Security Operations (SOC) Security Architect

Trust is part of our DNA at Citi.

As such we take safeguarding our customer data information very seriously.

The Chief Information Security Office (CISO) is made up of deeply dedicated and talented colleagues who work together to ensure the safety of Citi’s and our clients’ assets and information.

We manage information security as one end-to end program
– one with a clear mandate and accountability.

Our mission is to continually execute and enhance a global security program that is fully anchored to modern control and security frameworks, fully aligned with the technology of the firm, threat-focused and data-driven, and deeply integrated across all Citi businesses globally.

Being talent-driven, we are focused on attracting and developing diverse and inclusive talent with a high technical skill level.

As a member of our team we will provide you with career development opportunities at all stages of your career.

Our employees model a passion for protecting Citi, our customers and clients, and believe in treating others with dignity and respect.

A strong enterprise cybersecurity architecture organization is necessary to enable Citi businesses to operate safely.

The Enterprise Cyber Security Architecture organization is responsible for implementing a robust enterprise security architecture practice to ensure Citi is reducing the risk to all threat surfaces with the right capabilities and controls and continuously progressing towards a target state.

A key element of this practice is the development and implementation of a Security Operations (SOC) Security Architecture.

This role develops and operationalizes CITI’s enterprise security architecture that is focused on ensuring CITI’s global security operations (SOC) and incident response functions are making security decisions faster and most effectively managing cyber threats to continuously reduce risk.

The Security Operations domain includes: (1) monitoring and alert management; (2) incident investigation and forensics; (3) security and compliance reporting; and (4) assessment and remediation reporting.

This role requires a strong understanding of current and future cyber security operations and incident response functions.

Future functions include such items as: continuous malicious code detection; open source vulnerability management; and predictive detection.

The successful candidate will be adept at creating secure architectures and design patterns that are implementable and continuously reducing risk.

This role requires strong engineering and operational experiences as essential to ensure that architectures are successfully implemented while factoring in ease of integration, operational overhead, and user experience.

This role reports to the Head of Enterprise CyberSecurity Architecture.

Roles and Responsibilities:

• Develop a security operations architecture and strategy in alignment with overall Citi Cybersecurity Architecture in partnership with CISO Engineering.
• Develop and maintain requirements and standards for capabilities that support security operations, threat detection, intelligence and incident response functions.
• Maintain strong awareness of and support the achievement of CITI’s security operations strategy and future state goals.
• Assess gaps in security operations capabilities, maintaining market and vendor awareness of both trends and advancing capabilities in alignment to the desired architecture.
• Working with CITI’s Cyber Security Lab, identify and support innovation in capabilities necessary to fill critical capability gaps.
• Interface and support Citi’s Security Architecture Council, Steering Committee, and Working Groups building strong rapport across teams.
• Support Citi’s adoption of cloud continuum and holistic digital transformation.

Required Skills and Competencies:

• Bachelor’s degree in relevant subject or equivalent work experience
• 10+ years of relevant cybersecurity and/or IT experience
• Proven SME level knowledge of security operations
• Thorough understanding of industry and corporate technology standards for security operations
• Experience developing cybersecurity and IT architectures
• Software development experience is a plus
• Demonstrated ability to take ownership and work with cross functional teams to manage multiple projects simultaneously under pressure
• Advanced analytical and problem-solving skills
• Consistently demonstrates clear and concise written and oral communication as well as strong presentation skills to both technical and non-technical audiences.

Job Family Group:
Technology

Job Family:
Architecture

Time Type:
Full time

Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc.

and its subsidiaries (“Citi”) invite all qualified interested applicants to apply for career opportunities.

If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi .

View the “ EEO is the Law ” poster.

View the EEO is the Law Supplement .

View the EEO Policy Statement .

View the Pay Transparency Posting