Cyber Distributed Ledger Technologies Engineer – VP (Hybrid)
The Chief Information Security Office (CISO) is home to deeply talented colleagues that work to ensure the safety of Citi's clients' and our proprietary data. We manage information security as one end
The Chief Information Security Office (CISO) is home to deeply talented colleagues that work to ensure the safety of Citi’s clients’ and our proprietary data. We manage information security as one end-to end program – one with a clear mandate and accountability. Our mission is a program that is fully anchored to modern control and architectural frameworks, is fully aligned with the enterprise architecture of the firm and is deeply integrated into the sectors and functions.
A strong enterprise cybersecurity organization is necessary to enable Citi businesses to operate safely. The Enterprise Security Architecture’s Cryptography Center of Excellence (CSCoE) organization is responsible for implementing robust enterprise data security controls to ensure Citi is reducing the risk to all threat surfaces with the right cryptography controls, key management, and continuously progressing towards a target state. A key element of this practice is the development and implementation of security controls for Distributed Ledger Technologies (DLTs).
This role will entail thought leadership, analysing and supporting Data Protection and secure architecture initiatives of Data Protection architecture team. This will cover technical documentation, analysis, liaisons to be a catalyst of secure implementations of DLT, its cryptography, its certificate management and its platform security controls to protect Citi’s data and our use of these technologies. The desired controls will encompass research (internal and external), building technical documentations of baseline and target states covering market leading product capabilities and bespoke solutions covering use of cryptography within DLTs, HSMs, wallets, and key management. The successful candidate will be adept at supporting the development of secure DLT platforms and analysing designs for gaps aligning with Citi Policies. Strong systems engineering experience is essential to ensure that systems can be successfully implemented while factoring in ease of integration, operational overhead, and user experience.
The Cyber DLT Analyst will act as a support for a small and focused cyber DLT function within the CISO organization. They will work with DLT initiatives to ensure all design plans and controls of the DLT systems are always approved by the CISO Lead DLT Architect. They will work closely with business, technology, and operational partners.
Roles and Responsibilities (technical):
- This is an individual contributor role.
- The candidate will demonstrate the ability to get onboarded to Citi technical tools and platforms quickly.
- Once onboarded, the candidate, in their Individual Contributor role, will demonstrate the ability to work with minimal handholding.
- The candidate will create low–level technical analysis documentation for any technical analysis and liaisons they perform in relation to an assigned task/ work to be a catalyst of secure implementations of DLT, its cryptography, its certificate management and its platform security controls to protect Citi’s data and our use of these technologies.
- The candidate will create research documentation to uplift Citi current implementation use cases- systematically identify gaps and offer alternative technical approaches via clear low-level documentation to bridge the gaps.
- The candidate will create low level technical proof of concepts, technical documentation in confluence and Jira, based on assumptions and hypothesis, a firm understanding of industry best practices and co-relate with Citi’s current DLT architectures and implementations for a well-rounded security reference and recommendation.
- In their technical catalyst role, they will demonstrate the skills to create low level technical documentation such as Technical Design Documents, Interface Control Documents and detailed test plans using MS Visio/draw.io, MS PowerPoint, MS Excel, and MS Word, Jira, Bitbucket, SharePoint and Confluence.
Required Skills and Competencies:
- Knowledge and experience with data security principles, DLT, application security frameworks and security compliance frameworks such as OWASP Top 10 & ASVS and MITRE ATT&CK framework.
- Subject Matter Expertise (SME) with management of digital assets, key management principles and a good understanding of asymmetric keys, wallets and HSMs.
- Knowledge of cyber security principals around identity management, authentication, authorization and access controls and experience performing security code/ architecture reviews.
- Understanding of network security principles (DNS, SSL/TLS etc.), microservice architecture, secrets management and app store security.
- Competent Linux administrator with Docker, Kubernetes, and container security experience.
- Bachelors’ degree in computer science or related field.
- Experience with secure multi party computation (MPC), threshold signature schemes (TSS), smart contracts and BIP standards for key management and wallets.
- Prior experience working in a high security and/or highly regulated industry or DLT/ blockchain industry.
- Knowledge of integration and messaging patterns.
Job Family Group:
Citi is an equal opportunity and affirmative action employer.
Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Citigroup Inc. and its subsidiaries (“Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.
View the “EEO is the Law” poster. View the EEO is the Law Supplement.
View the EEO Policy Statement.
View the Pay Transparency Posting