Citi

Senior Lead Cloud Security Threat Modeler

Citi

full-time

Posted on:

Location Type: Hybrid

Location: Irving • Texas • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $156,160 - $234,240 per year

Job Level

Senior

Tech Stack

AWSAzureCloudCyber SecurityDockerGoogle Cloud PlatformKubernetesLinuxMongoDBPythonSDLCTerraform

About the role

  • Perform Threat Modeling using a documented process to identify threats and specify mitigating controls for Citi's public cloud environments.
  • Develop automation tools to support threat modeling activities as required.
  • Maintain a high standard of work in identifying threats and specifying mitigating controls and attend to the lifecycle of identified threats and controls.
  • Deliver threat models and supporting tasks within existing timeframes and provide feedback, support, and improvements to the existing threat modeling process.
  • Present work to seniors, the team, and other technical teams; train newer members and supervise junior team members.
  • Run parts of the threat model service and assist in wider threat modeling activities across Citi with little supervision.

Requirements

  • 10+ years of experience in a Cybersecurity or Information Security role.
  • 5+ years of Experience specifically focused on Threat Modeling in Cloud Environments.
  • Expertise in Threat Modeling Methodologies like STRIDE, PASTA, Attack Trees, and the MITRE ATT&CK framework.
  • Experience with threat modeling tools (e.g., IriusRisk, ThreatModeler, Microsoft Threat Modeling Tool).
  • Proven ability to identify and analyze vulnerabilities using CWE or OWASP frameworks.
  • Deep understanding of security principles related to authentication, authorization, logging/monitoring, encryption, infrastructure security, and network segmentation.
  • Mastery of Operating Systems (e.g., Windows, Linux) and their hardening best practices.
  • Strong familiarity with Development Concepts such as CI/CD pipelines, and SDLC.
  • Extensive experience with major Cloud Platforms (e.g., AWS, Azure, GCP), including their security services and best practices.
  • Proficiency in scripting languages (e.g., Python, Bash, PowerShell) or Infrastructure as Code (IaC) tools (e.g., Terraform, CloudFormation).
  • Proven ability to design, review, and critique technical architectures for security vulnerabilities and risks.
  • Excellent written and verbal communication skills.
  • Strong analytical and problem-solving skills, with meticulous attention to detail.
  • Preferred: Experience with Docker, Kubernetes, Serverless technologies (AWS Lambda, Azure Functions, Google Cloud Functions), Helm.
  • Preferred: Familiarity with Cloud Development Kit (CDK) and GitOps principles.
  • Preferred: Experience supporting or performing Penetration Testing activities and tools.
  • Preferred: Experience with Snowflake, MongoDB, Terraform Cloud, GitHub, or Databricks.
  • Preferred: Experience working in a regulated environment (e.g., financial services).
  • Certifications highly preferred: AWS Certified Solutions Architect – Professional; Google Cloud Certified Professional Cloud Architect; Microsoft Certified: Azure Solutions Architect Expert; AWS Certified Security - Specialty; Google Professional Cloud Security Engineer; Microsoft Certified: Azure Security Engineer Associate; (ISC)² CISSP; ISACA CISM; GIAC certifications.
  • Education: Bachelor’s degree/University degree or equivalent experience; Master’s degree preferred.
Benefits
  • In addition to salary, Citi’s offerings may also include discretionary and formulaic incentive and retention awards.
  • Medical, dental & vision coverage.
  • 401(k).
  • Life, accident, and disability insurance.
  • Wellness programs.
  • Paid time off packages including planned time off (vacation), unplanned time off (sick leave), and paid holidays.
  • Competitive employee benefits (available offerings may vary by jurisdiction, job level, and date of hire).

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
Threat ModelingSTRIDEPASTAAttack TreesMITRE ATT&CKCWEOWASPCI/CDInfrastructure as CodeScripting languages
Soft skills
CommunicationAnalytical skillsProblem-solvingAttention to detailTrainingSupervision
Certifications
AWS Certified Solutions Architect – ProfessionalGoogle Cloud Certified Professional Cloud ArchitectMicrosoft Certified: Azure Solutions Architect ExpertAWS Certified Security - SpecialtyGoogle Professional Cloud Security EngineerMicrosoft Certified: Azure Security Engineer Associate(ISC)² CISSPISACA CISMGIAC certifications
Citi

SVP, Cloud Security Architect

Citi
Leadfull-time$141k–$212k / yearFlorida, Texas · 🇺🇸 United States
Posted: 3 hours agoSource: citi.wd5.myworkdayjobs.com
AWSAzureCloudGoogle Cloud Platform
Boeing

Principal Architect – Cloud, Development, Security and Operations

Boeing
Leadfull-time$166k–$240k / yearArizona, California, Montana, Pennsylvania, South Carolina, Texas, Washington · 🇺🇸 United States
Posted: 8 hours agoSource: boeing.wd1.myworkdayjobs.com
AnsibleAWSAzureCloudDockerGoogle Cloud PlatformKubernetes
LyondellBasell

Security Architect, Vulnerability Management

LyondellBasell
Mid · Seniorfull-timeTexas · 🇺🇸 United States
Posted: 1 day agoSource: careers.lyondellbasell.com
Cyber SecurityFirewallsSplunk
Providence

Senior Principal Security Engineer, IS Risk Assessment

Providence
Seniorfull-time$76–$129Alaska, California, Montana, Oregon, Texas, Washington · 🇺🇸 United States
Posted: 2 days agoSource: evac.fa.us2.oraclecloud.com
Cyber Security