Head of Cyber Architecture - Functions and Technology

$170000 - $300000 Year

Monday to Friday

Day shift

Health insurance
Paid time off
Employee discount
Dental insurance
Vision insurance
401(k)
401(k) matching
Flexible schedule
Parental Leave
Tuition reimbursement
Flexible spending account
Retirement plan
Others

About Our Team

The Chief Information Security Office (CISO) is home to deeply talented colleagues that work to ensure the safety of Citi's clients', our revenue, our employees and our proprietary data. We manage information security as one end-to end program – one with a clear mandate and accountability. Our mission is a program that is fully anchored to modern control and architectural frameworks, is fully aligned with the enterprise architecture of the firm and is deeply integrated into the sectors and functions.

Global Functions Technology is an important enabler of Citi's strategy, supporting the needs of Finance, Risk, Compliance, HR, and other regulatory requirements. It's mission is to deliver world-class technology solutions for Citi's Global Functions using common data, analytics, and platforms.

Citi's Technology Infrastructure services cover 14 functions from End user services, Compute/Network/Storage/Data, Public/Private Cloud, Data Center hosting, Mainframe and Host systems to production operations.

As the Head of Cyber Architecture for Functions and Technology, you will be part of Business, Functions and Technology CISO leadership. You will lead and manage security architecture for strategic and transformational technology initiatives/programs. You will collaborate across business, technology, CISO, and other partners to support these initiatives and help maintain cyber risk within Citi's cyber risk appetite. You will lead and mentor a team of cyber security professionals to deliver a service that represents operational excellence. You will be CISO ambassador and will promote security in IT architecture and engineering functions.

Job Overview:

Key responsibilities include

Lead and mature security architecture function/practice that enables business and technology transformation for Global functions and technology
Maintain thought leadership in areas of Cloud, Web/Mobile Applications, Enterprise Technology (Compute, Network, Storage, Data, Collaboration, Cyber Security Tooling, etc.)
Engage early in the technology and software development life cycle. Embed security best practices such as security requirements, threat modelling, secure code review, automated security controls.
Mature cyber architecture practices (e.g. security blueprints, architecture assessments, automated validations) to accelerate security assurance activities
As required, perform security architecture assessments and deep dive into security controls.
Perform root cause analysis on repeat issues, provide short/long term recommendations and drive system risk reduction.
Act as primary interface with senior leadership in business, technology, CISO and other partners to effectively manage security objectives for large complex initiatives/programs
Actively mitigates delivery risks and resolve critical issues.
Mediates stakeholder conflicts and overcome organizational roadblocks.
Participates in creating effective and efficient processes and governance
Works with program teams to agree on key milestones / deliverables and quantitative progress metrics where applicable.
Actively mitigates delivery risks and resolve critical issues.
Lead, mentor and develop a team of cybersecurity architects/engineers/information security analysts to promote excellence, diversity, inclusion, and manage delivery with commitment to ethical standards.
Be security advocate to enable software development and technology teams to practice security architecture in their day to day activities
Promote security culture in business and technology partners enabling secure product delivery for clients. Keep oneself appraised of emerging technology and changing threat landscape. Advise business and technology stakeholders on the appropriate course of action, promoting security as an enabler for business innovation and digitization.
Build internal and external networks to ensure alignment with industry best practices, and to maintain current knowledge regarding cybersecurity threats and risks.
Qualifications include:

15+ years of IT experience
10+ years of experience leading security architecture and/or security engineering functions for an enterprise scale regulated environment
Knowledge of security architecture frameworks like SABSA, O-ESASABSA, O-ESA and OSA
Sound technical expertise and hands on experience in technology and security in one or more areas such as Public/Private Cloud security (AWS, Azure, Google, Oracle, IBM), Web/Mobile Applications, DevSecOps/CICD, IAM, Application
Experience in designing, deployment, and adoption of complex enterprise scale IT and security solutions
Strong track record of successful transformation of security practices and/or operations
Software development experience in one or more programming languages such Java, Python, C/C+
Experience in leading a team of cyber architects/engineers and proven track record delivering robust security solutions for both clients and internal workforce
Strong interpersonal and communication skills with the ability to simplify complex information security topics and influence at all levels of the organization
Demonstrated knowledge of information security standards, rules and regulations.
Ability to understand not only emerging industry trends as far as cyber security is concerned, but also the landscape of emerging threats, making appropriate adjustments within the program.
Strong leadership, strategic thinking, and large-scale planning abilities.
Excellent problems solving abilities and analytical skills; proven ability to effectively drive global teams to meet challenging deadlines solving complex problems.
Ability to organize, prioritize, and lead multiple deliverables simultaneously across a large highly matrixed, global corporate environment.
This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.
Education:

University degree (Master’s degree preferred) or equivalent experience in IT
Professional certifications, such as CISSP/CISM/CISA/CSSLP, or relevant security certifications from AWS/Google/Azure/SANS
-------------------------------------------------

Job Family Group:

Technology
-------------------------------------------------

Job Family:

Architecture
------------------------------------------------------

Time Type:

Full time
------------------------------------------------------

Primary Location:

Rutherford New Jersey United States
------------------------------------------------------

Primary Location Salary Range:

$170,000.00 - $300,000.00
------------------------------------------------------

Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

Communication
Leadership
Teamwork
Interpersonal
Learning/adaptability
Self-management
Organizational
Computer
Problem solving
Open mindedness
Strong work ethic
technology
Others

10+ years of experience
15+ years of IT experience

Technology

On going position

Hybrid Remote