Infrastructure Security Analyst, AVP

About Citi:

As a bank with a brain and a soul, Citi creates economic value that is systemically responsible and in our clients’ best interests. As a financial institution that touches every region of the world and every sector that shapes your daily life, our Enterprise Operations & Technology teams are charged with a mission that rivals any large tech company. Our technology solutions are the foundations of everything we do. We keep the bank safe and provide the technical tools our workers need to be successful. We design our digital architecture and ensure our platforms provide a first-class customer experience. Our operations teams manage risk, resources, and program management. We focus on enterprise resiliency and business continuity. We develop, coordinate, and execute strategic operational plans. Essentially, Enterprise Operations & Technology re-engineers client and partner processes to deliver excellence through secure, reliable, and controlled services.

Trust is part of our DNA at Citi. As such, we take safeguarding our customer data very seriously. The Chief Information Security Office (CISO) is made up of deeply dedicated and talented colleagues who work together to ensure the safety of Citi’s and our clients’ assets and information. We manage information security as an end-to-end program – one with a clear mandate and accountability. Our mission is to continually execute and enhance a global security program that is fully anchored to modern control and security frameworks, fully aligned with the technology of the firm, threat-focused and data-driven, and deeply integrated across all Citi businesses globally.

Being talent-driven, we are focused on attracting, developing, and retaining diverse and inclusive talent with a high technical skill level. As a member of our team we will provide you with career development opportunities at all stages of your career. Our employees model a passion for protecting Citi and our clients and believe in treating others with dignity and respect.

As part of a technical group in Chief Information Security Office (CISO) Cyber Security, this position is responsible for supporting the foundation of Cyber Security, specifically with perimeter connectivity and reduction of risk.  The primary task of this role is to help develop and implement governance and compliance for the Network Standards. Focus will include evaluation of business process, identification of key areas for improvement, and documentation of issues. Develop and monitor data quality metrics to ensure deliverables are met. An ideal candidate will have strong technology understanding of current polices and technologies implemented in the network security domain, basic analytical skills providing an evaluation of the current standards, and advanced communication skills.

The Cyber Risk Senior Analyst is a developing professional who stays abreast of developments within own field and contributes to directional strategy by considering their application in own job and the business.  Recognized technical authority for an area within the business.  Requires basic commercial awareness.  There are typically multiple people within the business that provide the same level of subject matter expertise.  Developed communication and diplomacy skills are required in order to guide, influence and convince others, in particular colleagues in other areas and occasional external customers.  Significant impact on the area through complex deliverables.  Provides advice and counsel related to the technology or operations of the business.  Work impacts an entire area, which eventually affects the overall performance and effectiveness of the sub-function/job family

Our commitment to diversity includes a workforce that represents the clients we serve globally from all walks of life, backgrounds, and origins. We foster an environment where the best people want to work. We value and demand respect for others, promote individuals based on merit, and ensure opportunities for personal development are widely available to all. Ideal candidates are innovators with well-rounded backgrounds who bring their authentic selves to work and complement our culture of delivering results with pride. If you are a problem solver who seeks passion in your work, come join us. We’ll enable growth and progress together.


  • Establishes and oversees the application of operational cyber risk policies, technology and tools, and governance processes to create lasting solutions for minimizing losses from failed internal processes, inadequate controls, and emerging risks. 

  • Participating in the design, development, delivery and maintenance of best-in-class Cyber Risk, programs, policies and practices for Risk.

  • Analyzes comparative data, prepares and presents regional and global reports related to cyber risk assessments, and monitoring of cyber related issues. 

  • Investigates regulatory inquiries, preparing required documentation, making recommendations to senior management on how to proceed, and preparing responses for the regulatory inquiries. 

  • Monitors adherence to Citi’s Cyber Risk Policies and relevant procedures.

  • Delivery of associated CAPs linked to Standards key controls

  • Assist in the implementation of a Governance Framework for ID

  • Assist in ID’s delivery of compliance reporting to Regulators, Audit and Operational Risk Management

  • Oversee standard revisions and updates

  • Drive simplification of edge connectivity processes and procedures

  • Develop the risk mosaic to drive risk-based decisions in an automated fashion

  • Gather requirements, use cases, and metrics to drive outcomes

  • Interacts and works with other areas within Citi, as necessary.

  • Keeps abreast of regulatory changes, new regulations and internal policy changes in order to further identify new key risk areas.

  • Additional duties as assigned.

  • Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.


  • 5-8 years of experience

  • 2-5 years Data Governance experience

  • Knowledge of Cyber Risk, rules, regulations, risks and typologies.

  • Excellent written and verbal communication skills.

  • Must be a self-starter, flexible, innovative and adaptive.

  • Strong interpersonal skills with the ability to work collaboratively and with people at all levels of the organization.

  • Work collaboratively with regional and global partners in other functional units; ability to navigate a complex organization.

  • Excellent project management and organizational skills and capability to handle multiple projects at one time.

  • Proficient in MS Office applications (Excel, Word, PowerPoint).  


  • Bachelor’s/University degree or equivalent experience

This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.

As part of a technical group within Citibank’s Security Connectivity Services, the Infrastructure Security Analyst (Connectivity Risk Assurance and Optimization Analyst) is responsible for supporting the Governance pillar of Infrastructure Defense, specifically with the Governance of the Citi Standards and Processes.  This role will be pivotal for the establishment, development and execution of the Infrastructure Defense Governance and Compliance strategy. The preparation of process improvement models and metric tracking of the progress are key components of the position.

This position will be a key resource for the ID Governance and Compliance team. To succeed, the ideal candidate will need a basic knowledge of Technology and Networks to gather, review and analyze data regarding the Standards and Operation processes within Infrastructure Defense.

Critical Competencies:

  • Excellent Microsoft Excel, Word, Outlook, and Presentation skills

  • Excellent listening, written, and oral communication skills

  • Strong analytical, mathematical, and problem-solving skills

  • Able to exercise independent judgment and determine remediation paths

  • Ability to prioritize and execute task under restrictive timelines

  • Experience working in a team-oriented and collaborative environment

  • Ideal candidate will have data governance experience leading to ensuring that data is compliant with regulations, and trustworthy for decision making.

  • Business Understanding

  • Architecture Modeling

  • Communications

  • Problem Solving


Job Family Group:



Job Family:

Information Security


Time Type:

Full time


Primary Location:

Jacksonville Florida United States


Primary Location Full Time Salary Range:

$87,280.00 - $130,920.00

In addition to salary, Citi’s offerings may also include, for eligible employees, discretionary and formulaic incentive and retention awards. Citi offers competitive employee benefits, including: medical, dental & vision coverage; 401(k); life, accident, and disability insurance; and wellness programs. Citi also offers paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays. For additional information regarding Citi employee benefits, please visit Available offerings may vary by jurisdiction, job level, and date of hire.


Anticipated Posting Close Date:

Jun 12, 2024


Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View the "EEO is the Law" poster. View the EEO is the Law Supplement.

View the EEO Policy Statement.

View the Pay Transparency Posting

Cyber Security Jobs by Category

Cyber Security Salaries