posting Close Date:
Sep 17, 2024View the " " poster. View the .
View the .
View the