Senior Vice President, Cyber Architect
6460 LAS COLINAS BLVD IRVING
Full Time Senior-level / Expert USD 156K - 234K
Citi
Citi is a leading global bank for institutions with cross-border needs, a global provider in wealth management and a U.S. personal bank.Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments, and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management.
As a bank with a brain and a soul, Citi creates economic value that is systemically responsible and in our clients’ best interests. As a financial institution that touches every region of the world and every sector that shapes your daily life, our Enterprise Operations & Technology teams are charged with a mission that rivals any large tech company. Our technology solutions are the foundations of everything we do from keeping the bank safe, managing global resources, and providing the technical tools our workers need to be successful to designing our digital architecture and ensuring our platforms provide a first-class customer experience. We reimagine client and partner experiences to deliver excellence through secure, reliable, and efficient services.
Our commitment to diversity includes a workforce that represents the clients we serve from all walks of life, backgrounds, and origins. We foster an environment where the best people want to work. We value and demand respect for others, promote individuals based on merit, and ensure opportunities for personal development are widely available to all. Ideal candidates are innovators with well-rounded backgrounds who bring their authentic selves to work and complement our culture of delivering results with pride. If you are a problem solver who seeks passion in your work, come join us. We’ll enable growth and progress together.
The Cyber Architect is a senior-level CISO professional, and this position supports the Global Functions and Technology business. The Cyber architect works as a trusted security advisor to the Application Development and Engineering teams to ensure solutions are developed in line with security requirements, architecture principals as well as policy/standards, and facilitate security-related discussions. The Cyber architect will engage with stakeholders throughout the system development lifecycle to ensure proper technology information security risk considerations are addressed at each phase of the system development life cycle and provide proactive solutions to remediate or mitigate risk. The individual should demonstrate an understanding of application security and will exercise judgment within existing practices and policies.
You will join an experienced team of IS specialists that have been tasked with performing Is assessments including threat modeling and proposing technical controls for our business-critical applications. You will work on some of the most cutting-edge technologies and provide value by solving real world problems. Your key stakeholders will be application development teams, product, the CISO, Risk and Control partners.
Excellent communication skills required in order to negotiate internally, often at a senior level. Developed communication and diplomacy skills are required in order to guide, influence and convince others, in particular colleagues in other areas and occasional external customers. Accountable for significant direct business results or authoritative advice regarding the operations of the business. Necessitates a degree of responsibility over technical strategy. Primarily affects a sub-function. Responsible for handling staff management issues, including resource management and allocation of work within the team/project.
Responsibilities:
- Provides architectural vision for all IT systems, including those that support Internet applications, ensuring that architecture conforms to enterprise blueprints.
- Develops security architecture, strategy, planning, and problem solving IT solutions including emerging technologies for processing data on prem, and cloud.
- Perform security architecture and risk assessment of internally developed, and vendor IT systems and applications leveraging best practices including threat modelling. Ensure that security design and controls are consistent with organization's security architecture principals.
- Develop strategies and security controls for above, and partner with IT architecture/development stakeholders to implement during early in system development life cycle.
- Ensure that security architectures are resilient, reliable, and scalable.
- Provide security recommendations including automated controls, security configurations and advise on strategies as well as compensating controls to manage risk to acceptable tolerance levels.
- Perform root cause analysis, identify thematic security architecture improvements, and create security patterns as well as frameworks that can accelerate faster secure delivery of products to market.
- Ensure compliance of IT systems with Citi information security policies, standards, and processes.
- Shape Global Information Security policies, standards, and program leveraging subject matter knowledge, as well as industry partnerships.
- Establish relationships with cross-functional areas including Business, Technology, and Compliance stakeholders and serve as a security subject-matter expert.
- Promote awareness and provide consistent interpretation of security policy to technology and business teams.
- Interfaces across several channels, acting as a visionary to proactively assist in defining direction for future projects.
- Maintains continuous awareness of business, technical, and infrastructure issues and acts as a sounding board or consultant to aid in the development of creative solutions.
- Interfaces with vendors to assess their technology and to guide their product roadmap based on Citi requirements.
