SAST Senior Information Security Engineer, VP
Citi is a leading global bank for institutions with cross-border needs, a global provider in wealth management and a U.S. personal bank.
Citi has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments, and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management.
As a bank with a brain and a soul, Citi creates economic value that is systemically responsible and in our clients’ best interests. Our Enterprise Operations & Technology teams are charged with a mission that rivals any large tech company, ensuring our technology solutions keep the bank safe, manage global resources, and provide the technical tools our workers need to be successful.
About Our Team:
The Chief Information Security Office (CISO) is home to deeply talented colleagues that work to ensure the safety of Citi's clients, revenue, employees, and proprietary data. Our mission is a program that is fully anchored to modern control and architectural frameworks, aligned with the enterprise architecture of the firm and integrated into the sectors and functions.
The Senior Information Security Engineer is a senior-level professional responsible for handling the backend Static Application Security Testing (SAST) scanner tool, monitoring and preventing performance issues with the scanner tool and backend database. The overall objective is to ensure the SAST analysts can triage without any issues.
Responsibilities:
- Handle, support, and change configurations in the backend security scanner tool.
- Understand OWASP Top 10 SAST findings.
- Identify opportunities to engineer, automate, and standardize day-to-day operations.
- Analyze and provide solutions for backend performance.
- Automate backend processes.
- Reduce risk by analyzing root causes of issues, their impact, and required corrective actions.
- Direct the development and delivery of secure solutions by coordinating with business and technical contacts.
- Assess risk when business decisions are made, demonstrating consideration for the firm's reputation and safeguarding Citigroup, its clients, and assets.
Qualifications:
- 6+ years of relevant experience.
- 2+ years of experience with SAST scanner tools (Checkmarx preferred).
- Advanced proficiency in backend/SQL handling for SQL Server/IBM COGNOS.
- Advanced proficiency in scripting languages.
- Advanced proficiency with Microsoft Office tools, with reporting/analytics skills being a plus.
- Exposure to SCA tools (preferred: Blackduck, Synk) and DAST tools (Burp Suite/AppScan, etc.) is a plus.
- Consistently demonstrates clear and concise written and verbal communication.
- Proven influencing and relationship management skills.
- Proven analytical skills.
Education:
- Bachelor’s degree/University degree or equivalent experience.
- Master’s degree preferred.
This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.
Job Family Group: Technology
Job Family: Information Security
Time Type: Full time
Primary Location: Irving, Texas, United States
Primary Location Full Time Salary Range: $125,760.00 - $188,640.00
In addition to salary, Citi’s offerings may also include discretionary and formulaic incentive and retention awards. Citi offers competitive employee benefits, including medical, dental & vision coverage; 401(k); life, accident, and disability insurance; and wellness programs.
Anticipated Posting Close Date: Oct 30, 2024
Citi is an equal opportunity and affirmative action employer. Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
#J-18808-Ljbffr