Cloud/Web Application Security Architect (Vp)

Citigroup Inc. Tampa , FL 33602

Posted 2 months ago

  • Primary Location: United States,Florida,Tampa

  • Education: Bachelor's Degree

  • Job Function: Technology

  • Schedule: Full-time

  • Shift: Day Job

  • Employee Status: Regular

  • Travel Time: Yes, 10 % of the Time

  • Job ID: 19007855


An Application Security Architect (ASA) is required to assess and manage technology risks and provide compliance guidance per Citi IS and application security standards and provide support to Technology Development Units in their development Lifecycle.

The ICG Technology Information Security Team is responsible for managing IS risk and providing controls and compliance guidance and support to Technology Development Units by ensuring compliance with Citi IS standards, policies, and procedures, liaising with corporate IS and driving secure SDLC initiative for ICG sector. The team needs to expand its capability to ensure security requirements are assessed for Cloud projects and architecture/design of the hybrid Cloud usage incorporates required security measures.

The ASA will have strong technical acumen and should establish relationships with application managers, domain architects, project managers and corporate IS and other disciplines. You will join an elite team of some of the smartest minds in the business that have been tasked with performing threat modeling exercises and proposing technical controls for our top most critical applications to ensure that they are highly resilient from Internet-borne threats. You will work on some of the most cutting edge technologies and provide value by solving real world problems that our industry as a whole is facing. Your key stakeholders will be application development teams, our internal vulnerability assessment teams and the IS organization as a whole.


  • Engage in the initial requirements definition for Cloud projects (including analysis of threats and risks and alignment with Citi IS and Architecture standards)

  • Conduct threat modeling and architecture risk analysis, including Secure SDLC testing requirements throughout the development lifecycle

  • Plan the resolution of any identified vulnerabilities/issues

  • Security review of applications including responsibility for driving requirements definition and risk analysis

  • Facilitate and support threat/architecture reviews and scenario analysis/red team/tabletop exercises

  • Identify enhancements to IS tools, standards, and processes

  • Provide SME support to projects and program

About Citi:

Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management. Our core activities are safeguarding assets, lending money, making payments and accessing the capital markets on behalf of our clients.

Citi's Mission and Value Proposition explains what we do and Citi Leadership Standards explain how we do it. Our mission is to serve as a trusted partner to our clients by responsibly providing financial services that enable growth and economic progress. We strive to earn and maintain our clients' and the public's trust by constantly adhering to the highest ethical standards and making a positive impact on the communities we serve. Our Leadership Standards is a common set of skills and expected behaviors that illustrate how our employees should work every day to be successful and strengthens our ability to execute against our strategic priorities.

Diversity is a key business imperative and a source of strength at Citi. We serve clients from every walk of life, every background and every origin. Our goal is to have our workforce reflect this same diversity at all levels. Citi has made it a priority to foster a culture where the best people want to work, where individuals are promoted based on merit, where we value and demand respect for others and where opportunities to develop to are widely available to all.


  • Bachelor's Degree (IT related field), or equivalent work experience

  • 5+ years of experience as an application security consultant / penetration tester / security architect

  • SME level knowledge of web application vulnerabilities and web application business logic flaws and threats. Specific knowledge on secure implementation in the hybrid Cloud environment is required

  • In depth, hands-on understanding and application architectures and technology (including web applications, mobile technology, identity and access management)

  • Demonstrable experience with mobile application security, HTML5, Web Services assessment, identity management will be highly regarded

  • Thorough understanding of industry and corporate technology standards for Information and Application Security

  • Detailed familiarity with code reviews and security hacking tools and techniques

Apply Now

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Cloud Security Architect

Amgen Inc.

