Full-Time

Cloud Security Engineer

Incident Response, VP, C13

Updated on 12/3/2024

Citigroup

Citigroup

10,001+ employees

Global financial services and banking solutions

Fintech
Social Impact
Financial Services

Compensation Overview

$125.8k - $188.6kAnnually

+ Incentive Awards + Retention Awards

Mid, Senior

Tampa, FL, USA + 1 more

More locations: Irving, TX, USA

Primary location is Irving, Texas.

Category
Cybersecurity
IT Project Management
IT & Security
Required Skills
PowerShell
Kubernetes
Microsoft Azure
Python
SQL
Postgres
Docker
CloudFormation
AWS
Linux/Unix
Google Cloud Platform
Requirements
  • 4+ years' hands-on experience in Cloud Security owning security incident remediation with at least 2 years' experience working in Cyber Incident Response and Investigations in enterprise environments with Cloud and Forensics components
  • Hands-on DevSecOps experience with Cloud environments and underlying storage, compute, monitoring and security-oriented services
  • Hands-on experience with analyzing and pivoting through large data sets of logs
  • Prior experience with common security-focused Cloud services on one or more CSPs, i.e. AWS, GCP, Azure/M365
  • Experience with Container Orchestration services such as AWS EKS and/or GCP GKE along with methods and tools (e.g., Docker, Kubernetes)
  • Linux/UNIX OS specifically in command line (CLI) use and basic file system knowledge
  • Working knowledge of relational database systems and concepts (SQL Server, PostgreSQL, etc.)
  • Proficient in basic scripting and automation of tasks (e.g., PowerShell, Python, CloudFormation, SSM Automation etc.)
  • Strong working knowledge of Networking Protocols and Cloud Infrastructure Designs including routing, firewall functionality, host and network intrusion detection/prevention systems, encryption, load balancing, and other network protocols
  • Must have flexibility to work outside of normal business hours when necessary
  • Bachelor's degree in a technically rigorous domain such as Computer Science, Information Security, Engineering, Digital Forensics, etc.
  • 1 of more of the following Certifications is highly preferred: AWS Certified Solutions Architect - Professional, AWS Certified Security - Specialty, GCP Professional Architect, GCP Professional Cloud Security Engineer, Certified Kubernetes Security Specialist, SC-400 Information Protection and Compliance Administrator Associate, SC-200 Security Operations Analyst Associate, AZ-500 Azure Security Engineer Associate, MS-500 Microsoft 365 Certified: Security Administrator Associate
Responsibilities
  • Lead and support in-depth triage and investigations of urgent cyber incidents and remediation in Cloud
  • Facilitate Cloud focused investigations by analyzing logs relevant to the underlying cloud service provider (CSP)
  • Utilize automation to gather forensic artifacts such as memory, disk, etc. for in-depth analysis and investigations
  • Take ownership of Cloud incidents and drive them to conclusion while documenting investigation analysis objectively capturing the Who, What, When, Where, Why and How as related to the incident
  • Develop, document and maintain operationally effective playbooks to deal with Cloud-based incidents
  • Perform Cloud-native automation to run resource containment actions as relevant to sources of compromise and/or malicious activities in scope
  • Conduct host-based analytical functions (e.g. digital forensics, metadata and data analysis) to uncover Indicators of Compromise (IOCs) and/or Tactics, Techniques and Procedures (TTPs)
  • Clearly and concisely articulate any recommendations that arise from investigative activities and converse confidently with both technical and non-technical stakeholders as needed
  • Own and drive the development of new automation capabilities and supporting playbooks as per assigned domains within Cloud
  • Actively participate in Threat modelling of new services/capabilities, readiness exercises such as purple team, tabletops, CTF’s etc.
  • Stay curious, current and up to date with the evolving landscape of threat activities, cybersecurity best practices, and newer Cloud services/capabilities

Citigroup provides a wide range of financial services, including consumer banking, corporate and investment banking, and wealth management, to clients around the world. Its services include loans, credit products, securities brokerage, and asset management, catering to individual consumers, businesses, and government entities. Citigroup operates in over 160 countries, utilizing its extensive global network and technology to offer efficient financial solutions. Unlike many competitors, Citigroup emphasizes its commitment to sustainability and social responsibility through significant investments in environmental, social, and governance initiatives. The company's goal is to facilitate international trade and investment while managing financial assets and providing liquidity in the global financial system.

Company Stage

Private

Total Funding

$59.8M

Headquarters

Tel Aviv-Yafo, Israel

Founded

N/A

Simplify Jobs

Simplify's Take

What believers are saying

  • Citi's involvement in significant financial deals, such as the $41 million debt facility with Buyerlink, showcases its strong market presence and financial influence.
  • The company's focus on ESG initiatives aligns with growing global trends towards sustainability, potentially attracting more clients and investors.
  • Citi's technological innovations enhance its service delivery, offering employees opportunities to work with cutting-edge financial technologies.

What critics are saying

  • Operating in a highly competitive financial services market, Citi faces constant pressure to innovate and maintain its market share.
  • Global economic fluctuations and regulatory changes can impact Citi's operations and profitability, posing challenges for employees.

What makes Citigroup unique

  • Citi's extensive global network across 160 countries provides unparalleled access to cross-border financial services, setting it apart from regional competitors.
  • The company's commitment to ESG initiatives and technological innovation positions it as a forward-thinking leader in the financial services industry.
  • Citi's diverse range of services, from consumer banking to investment banking and wealth management, allows it to cater to a wide array of clients, unlike more specialized financial institutions.

Help us improve and share your feedback! Did you find this helpful?