Senior Application Security Architect (SASA) - SVP Citi
Irving, TX

Job Description

* Primary Location: United States,Texas,Irving
* Education: Bachelor's Degree
* Job Function: Technology
* Schedule: Full-time
* Shift: Day Job
* Employee Status: Regular
* Travel Time: Yes, 10 % of the Time
* Job ID: 19025275

Description

About Citi

Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management. Our core activities are safeguarding assets, lending money, making payments and accessing the capital markets on behalf of our clients.

Citi's Mission and Value Propositionexplains what we do and Citi Leadership Standardsexplain how we do it. Our mission is to serve as a trusted partner to our clients by responsibly providing financial services that enable growth and economic progress. We strive to earn and maintain our clients' and the public's trust by constantly adhering to the highest ethical standards and making a positive impact on the communities we serve. Our Leadership Standards is a common set of skills and expected behaviors that illustrate how our employees should work every day to be successful and strengthens our ability to execute against our strategic priorities.

Diversity is a key business imperative and a source of strength at Citi. We serve clients from every walk of life, every background and every origin. Our goal is to have our workforce reflect this same diversity at all levels. Citi has made it a priority to foster a culture where the best people want to work, where individuals are promoted based on merit, where we value and demand respect for others and where opportunities to develop are widely available to all.

Description:

Do you want to be part of an exciting work environment, architecting secure applications that give businesses a competitive edge?

Are you passionate about establishing security capabilities to defend against the current and emerging threat landscape?

We are looking for a Digital Security Architect (DSA) to support our customer facing high risk web applications.

The DSA will primarily be responsible for defining, designing and validating the security controls are capabilities are built into the applications.

The DSA:

* Should be a highly technical security practitioner with working knowledge of delivering secure application architecture and design.
* Will be responsible for understanding the current and emerging threat landscape, and capabilities required to defend them.
* Should have practical knowledge of building application using monolithic, micro services and Restful APIs.
* Will evangelize security throughout the enterprise and drive changes needed to respond to emerging threats and business needs.
* Will work across development, fraud, business and architecture teams.

Qualifications

Qualifications:

* 10+ years of demonstrated information security, compliance and risk management experience


* BS degree in Computer Science (or related Information Technology field)


* Security certification - CISSP, CISM (preferred)


* Strong knowledge of software security for web and mobile applications


* Hands on experience with security controls to defend against attacks such as brute force, Cross Site Scripting, SQL Injection, and Automated [Bot] attacks


* Solid understanding of Authentication solutions (Design to Implementation) such as Oauth 2.0, OpenID Connect 1.0, FIDO, Biometrics, etc.


* In depth knowledge of data protection techniques such as encryption, tokenization, and hashing


* In depth knowledge of APIs and other web services as well as the security risks associated with them


* Understanding of Java based applications, and experience in writing test / abuse cases


* Strong knowledge of System Development Life Cycle's (SDLC) such as Waterfall, Agile, RAD


* Strong understanding of information security and risk analysis processes and threat modeling


* Understanding of cloud computing models and commodity data center infrastructure design concepts a plus


* Self-motivated with the ability to work independently and as a team member with minimal direction


* Strong communication (both writing and verbal) and critical thinking skills



Apply Now