The Chief Information Security Office (CISO) is home to deeply talented colleagues that work to ensure the safety of Citi's clients' and our proprietary data. We manage information security as one end-to end program - one with a clear mandate and accountability. Our mission is a program that is fully anchored to modern control and architectural frameworks, is fully aligned with the enterprise architecture of the firm, and is deeply integrated into the sectors and functions.
A strong enterprise cybersecurity organization is necessary to enable Citi businesses to operate safely. The Enterprise Security Architecture's Cryptography Center of Excellence (CSCoE)
organization is responsible for implementing robust enterprise data security controls to ensure Citi is reducing the risk to all threat surfaces with the right cryptography controls, key management, and continuously progressing towards a target state. A key element of this practice is the development and implementation of security controls for Distributed Ledger Technologies (DLTs).
This role will entail developing and operationalizing DLT and cryptocurrency platform security controls to protect Citi's data and our use of these technologies. It will be focused against a wide range of Citi and vendor DLT technologies, smart contract systems, and cryptocurrency frameworks. The desired controls will encompass market leading product capabilities and bespoke solutions covering use of cryptography within DLTs, HSMs, wallets, and key management. This role will maintain strong understanding of DLT security tools, threat models, protection frameworks and methods to disrupt misuse and loss of data. The successful candidate will be adept at creating secure DLT platforms and design patterns. Strong engineering experience is essential to ensure that systems can be successfully implemented while factoring in ease of integration, operational overhead, and user experience. This role reports to the Data Protection Senior Security Architect
The Cyber DLT Engineer will act as a lead engineer for a small and focused cyber DLT support function within the CISO organization. They will ensure all engineering plan and outcomes of the support function are always approved by the Lead DLT Architect of CSCoE. They will work closely with business, technology, and operational partners. Roles and Responsibilities:
Required Skills and Competencies:
- This role will help provide engineering expertise for a range of DLT digital asset custody use cases and will help apply cryptography principles, encryption for securing digital assets during design, and engineering on behalf of custody operations.
- This role will maintain a current understanding of data security principles, encryption algorithms, key management principles and HSMs, as well as cloud key management aspects.
- The successful candidate will be adept at helping create new data security engineering, security architecture patterns for global digital asset custody business and operations.
- The candidate will have a firm understanding of industry best practices, available tooling, and will work with our Cyber Innovation Center to identify emerging technologies.
- They will have the skills to create low level technical documentation such as Technical Design Documents, Interface Control Documents and detailed test plans using Citi approved tools such as MS Visio, MS PowerPoint, MS Excel, and MS Word, Bitbucket and Confluence.
- The candidate will have excellent technical skills to transform DLT architectural designs into reference implementations on different platforms and different software languages.
- Knowledge and experience with data security principles, DLT, application security frameworks and security compliance frameworks such as OWASP Top 10 & ASVS and MITRE ATT&CK framework.
- Subject Matter Expertise (SME) with management of digital assets, key management principles and a good understanding of asymmetric keys, wallets and HSMs.
- Software engineering skills in languages such as Go, Java, or Python, including performing security code reviews.
- Secure software development lifecycle, CD/CI, Dev Ops etc. with experience in static and dynamic application security testing (SAST & DAST), container security and best practices.
- Experience using scripting languages for task automations and vulnerability management tools for reporting and operations
- Knowledge of cyber security principals around identity management, authentication, authorization and access controls and experience performing security code/ architecture reviews.
- Understanding of network security principles (DNS, SSL/TLS etc.), microservice architecture, secrets management and app store security.
- Competent Linux administrator with Docker, Kubernetes, and container security experience.
- Bachelors' degree in computer science or related field.
- CISSP certification
- Master's degree in computer science or related field.
- Experience with secure multi party computation (MPC), threshold signature schemes (TSS), smart contracts and BIP standards for key management and wallets.
- Prior experience working in a high security and/or highly regulated industry or DLT/ blockchain industry.
- Knowledge of integration and messaging patterns.
- Expertise of JIRA, Confluence and Bitbucket.
- Strong analytical skills and ability to get to quickly adapt to Citi culture, processes and technology with minimum hand holding.
------------------------------------------------- Job Family Group:
Technology ------------------------------------------------- Job Family:
Information Security ------------------------------------------------------ Time Type:
Full time ------------------------------------------------------
Citi is an equal opportunity and affirmative action employer.
Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Citigroup Inc. and its subsidiaries ("Citi") invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi
View the " EEO is the Law
" poster. View the EEO is the Law Supplement
View the EEO Policy Statement
View the Pay Transparency Posting