The Digital Web & Mobile Security Senior Analyst is an intermediate level position responsible for leading efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy.

Responsibilities:

Prevent and drive to clear the outstanding safety and soundness items by assessing and predicting the potential risk items before it becomes an issue / escalation.
Assess priorities across multiple safety and soundness items and drive those critical ones similar like driving high priority production items and never settle until it is closed
Drive our outstanding safety and soundness items across all teams to closure and turn it around to become prevention instead of reacting to issues.
Operate independently including the ability to provide executive summary for safety and soundness issues for executive consumption without a need for a continuous review.
Review existing security architectures, identify design gaps, and recommend security enhancements.
Act as an advocate for the application security architecture. Communicates and educates on the IS Architecture and roadmap.
Develop security design pattern by identifying broader and emerging IS issues.
Provides architecture consulting across the bank to project teams and other architects.
Prioritize architecture deliverables, and establish short-term, mid-term and long-range architecture plans. Facilitates the migration to the reference architecture in a way that enables and supports the strategic plan.
Maintains understanding of business issues, operating procedures and priorities.
Actively seeks opportunities for increased business and IT agility.
Understand current as well as emerging security threats and reflect changes in security architecture to mitigate threats.
Streamline and / or eliminate excess process in any area of architecture, build, delivery, production operations environment, or business area where the same efforts (or issues) are repeated year-over-year.
Share knowledge with the team in various forums (brown bags, engineering forums etc.) and demonstrate a higher level of knowledge through industry certifications
Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.

Qualifications:

Candidates should have in-depth subject matter expertise of application and data security, with thorough understanding of infrastructure and network security. Requirements include:

5+ years of experience as application security consultant / security expert.
SME level knowledge of web application vulnerabilities and web application business logic flaws and threats
In depth and hands-on understanding and application architectures and technology (including web applications, mobile technology, web 2.0 technology, identity and access management)
Demonstrable experience with mobile application security, HTML5, Web Services/API assessment, identity management will be highly regarded.
Thorough understanding of industry and corporate technology standards for Information Security
Expert in latest Internet and Mobile technology with strong architectural and design knowledge
Detailed familiarity with security hacking tools and techniques.
Excellent written and oral English communication skills

Education:

Bachelor’s/University degree or equivalent experience

This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.

------------------------------------------------------

Job Family Group:

Technology

------------------------------------------------------

Job Family:

Digital Software Engineering

------------------------------------------------------

Time Type:

Full time

------------------------------------------------------

Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law.

If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View Citi’s EEO Policy Statement and the Know Your Rights poster.

Prevent and drive to clear the outstanding safety and soundness items by assessing and predicting the potential risk items before it becomes an issue / escalation.
Assess priorities across multiple safety and soundness items and drive those critical ones similar like driving high priority production items and never settle until it is closed
Drive our outstanding safety and soundness items across all teams to closure and turn it around to become prevention instead of reacting to issues.
Operate independently including the ability to provide executive summary for safety and soundness issues for executive consumption without a need for a continuous review.
Review existing security architectures, identify design gaps, and recommend security enhancements.
Act as an advocate for the application security architecture. Communicates and educates on the IS Architecture and roadmap.
Develop security design pattern by identifying broader and emerging IS issues.
Provides architecture consulting across the bank to project teams and other architects.
Prioritize architecture deliverables, and establish short-term, mid-term and long-range architecture plans. Facilitates the migration to the reference architecture in a way that enables and supports the strategic plan.
Maintains understanding of business issues, operating procedures and priorities.
Actively seeks opportunities for increased business and IT agility.
Understand current as well as emerging security threats and reflect changes in security architecture to mitigate threats.
Streamline and / or eliminate excess process in any area of architecture, build, delivery, production operations environment, or business area where the same efforts (or issues) are repeated year-over-year.
Share knowledge with the team in various forums (brown bags, engineering forums etc.) and demonstrate a higher level of knowledge through industry certifications
Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.

Qualifications:

Candidates should have in-depth subject matter expertise of application and data security, with thorough understanding of infrastructure and network security. Requirements include:

5+ years of experience as application security consultant / security expert.
SME level knowledge of web application vulnerabilities and web application business logic flaws and threats
In depth and hands-on understanding and application architectures and technology (including web applications, mobile technology, web 2.0 technology, identity and access management)
Demonstrable experience with mobile application security, HTML5, Web Services/API assessment, identity management will be highly regarded.
Thorough understanding of industry and corporate technology standards for Information Security
Expert in latest Internet and Mobile technology with strong architectural and design knowledge
Detailed familiarity with security hacking tools and techniques.
Excellent written and oral English communication skills

Education:

Bachelor’s/University degree or equivalent experience

This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.

------------------------------------------------------

Job Family Group:

Technology

------------------------------------------------------

Job Family:

Digital Software Engineering

------------------------------------------------------

Time Type:

Full time

------------------------------------------------------

Digital Web & Mobile Security Senior Analyst

Digital Web & Mobile Security Senior Analyst

Digital Web & Mobile Security Senior Analyst

Location

Workplace

Type

Posted

Website

Similar Jobs

Company

For job seekers

For companies

Cyber Security jobs

Digital Web & Mobile Security Senior Analyst

Digital Web & Mobile Security Senior Analyst

Digital Web & Mobile Security Senior Analyst

Location

Workplace

Type

Posted

Website

Similar Jobs

Digital Web & Mobile Security Senior Analyst

Senior Security Analyst - Bug Bounty

Senior C++ Software Engineer with Cloud Development Experience - TS/SCI with Polygraph