- Full end-to-end security assurance activities in Azure/M365 and Entra ID including Vulnerability Assessments (preproduction, post-production) and Purple Team exercises (Red and Blue team collaboration) to identify areas of risk and ensure any gaps are documented and remediated
- Provide threat modeling and risk assessment services to characterize the risk and severity posture of various systems and components in the cloud environment
- Partner with Engineering and Operations teams to create, implement, and apply DevSecOps practices and processes that are consumed by developers across all sectors in Citi
- Create and provide introductory to advanced trainings for CISO partner teams covering the Microsoft Cloud platform's security concepts
- Identify potential gaps created by your licensing choices or un-utilized tooling and address these findings
- Leverage knowledge of threat landscape as well as partnership with intelligence and threat modeling teams to deliver reports analyzing the risk posed by actors and/or TTPs within the context of our tenant and its controls
- Evaluate and recommend new and emerging external products and technologies to implement.
- Threat model, draft, test and deploy detective 365 event-based controls to be consumed by our SOC
- Design and run tabletop exercises testing the responsive capabilities of our operational security teams and deliver findings in a report format after the fact
- Identify new requirements / enhancements to standards, tools, and processes
- Proven proficiency in an Offensive Security-oriented mindset (threat modeling, vulnerability assessments, pen testing, etc.)
- Understanding and ability to deliver monitoring of Microsoft Cloud estate (Graph API, reporting, Azure Monitor, Workbooks, Sentinel)
- Hands-on experience with cloud platforms (Azure/M365) Excellent understanding of cloud security concepts/best practices in various cloud Service Providers (for example: Azure/M365)
- Strong knowledge of Microsoft Cloud's Identity plane, how applications and users are represented, secured and attacked in Entra ID, M365 workload RBACs, as well as Azure RBAC and resource level permissions
- Familiarity with the current threat landscape which Microsoft Cloud exists in
- In depth understanding of recent breaches, APTs and common TTPs used to attack these platforms
- Ability to understand Citi's licensing scheme in Microsoft Cloud by understanding what is and is not included in our current licensing scheme
- Deep understanding of Entra ID: its features, risks, common misconfigurations and how it integrates with M365 and Azure.
- Experience using programming/scripting languages a plus (Python and PowerShell preferred, but not required)
- Demonstrated ability to take ownership and follow up on issues
- Demonstrated ability to work in a team and to work well under pressure
- Advanced analytical and problem-solving skills
- Consistently clear and concise written and verbal communication
- Proficient in interpreting and applying policies, standards, and procedures
- Bachelor's Degree or equivalent working experience
- Candidates must possess or be open to pursuing one or more of the following industry-accredited certifications within the 1st year of employment:
-
SVP, Commodities Finance Lead
1 week ago
Citi New York, United States Full timeThe Commodities Finance Lead is a senior level position responsible for providing management with analysis and insight of Citi's financial results in coordination with the broader Finance team. · Responsibilities: · Drive forward looking processes including forecasts, strategic/ ...
-
SVP, Digital Delivery Lead
1 day ago
Publicis Groupe New York, United StatesCompany Description · About Digitas Health · Digitas Health is the?Agency of Now: the first global connected-health agency, purpose-built for marketing today. Digitas Health specializes in helping health brands navigate a complex and shifting media environment to create deeper, ...
-
SVP, Digital Delivery Lead
1 day ago
Digitas Health New York, United StatesJob Description · Job DescriptionCompany Description · About Digitas Health · Digitas Health is the Agency of Now: the first global connected-health agency, purpose-built for marketing today. Digitas Health specializes in helping health brands navigate a complex and shifting med ...
-
SVP, Client Services Lead
1 day ago
Digitas Health New York, United StatesJob Description · Job DescriptionCompany Description · About Digitas Health · Digitas Health is the Agency of Now: the first global connected-health agency, purpose-built for marketing today. Digitas Health specializes in helping health brands navigate a complex and shifting med ...
