Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

Sr. Application Security Architect (SASA) - VP with Citi

R

Rapid Interviews

Sr. Application Security Architect (SASA) - VP with Citi

Tampa, FL
Paid
Similar Jobs
  • Responsibilities

    To get more informatin on this positions or to apply directly, you can visit the following link:https://rapidinterviews.com/job/sr-application-security-architect-sasa-vp-with-citi/The position listed below is not with Rapid Interviews but with Citi

    Rapid Interviews is a private organization that works in collaboration with government agencies to promote emerging careers. Our goal is to connect you with supportive resources to supplement your skills in order to attain your dream career. Rapid Interviews has also partnered with industry leading consultants & training providers that can assist during your career transition. We look forward to helping you reach your career goals! If you any questions please visit our contact page to connect with us directly

    <ul><li><strong>Primary Location:</strong>United States,Florida,Tampa </li><li><strong>Other Location:</strong>United States,Texas,Irving; United States,Delaware,New Castle </li><li><strong>Education:</strong>Bachelor's Degree </li><li><strong>Job Function:</strong>Technology </li><li><strong>Schedule:</strong>Full-time </li><li><strong>Shift:</strong>Day Job </li><li><strong>Employee Status:</strong>Regular </li><li><strong>Travel Time:</strong>No </li><li><strong>Job ID:</strong>17040933 Description<br /><br /><strong>About Citi</strong><br /><br />Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management. Our core activities are safeguarding assets, lending money, making payments and accessing the capital markets on behalf of our clients.<br /><br />Citis Mission and Value Propositionexplains what we do and Citi Leadership Standardsexplain how we do it. Our mission is to serve as a trusted partner to our clients by responsibly providing financial services that enable growth and economic progress. We strive to earn and maintain our clients and the publics trust by constantly adhering to the highest ethical standards and making a positive impact on the communities we serve. Our Leadership Standards is a common set of skills and expected behaviors that illustrate how our employees should work every day to be successful and strengthens our ability to execute against our strategic priorities.<br /><br />Diversity is a key business imperative and a source of strength at Citi. We serve clients from every walk of life, every background and every origin. Our goal is to have our workforce reflect this same diversity at all levels. Citi has made it a priority to foster a culture where the best people want to work, where individuals are promoted based on merit, where we value and demand respect for others and where opportunities to develop to are widely available to all.<br /><br /><strong>Job Description</strong><br /><br />A Senior Application Security Architect (SASA) is required to assess and manage technology risks and provide compliance guidance per Citi IS and application security standards and provide support to Technology Development Units in their development Lifecycle.<br /><br />The ICG Technology Information Security Team is responsible for managing IS risk and providing controls and compliance guidance and support to Technology Development Units by ensuring compliance with Citi IS standards, policies, and procedures, liaising with corporate IS and driving secure SDLC initiative for ICG sector. The team needs to expand its capability to ensure security requirements are assessed early in the development lifecycle and architecture/design of the application incorporates required security measures.<br /><br />The SASA will have strong technical acumen and should establish relationships with application managers, domain architects, project managers and corporate IS and other disciplines.<br /><br />You will join an elite team of some of the smartest minds in the business that have been tasked with performing threat modeling exercises and proposing technical controls for our top most critical applications to ensure that they are highly resilient from Internet-borne threats.<br /><br />You will work on some of the most cutting edge technologies and provide value by solving real world problems that our industry as a whole is facing. Your key stakeholders will be application development teams, our internal vulnerability assessment teams and the IS organization as a whole.<br /><br /><strong>Risk Management Responsibilities</strong><br /><br />Key responsibilities for this role will be:<ul><li>Engage in the initial requirements definition (including analysis of threats and risks and alignment with Citi IS and Architecture standards) </li><li>Conduct threat modeling and architecture risk analysis, including Secure SDLC testing requirements throughout the development lifecycle </li><li>Facilitate"table-top"/red-team/scenario analysis exercises in conjunction with other SME'sPlan the resolution of any identified vulnerabilities/issues </li><li>Security review of applications including responsibility for driving requirements definition and risk analysis </li><li>Facilitate and support threat/architecture reviews and scenario analysis/red team/tabletop exercises </li><li>Identify enhancements to IS tools, standards, and processes </li><li>Provide SME support to projects and programs <strong>Qualifications</strong><br /><strong>Qualifications: <br /></strong><ul><li>Bachelors Degree or equivalent work experience </li><li>As senior application security architect you will review our most critical applications and their technology stack from top to bottom. Therefore, we require in depth subject matter expert knowledge of application security, with thorough understanding of infrastructure and network security. </li><li>Ideally candidate who has worked for a similar organization, with extensive experience as application security consultant / penetration tester / security architect. </li><li>Must have SME level knowledge of web application vulnerabilities and web application business logic flaws and threats </li><li>In depth, hands-on understanding and application architectures and technology (including web applications, mobile technology, identity and access management) </li><li>Demonstrable experience with mobile application security, HTML5, Web Services assessment, identity management will be highly regarded. </li><li>Thorough understanding of industry and corporate technology standards for Information and Application Security </li><li>Detailed familiarity with code reviews and security hacking tools and techniques. <strong>Skills: <br /></strong><ul><li>Experience in research and development </li><li>Strong knowledge of software development/deployment methodologies in web/mobile based environments. </li><li>Strong knowledge of software security for web and mobile applications </li><li>Background with mobile hardware and software technologies </li><li>Strong understanding of information security and risk analysis processes, including threat modeling. <br /> Associated topics: active ts clearance, army national guard, battle management, c2bmc, cavalry scout, electronics surveillance, geospatial intelligence, missile defense, sme, top secret with sci

    PM17</li></ul></li></ul></li></ul></li></ul>