at Citibank, N.A. in New Castle, Delaware, United States
Citibank, N.A. seeks an Information Security Technical Lead Analyst for its New Castle, Delaware location.
Duties: Build and configure the Infrastructure required to host Data Protection & Cryptography Infrastructure within Cyber Security Services. Develop and configure information security infrastructure using public key infrastructure of various types including SafeNet Luna, nShield, ProtectServer, Unbound Virtual, Tokenization and Encryption Hardware Security Modules (HSMs). Design databases using MongoDB, Oracle, Apache Cassandra, MS SQL, MySQL and PostgreSQL. Work with various stakeholders to create technology infrastructure design and procure the required hardware and software, including: servers, security appliances, databases, firewall rules, and load balancers. Deploy and configure the applications across various Development, User Acceptance Testing (“UAT”), Production, and Continuity of Business (“COB”) environments. Perform complete security assessments, identify and remediate vulnerabilities, and run business tests and application go live for end users. Provide Level 3 integration support for franchise critical security infrastructure. Collect application and information security requirements for internal and external applications and provide appropriate security solutions. Responsible for onboarding the application into security infrastructure and providing testing support for lower environments before migration into the production environment. Analyze requirements and recommend unique and scalable solutions per architecture and technology requirements for each client application. Responsible for building and onboarding applications with various HSMs. Analyze the business security requirements per Federal Information Processing Standards and integrate them with the appropriate HSM models. Procure the required HSM from vendors in order to securely configure it across global data centers. Work with various business units to provide technical guidance and support based on the application’s programming language and technical architecture. On-board the applications into HSMs and establish secured connectivity for crypto processing and key protection. Review computer system capabilities and workflow, and perform continuity tests. Perform periodic assessments of system capabilities against defined industry and Citi technology standards to ensure software and hardware update requirements keep up with changing market and security standards. Design, document, and maintain the business continuity plan for all the supported Global application infrastructures. Perform annual tests to ensure the continuity of business from alternate locations in case the primary data center becomes unavailable. Support initiatives to develop and improve scripts for system monitoring, system maintenance, and infrastructure security assessments. Access the security infrastructure to understand requirements for new automations or improvements to existing models and document, initiate, and manage projects accordingly. Develop, test, and deploy the programs and tools to automate: security assessments and infrastructure; configuration assurance; security reporting, reconciliation, and performance; capacity monitoring and forecasting; software simulations; system maintenance; and General Data Protection Regulation (“GDPR”) compliance requirements.
Requirements: Requires a Bachelor’s degree, or foreign equivalent, in Computer Science, Engineering (any) or related field and 5 years of progressive, post-baccalaureate experience as a Systems Analyst, Systems Software Engineer, Systems Administrator, or related position involving information security solutions for software applications. 5 years of experience must include: Cisco Hardware Security Modules, UCS Security Hardware, ProtectServer, & Qualys Scan tool; Design network connectivity and load balancing for software applications; MongoDB, Oracle, Apache Cassandra, MS SQL, MySQL & PostgreSQL; RedHat, Linux, Solaris, & Wintel Servers operating systems; Onboarding information security infrastructure and provide testing support during production; and Analyzing business security requirements per Federal Information Processing Standard (140-2) and integrate Hardware Security Module models. Qualified applicants submit resumes referencing job code JC/ISTLA/SG to Citigroup Recruiting Dept., 3800 Citigroup Center Drive, Tampa, FL 33610. Citigroup is an EOE Employer. Direct applicants only.