-
SVP, Data Integration Sr Lead Analyst
12 hours ago
00002 Citibank, N.A. New York, United States Full timeThe Data Integration Sr Lead Analyst is responsible for overseeing daily activities that support the execution, enablement and adoption of the Data Transformation Plan and/or support of use cases through collaboration with functions, regions and lines of business. This role partn ...
-
SVP, Data Quality Sr Lead Analyst
3 weeks ago
Citi New York, NY, United StatesThe Data Quality Senior Lead Analyst is accountable for the management and execution of continuous Data Quality standards, controls, metrics, and Data Concern Remediation Management. This role oversees firm-wide controls, setting parameters and guidelines for measurement, evaluat ...
-
FP & A Senior Lead Analyst, SVP - New York
2 weeks ago
Citi New York, United States Full timeDescription · Citi's Client organization is focused on strengthening how we deliver for clients across the bank. The Client organization, inclusive of firm-wide Marketing, takes a comprehensive view of our client relationships, ensuring that we deliver one Citi in a consistent a ...
-
Lead Data Engineer, SVP
2 weeks ago
Blackstone New York, United States Full timeBlackstone is the world's largest alternative asset manager. We seek to create positive economic impact and long-term value for our investors, the companies we invest in, and the communities in which we work. We do this by using extraordinary people and flexible capital to help c ...
-
00002 Citibank, N.A. New York, United States Full timeFinance Controls Testing Team Leader: Global Functions, O&T & Expense Management– C14 · The Global Functions Control Testing Utility is responsible for the testing of controls that are designed and executed by the Citi's Global Functions teams such as Finance, HR, Operations, Tec ...
-
FP & A Senior Lead Analyst, SVP - New York
1 week ago
Hispanic Technology Executive Council New York, United StatesDescription · Citi's Client organization is focused on strengthening how we deliver for clients across the bank. The Client organization, inclusive of firm-wide Marketing, takes a comprehensive view of our client relationships, ensuring that we deliver one Citi in a consistent a ...
-
Issue Quality Control Lead, SVP
3 weeks ago
Citigroup Inc New York, United StatesThe Business Risk and Control Sr Officer I is a strategic professional who closely follows latest trends in own field and adapts them for application within own job and the business. Typically, a small number of people within the business that provide the same level of expertise. ...
-
Svp, Enterprise Risk Transformation Lead
2 weeks ago
Citi New York, United States**Job Posting Title** · Enterprise Risk Transformation Lead · **About Citi** · Citi's mission is to serve as a trusted partner to our clients by responsibly providing financial services that enable growth and economic progress. Our core activities are safeguarding assets, lending ...
-
Issue Quality Control Lead, SVP
3 weeks ago
Hispanic Technology Executive Council New York, United StatesThe Business Risk and Control Sr Officer I is a strategic professional who closely follows latest trends in own field and adapts them for application within own job and the business. Typically, a small number of people within the business that provide the same level of expertise. ...
-
Issue Quality Control Lead, SVP
2 weeks ago
Citigroup Inc New York, United StatesThe Business Risk and Control Sr Officer I is a strategic professional who closely follows latest trends in own field and adapts them for application within own job and the business. Typically, a small number of people within the business that provide the same level of expertise. ...
-
Issue Quality Control Lead, SVP
2 weeks ago
Citigroup Inc New York, United StatesThe Business Risk and Control Sr Officer I is a strategic professional who closely follows latest trends in own field and adapts them for application within own job and the business. Typically, a small number of people within the business that provide the same level of expertise. ...
-
Issue Quality Control Lead, Svp
2 weeks ago
Citi New York, United StatesThis role will be part of the Services Central Governance & Controls team organization responsible for driving execution of enterprise and operational risk programs. This role is responsible for ensuring accuracy of the quality of the information captured in ICAPS in line with th ...
-
Re-engineering Process Sr. Lead, SVP
3 weeks ago
Citi New York, NY, United StatesThe Strategic Initiatives organization's role is to partner (Key Enabler) with senior leaders across the Services, Markets, Banking and Functions (SMBF) Technology organization to ensure proper governance over our top Strategic Initiatives and to drive productivity improvements t ...