Posted 1 week ago

VIEW JOBS 4/10/2019 12:00:00 AM 2019-07-09T00:00 Career CategoryInformation SystemsJob Description Amgen is searching for a Specialist IS Architect, Cloud Security Specialist, who will report to the Senior Manager Information Systems and will be based in Tampa, FL, at Amgen's new Capability Center. At Amgen, our mission is simple: to serve patients. Our new Tampa Capability Center provides essential services that enable us to better pursue this mission. This state-of-the art center serves as a base for finance, information systems, and human resources professionals to make a meaningful impact at one of the world's leading biotechnology companies. As a Specialist IS Architect, you will be a technical cloud security generalist for diverse cloud solutions. You will be part of the cloud security team and will be responsible for incident management, change execution, and the maintenance and support of cloud security technologies in a rapidly changing security sector. The Architect will be responsible for delivering world-class security systems and tools management related to the cloud technologies. They will play a key role in designing, deploying and maintaining solutions, automate security assessments, audits, policy and standard enforcements, and more. Job Responsibilities * Management and implementation of technologies and processes relating to assigned Global Information Protection capability including issue identification and resolution, integration with other tools, documentation, gap assessment, gap resolution and continuous improvement of the capability * Keep up-to-date, make recommendations, and participate in the implementation and continuous improvement of technologies and services in assigned information security domains * Work with and provide guidance to Security Operations and other Global Information Protection team activities on security strategies, processes, response and technologies * Support Incident Response on security incidents including contributing to mock security incident exercises * Define, provide, and improve measurement and analysis on the assigned services including the use of appropriate applications and tools for reporting * Develop or participate in the development of business cases and presentations on information security technologies of interest to Amgen * Advise project teams, application owners, and other Information Security teams on information security controls * Perform security design consulting in support of projects including participation in security architecture reviews as necessary * Participate in projects or initiatives where an IS Security Engineer is needed with a focus on ensuring inclusion of information security requirements * Provide mentorship and training on areas of expertise to Global Information Protection and Amgen teams * Collaborate, maintain and build relationships with Amgen and other parties that may impact Information Security services and technologies * Participate in audits covering information security services and technologies * Participate in proactive research and provide recommendations for continuous improvement on information security technologies, processes and services * Develop, implement, and sustain operational scripts, data structures, libraries and programming code that optimize security in emergent compute patterns with diverse applications throughout the global environment * Analyze, design, develop and operate programs, shell scripts, tests, and infrastructure automation capabilities in an advanced security context * Collaborate cross-functionally with analysts, engineers, data scientists to achieve continuous improvement in cyber defense/resilience Basic Qualifications: Doctorate degree OR Master's degree and 2 year of Information Systems and/or Computer Science experience OR Bachelor's degree and 4 years of Information Systems and/or Computer Science experience OR Associate's degree and 10 years of Information Systems and/or Computer Science experience OR High school diploma / GED and 12 years of Information Systems and/or Computer Science experience Preferred Qualifications * Good hand-on experience with AWS foundation services related to compute, network, storage, content delivery, administration and security, deployment and management, automation technologies * Technical experience should have Strong micro services programming (AWS Lambda, Docker, etc.) * Extensive experience architecting, designing and programming applications and RESTFUL Services in an AWS Cloud environment Experience architecting highly available systems that utilize load balancing, horizontal scalability and high availability * DevOps experience building and deploying infrastructure with cloud deployment, build and test automation technologies like ansible, chef, puppet, docker, jenkins, etc. * Experience using AWS Cloud Services (EC2, DynamoDB, API Gateway, RDS, Lambda, CloudFront, CloudFormation, CloudWatch, Route 53, etc.) * Skilled programmer with sufficient experience in high level programming languages such as C++, C#, Java, Python, Visual Basic * Experience in complex enterprise environments and current technology areas like cloud and mobility * Excellent verbal and written communication skills * Effective working with global, virtual teams * Successful management of multiple priorities * Team-oriented, placing priority on the successful completion of team goals * Self-starter with a high degree of initiative * Experience with regulated systems (GxP, SOX) in the pharmaceutical, biotechnology, healthcare industry * Excellent analytical and troubleshooting skills * Experience with complex technologies that impact security * CISSP or equivalent security-related industry certifications * AWS Certified Associate or higher Amgen focuses on areas of high unmet medical need and leverages its expertise to strive for solutions that improve health outcomes and dramatically improve people's lives. A biotechnology pioneer since 1980, Amgen has grown to be one of the world's leading independent biotechnology companies, has reached millions of patients around the world and is developing a pipeline of medicines with breakaway potential. Join Us If you're seeking a career where you can truly make a difference in the lives of others, a career where you can work at the absolute forefront of biotechnology with the top minds in the field, you'll find it at Amgen. Amgen, a biotechnology pioneer, discovers, develops and delivers innovative human therapeutics. Our medicines have helped millions of patients in the fight against cancer, kidney disease, rheumatoid arthritis and other serious illnesses. As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other but compete intensely to win. Together, we live the Amgen values as we continue advancing science to serve patients. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status. . Amgen Inc. Tampa FL

Cloud/Web Application Security Architect (Vp)

Citigroup Inc.