- Exhibits in-depth knowledge of how own specialism contributes to the business and has a good understanding of the commercial environment.
- Impacts the technology function through contribution to technical direction and strategic decisions.
- Uses developed communication skills to negotiate and often at higher levels.
- Performs other job duties and functions as assigned
- Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.
Qualifications:
- Sound understanding of Information security domains such as Identity access management, Cryptography, Data protection, Vulnerability Assessment, Audit Logging/Monitoring, etc.
- 10+ years as Security Architect assessing IT infrastructure, applications and vendor SaaS solutions is required.
- Proficiency with security frameworks and standards (e.g. TOGAF, SABSA, MITRE ATT&ACK, NIST 800-53, ISO 27001),
- Threat modelling using industry standard methodologies (e.g. STRIDE/DREAD/MITRE) is must
- Experience developing Reference Security Architecture and Design Patterns to support proactive and automated controls.
- Sound understanding and security architecture/engineering experience with one or more IT systems such as
- Cloud (e.g. AWS/GCP/Azure/Oracle)
- Containerization and Virtualization technologies such as Kubernetes ( OpenShift, AWS EKS, Google GKS), Service Mesh ( Istio ), Kubevirt and VMWare
- Firewall, Network Security, Software Defined Networks, CASB, SASE and Micro segmentation.
- Middleware and Webserver technologies such as IBM Websphere, Tomcat, Apache Webserver, IIS and NGINX
- API Gateway technologies such as Apigee Edge, Kong and AWS API Gateway.
- Enterprise scale Web and Mobile applications
- Authentication security patterns involving OpenID connect, Oauth, SAML, Kerberos specifications in hybrid environment.
- Infrastructure as Code (IaC) for automation. Experience with IaC products/tools such Terraform, Chef and Ansible.
- Good knowledge of software development processes (SLDC/Agile/Iterative/DevOps)
- Software development experience is a plus
- Strong inter personnel skills and ability to influence outcomes in the collaborative environment.
- Strong communication skills interacting with senior technology and business management.
- Consistently demonstrates clear and concise written and verbal communication
- Management and prioritization skills
- Ability to manage multiple activities and changing priorities
- Ability to work under pressure and to meet tight deadlines
- Self-starter with ability to take the initiative and master new tasks quickly
- Methodical, attention to detail
Education:
- Bachelor’s/University degree or equivalent experience, potentially Masters degree
Certifications:
- Industry standard security certifications is plus (e.g. ISACA, ISC2, CSPs)
This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.
------------------------------------------------------
Job Family Group:
Technology------------------------------------------------------
Job Family:
Architecture------------------------------------------------------
Time Type:
Full time------------------------------------------------------
Primary Location:
Irving Texas United States------------------------------------------------------
Primary Location Full Time Salary Range:
$156,160.00 - $234,240.00
In addition to salary, Citi’s offerings may also include, for eligible employees, discretionary and formulaic incentive and retention awards. Citi offers competitive employee benefits, including: medical, dental & vision coverage; 401(k); life, accident, and disability insurance; and wellness programs. Citi also offers paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays. For additional information regarding Citi employee benefits, please visit citibenefits.com. Available offerings may vary by jurisdiction, job level, and date of hire.
------------------------------------------------------
Anticipated Posting Close Date:
Nov 07, 2024------------------------------------------------------
Citi is an equal opportunity and affirmative action employer.
Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.
View the "EEO is the Law" poster. View the EEO is the Law Supplement.
View the EEO Policy Statement.
View the Pay Transparency Posting
Tags: Agile Ansible API Gateway APIs Application security Automation AWS Azure Banking CASB CISO Cloud Compliance Cryptography DevOps Firewalls GCP ISACA ISO 27001 IT infrastructure Kerberos Kubernetes Monitoring Network security Nginx NIST NIST 800-53 OpenID Oracle Risk assessment SaaS SAML SASE Strategy Terraform TOGAF Tomcat VMware
Perks/benefits: Career development Competitive pay Health care Insurance Medical leave Startup environment Transparency Wellness
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.