-
Re-engineering Process Sr. Lead, SVP
3 weeks ago
Citigroup Inc New York, United StatesThe Strategic Initiatives organizations role is to partner (Key Enabler) with senior leaders across the Services, Markets, Banking and Functions (SMBF) Technology organization to ensure proper governance over our top Strategic Initiatives and to drive productivity improvements to ...
-
Re-engineering Process Sr. Lead, SVP
3 weeks ago
Citigroup Inc New York, United StatesThe Strategic Initiatives organization's role is to partner (Key Enabler) with senior leaders across the Services, Markets, Banking and Functions (SMBF) Technology organization to ensure proper governance over our top Strategic Initiatives and to drive productivity improvements t ...
-
Re-engineering Process Sr. Lead, SVP
3 weeks ago
Hispanic Technology Executive Council New York, United StatesThe Strategic Initiatives organizations role is to partner (Key Enabler) with senior leaders across the Services, Markets, Banking and Functions (SMBF) Technology organization to ensure proper governance over our top Strategic Initiatives and to drive productivity improvements to ...
Senior Cloud SecOps Azure/M365 Lead, SVP - New York, NY, United States - Citi
Description
About Citi:Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments, and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management.
As a bank with a brain and a soul, Citi creates economic value that is systemically responsible and in our clients' best interests. As a financial institution that touches every region of the world and every sector that shapes your daily life, our Enterprise Operations & Technology teams are charged with a mission that rivals any large tech company. Our technology solutions are the foundations of everything we do from keeping the bank safe, managing global resources, and providing the technical tools our workers need to be successful to designing our digital architecture and ensuring our platforms provide a first-class customer experience. We reimagine client and partner experiences to deliver excellence through secure, reliable, and efficient services.
Our commitment to diversity includes a workforce that represents the clients we serve from all walks of life, backgrounds, and origins. We foster an environment where the best people want to work. We value and demand respect for others, promote individuals based on merit, and ensure opportunities for personal development are widely available to all. Ideal candidates are innovators with well-rounded backgrounds who bring their authentic selves to work and complement our culture of delivering results with pride. If you are a problem solver who seeks passion in your work, come join us. We'll enable growth and progress together.
The Role:
The Cloud Security Operations (SecOps) team works in a multi-disciplinary team of teams driving cyber security services and solutions to enable Citi to securely adopt private, hybrid, and public cloud platforms. This role is one of the primary security interfaces with development teams, architects, engineers, and operational teams involved in cloud-related projects. Our operating model emphasizes DevSecOps, that is, automation, integration, and agility based on Security as a Service / Security as Code concepts.
Responsibilities
8-10+ years' experience working in most of the following areas:
Container/Kubernetes certifications: CKA, CKAD, CKS, etc.
Other security certifications: OSCP, OSCE, GXPN, GPEN, GCIH, GWAPT, etc.
This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.
Job Family Group:
Technology
Job Family:
Information Security
Time Type:
Full time
Primary Location:
New York New York United States
Primary Location Full Time Salary Range:
$176, $265,080.00
In addition to salary, Citi's offerings may also include, for eligible employees, discretionary and formulaic incentive and retention awards. Citi offers competitive employee benefits, including: medical, dental & vision coverage; 401(k); life, accident, and disability insurance; and wellness programs. Citi also offers paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays. For additional information regarding Citi employee benefits, please visit Available offerings may vary by jurisdiction, job level, and date of hire.
Anticipated Posting Close Date:
May 22, 2024
Citi is an equal opportunity and affirmative action employer.
Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Citigroup Inc. and its subsidiaries ("Citi") invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi .
Senior Cloud SecOps Azure/M365 Lead, SVP professionals in New York City
-
Jasbir Hanjra
DevOps/ Cloud Architect/ Technical Project Manager
-
Yuri Silver
Talent Acquisition Specialist- Technical Recruiter
-
Arjun Malik
Senior SAP Specialist
-
Nasine Dam
Executive IT leader