Cybersecurity Architect

About Citi:
Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments, and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management.

As a bank with a brain and a soul, Citi creates economic value that is systemically responsible and in our clients' best interests. As a financial institution that touches every region of the world and every sector that shapes your daily life, our Enterprise Operations & Technology teams are charged with a mission that rivals any large tech company. Our technology solutions are the foundations of everything we do from keeping the bank safe, managing global resources, and providing the technical tools our workers need to be successful to designing our digital architecture and ensuring our platforms provide a first-class customer experience. We reimagine client and partner experiences to deliver excellence through secure, reliable, and efficient services.

Our commitment to diversity includes a workforce that represents the clients we serve from all walks of life, backgrounds, and origins. We foster an environment where the best people want to work. We value and demand respect for others, promote individuals based on merit, and ensure opportunities for personal development are widely available to all. Ideal candidates are innovators with well-rounded backgrounds who bring their authentic selves to work and complement our culture of delivering results with pride. If you are a problem solver who seeks passion in your work, come join us. We'll enable growth and progress together.

About Our Team:

The Chief Information Security Office (CISO) is home to deeply talented colleagues that work to ensure the safety of Citi's clients', our revenue, our employees and our proprietary data. We manage information security as one end-to end program - one with a clear mandate and accountability. Our mission is a program that is fully anchored to modern control and architectural frameworks, is fully aligned with the enterprise architecture of the firm and is deeply integrated into the sectors and functions.

The Cybersecurity Architect is responsible for driving efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy.

Responsibilities:

• Plan, research, and design security architecture for IT systems and applications (internally developed as well as vendor supplied) for processing multiple classification levels of data on prem, and cloud.
• Determine the security controls for above, document appropriately and partner with IT architecture/development stakeholders to implement during early in system development life cycle
• Perform security architecture and risk assessment of internally developed or acquired IT systems and applications using best practices including threat modelling. Ensure that security design and controls are consistent with organization's security architecture principals.
• Provide security recommendations including automated controls, configurations on projects, processes, risk exceptions, corrective action plans, and risk reduction initiatives
• Collaborate with the internal and external technology teams to drive the development of strategies and plans for improving both architecture and application security
• Establish relationships with cross-functional areas including Business, Technology, and Compliance stakeholders and serve as a SECURITY subject-matter expert
• Promote awareness and provide consistent interpretation of security policy to technology and business teams
• Manage risk by analyzing the root cause of security issues, determining compensating controls, and driving remediation
• Support Global Information Security policies, standards, and initiatives development and implementation by representing in different Citi action groups such as Delegated Action Groups (DAG).

Qualifications:

• 10+ years of experience as a Security Architect or Application Architect with Security knowledge
• Good understanding of IT Security frameworks such as NIST SP-800, ISO 27001 (required)
• Good knowledge of Software Development processes (SLDC/Agile/Iterative/DevOps)
• Good understanding of Industry attestations like SWIFT CSP, target 2, CHAPs will be a plus
• Experience with Threat Modeling methodologies (e.g., STRIDE, DREAD) and performing threat assessments on applications.
• Experience developing Reference Security Architecture and Design Patterns to support proactive and automated controls
• Experience performing Security Architecture Assessments for one or more IT systems such as Web, Mobile, APIs/Microservices, Cloud (AWS/Google Cloud Platform/Azure/Oracle)
• Strong knowledge of iOS & Android Ecosystem with emphasis on security for mobile applications related to authentication/authorization (biometric emphasis), data protection, session management, data validation, and end point protections
• Strong understanding of Mobile Payment Systemsand supporting ecosystems (i.e. Mastercard / Visa).
• Hands on experience with security controls to defend against mobile attack surface related to end point devices, network APIs/Micro services, and network
• Good understanding of mobile security trends and threats/vulnerabilities and corresponding risk analysis processes and threat modelling techniques
• Must be proficient in applying application security knowledge to improving security in software development phases such as requirements, test cases, assessment, remediation
• Demonstrated ability to take ownership and follow up on issues
• Demonstrated ability to work in a team and to work well under pressure
• Advanced analytical and problem solving skills
• Consistently demonstrates clear and concise written and verbal communication
• Proficient in interpreting and applying policies, standards and procedures
• Demonstrated ability to remain unbiased in a diverse working environment

Education:

Bachelor's degree/University degree or equivalent experience

Master's degree preferred

Job Family Group:
Technology

Job Family:
Information Security

Time Type:
Full time

Primary Location:
Telecommuter Louisiana United States

Primary Location Full Time Salary Range:
$141,440.00 - $212,160.00

In addition to salary, Citi's offerings may also include, for eligible employees, discretionary and formulaic incentive and retention awards. Citi offers competitive employee benefits, including: medical, dental & vision coverage; 401(k); life, accident, and disability insurance; and wellness programs. Citi also offers paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays. For additional information regarding Citi employee benefits, please visit citibenefits.com. Available offerings may vary by jurisdiction, job level, and date of hire.

Most Relevant Skills
Please see the requirements listed above.

Other Relevant Skills
For complementary skills, please see above and/or contact the recruiter.

Anticipated Posting Close Date:
Oct 01, 2025

Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law.

If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View Citi's EEO Policy Statement and the Know Your Rights poster.