5 days old

Payments Application Security Architect Lead (VP)

Citigroup
Jersey City, NJ 07308
Citis Institutional Client Group (ICG) serves clients in all major aspects of finance: Working Capital Management, Execution, Securities Services and Advisory and Capital Raising. Citi delivers a comprehensive set of products and solutions through an unmatched, worldwide proprietary network with a physical presence in 95 markets. Citi offers products and solutions to help you effectively manage payments for cooperation with centralized or decentralized operations. Whether for invoices, payroll and taxes, or settlement of treasury activities, clients gain from our presence in 100 countries and jurisdictions.


The CISO Institutional Client Group (ICG) Technology Information Security Team is responsible for managing application security risks and providing necessary support to Application Development and Technology teams. Citi offers products and solutions to help you effectively manage payments for cooperation with centralized or decentralized operations. Whether for invoices, payroll and taxes, or settlement of treasury activities, clients gain from our presence in 100 countries and jurisdictions. The Application Security Architect role plays a vital role in ensuring that ICG applications are developed in accordance with Citi Information and Cyber Security standards and are protected against cyber threats. The role will be closely working with ICG Technology architects, engineers, and product managers as well as CISO organization.


This Application Security Architect will support ICG business with primary responsibilities to perform payment applications information security risk assessments, provide SME knowledge during software development process and act as trusted advisor to ensure business applications comply with Citi Information Security standards and Regulatory needs.


Join an environment with a laser focus on growth and progress, and take your career to the next level through the power of Citis unmatched globality and vast expertise.


Responsibilities:


+ Perform information security risk assessments including security architecture assessment and threat modelling on payment applications throughout the SDLC/Agile/Iterative lifecycles

+ Perform Information security control assessments for different global regulations, and industry standards such as SWIFT CSP, CHAPS, Fedline, Target 2, etc.

+ Report Information security issues to IT with appropriate recommendations to mitigate and/or remediate the risk as well as assist IT with corrective action plans

+ Provide subject matter expertise in application development lifecycle to assess security requirements and controls and ensure that security controls are implemented as planned

+ Promote awareness of current Citi information security policies and standards

+ Identify opportunities to automate and standardize information security controls and for the supported groups

+ Partner with application and infrastructure owners to ensure any vulnerabilities or issues are resolved per security guidelines

+ Reduce risk by analyzing the root cause of issues, their impact, and required corrective actions

+ Direct the development and delivery of secure solutions by coordinating with business and technical contacts

+ Drive security frameworks, pattern development and implementation for various domains (e.g. authentication and authorization credential management, secret management, application security, security monitoring) for on-prem and cloud.

+ Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency

+ Interface with Internal auditor, Operational Risk Management, and/or provide support during audits

+ Establish and maintain relationships with domain architects, project managers, and others within the technology development unit


Qualifications:


+ 7+ years of Information Security assessment experience in areas of Application Security and IT Information Security

+ Good understanding of Information security control areas such as Authentication/Authorization/Access Control, Entitlement, Cryptography for applications (including web applications, mobile technology, cloud) is are required

+ Good knowledge of software development processes (SLDC/Agile/Iterative/DevOps) and integration of security assessments in SDLC process, application and infrastructure vulnerability management is required is a must required

+ Good understanding of IT Security frameworks such as NIST SP800, ISO 27001 is required

+ Good understanding/experience of global Payment, Clearing and Financial Messaging platforms/concepts including Swift, Fedwire, CHIPS and other local RTGS/ACH is a plus

+ Experience with cloud technology is desirable

+ Understanding and experience with threat modelling is required

+ IS/IT program/project management and development experience is preferred

+ Exhibit strong influencing / negotiation skills, attention to details are key, ability to multi task and written/verbal communication skills

+ Strong problem solving/analytical skills

+ Proficient in MS Office products, particularly PowerPoint & Excel

Education:


+ Bachelors degree/University degree or equivalent experience

+ Masters degree preferred

+ Professional certifications, such as CISSP/CISM/CISA/CSSLP, or willingness to obtain certification within 12 months of start date.

+ This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.


+ Bachelors degree/University degree or equivalent experience

+ Masters degree preferred


-------------------------------------------------


**Job Family Group:**


Technology

-------------------------------------------------


**Job Family:**


Information Security

------------------------------------------------------


**Time Type:**


Full time

------------------------------------------------------


Citi is an equal opportunity and affirmative action employer.


Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.


Citigroup Inc. and its subsidiaries ("Citi) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review **Accessibility at Citi (https://www.citigroup.com/citi/accessibility/application-accessibility.htm)** .


View the "EEO is the Law (https://www.dol.gov/sites/dolgov/files/ofccp/regs/compliance/posters/pdf/eeopost.pdf) " poster. View the EEO is the Law Supplement (https://www.dol.gov/sites/dolgov/files/ofccp/regs/compliance/posters/pdf/OFCCP\_EEO\_Supplement\_Final\_JRF\_QA\_508c.pdf) .


View the EEO Policy Statement (http://citi.com/citi/diversity/assets/pdf/eeo\_aa\_policy.pdf) .


View the Pay Transparency Posting (https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp\_%20English\_formattedESQA508c.pdf)


-----------------------------


Effective November 1, 2021, Citi requires that all successful applicants for positions located in the United States or Puerto Rico be fully vaccinated against COVID-19 as a condition of employment and provide proof of such vaccination prior to commencement of employment.
Citi is an equal opportunity and affirmative action employer.
Minority/Female/Veteran/Individuals with Disabilities/Sexual Orientation/Gender Identity.

Categories

Posted: 2022-05-13 Expires: 2022-06-15

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Payments Application Security Architect Lead (VP)

Citigroup
Jersey City, NJ 07308

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast