The VP – Cybersecurity Infrastructure Engineer – Authentication Platforms role will be responsible for the support of multiple critical security infrastructures / applications including but not limited to Token technologies, End-to-end encryption Solutions, Identity and Access management tools and Automation infrastructures to name a few.

Ideal candidate should be able to work in a well-defined team structure as well as independently with minimal supervision. Candidate should have a good command of English and possess strong oral and written business communication skills. Candidate should be a fast-learner and should be able to collaborate with partners well under pressure and competing priorities.

Key Responsibilities

• Delivery of strategic and Transformational IAM(Identity Access Management) capabilities in partnership with engineering, architecture and operations

• Procure and build infrastructure for on-prem/cloud implementation, meet Standard Base Line configuration requirements.

• Configure and build hybrid and cloud capabilities ensuring compliance requirements are met.

• Product upgrades including remediation of EOVS in all environments (core products)

• Work with Technology teams to deliver Infra build and COB automation.

• Deliver Mobile Apps in iOS and Android stores - meeting legal, T&C, ICRM requirements

• Delivery of Client migrations to strategic solutions in all environments.

• Work with the Engineering & Application Owners to deliver measurable improvements.

• Point of contact for Vendors, Operations and Engineering on new build & integration efforts.

• Ownership of controls issues related to new builds, onboarding & integration of solutions.

• Deliver new monitoring and analytics solutions for Ops, SOC, Fraud and business stakeholders.

• Support Audit deliverable reviews and walk-throughs when necessary, with Ops & Engineering

• Evaluate capacity reports generated by production support and plan capacity expansion as required

• Deliver net new client integration in all environments and document for ops support

• Engage with strategic vendors, external to the organization, to investigate problems and understand product functionality, influence enhancements and roadmap as required to meet organizational goals Document resolutions in Knowledge Base tools

• Occasional weekend work and working on shifts is required on need basis.

Experience and Skills

Must-have Skills

• 10+ years’ relevant industry experience in one or more of the following:

• Experience with one or more below:

• Deploying Java-based/Node.JS-based Distributed Application environments.

• Sailpoint Automation

• Identity Access Management on Public Cloud such as AWS, GCP, Azure.

• Should have managed one or more Enterprise Authentication products.

• Onboarding new applications to OpenShift Container service environment.

• Network concepts and understanding of CISCO networking devices.

• Experience with Enterprise application servers such as IBM WebSphere, Apache Tomcat/HTTP Server, as well as Production network infrastructure such as Firewalls, DNS, Software/Hardware Load balancers, Proxies.

• Experience working in a Linux-based environment (RHEL, Ubuntu) that includes being conversant in terminal commands and developing shell or Perl scripts.

• Experience with critical production server support, application upgrades and project lifecycle/ SDLC processes

Desired Skills

• Experience in Installing and managing APPs on UNIX/Linux OS.

• Deep understanding of Encryption protocols used in Transport-Layer Encryption, Data Transmission and At-Rest Encryption and Key Exchange protocols

• Experience in Multi-factor authentication and Biometric deployments is a significant plus

• Analyzing Authentication application metrics and deep knowledge on how to onboard legacy application to Cloud container platform services.

• Experience in Ansible playbook creation for automation, Splunk Dashboard setup, RLM or Udeploy tool.

• Familiarity with Analytical tools like Splunk, AppDynamics etc.

• Experience in Cloud technologies like OpenShift, Terraform, CI/CD Pipeline, deep understanding of micro services.

• Familiarity with IT Service Management processes based on the ITIL framework

• Familiarity of Compliance and Risk-management frameworks and methodologies (ISO27002, SDLC)

Education

• Bachelor's Degree (Engineering, Mathematics, or IT related field) or equivalent work experience

• Security certifications such as CISSP is desired but not mandatory. However, willingness to complete certification would be expected.

Job Family Group:

Technology

Job Family:

Information Security

Time Type:

Full time

Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi (https://www.citigroup.com/citi/accessibility/application-accessibility.htm) .

View the "EEO is the Law (https://www.dol.gov/sites/dolgov/files/ofccp/regs/compliance/posters/pdf/eeopost.pdf) " poster. View the EEO is the Law Supplement (https://www.dol.gov/sites/dolgov/files/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf) .

View the EEO Policy Statement (http://citi.com/citi/diversity/assets/pdf/eeo_aa_policy.pdf) .

View the Pay Transparency Posting (https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf)

Citi is an equal opportunity and affirmative action employer.

Minority/Female/Veteran/Individuals with Disabilities/Sexual Orientation/Gender Identity.