IS Tech Sr. Analyst-19036912

Description

Who are we?

Citi Technology Infrastructure (CTI) provides the products and services that enable Citi's workforce along with the majority of the financial solutions that Citi's customers rely on. We provide the critical technical foundation for Citi's operations through the infrastructure that runs business and general user computing services. We do this by working as one-team to deliver high quality reliable and modern infrastructure technologies at the right cost. We drive to optimize the functionality and capability of the infrastructure technologies.

The Key Management Centre (KMC) is supporting cryptographic key management and Cryptographic Devices for all businesses running applications in the global CTI Data Centers. The KMC team provides Subject Matter Expert support and guidance on cryptographic technology for all Business as well as providing On-Behalf Key Management Support for all cryptographic key owners. :

• Manages cryptographic devices and keys according the Citi standards or business requirement and overall hardware protected encryption system security requirements.
• Provide expertise on cryptographic hardware and keys
• Provide procedures and guidelines for the operation of cryptographic environments
• Anticipates potential delays and refers the need for corrective action to the team leader.
• Refers upward requirements and recommendations to upgrade the technical environment where it will otherwise be inadequate.
• Decides how to effectively resolve production problems.
• Identifies risks and in-compliances and decides how to ensure business awareness and/or escalation.

Key Responsibilities:

• Deliver and support Key Management and overall cryptographic security in close conjunction with businesses application development system engineering departments and 3rd party contacts all over the world.
• Implement and maintain the Key Management hard and software.
• Key Custodian for businesses and 3rd party trust centres.
• Responsible for secure implementation and handling of cryptographic devices and cryptographic device administration tasks.
• Responsible for secure implementation and handling of cryptographic keys within hardware protected cryptographic encryption systems.
• Compliance with internal / external regulatory.
• Security risks are documented and escalated
• Completes assigned tasks to schedule and agreed quality.
• Effectively communicates and works with other engineering development groups and businesses.
• Participates in the production of design specifications as well as operational documentation.
• Provides technical guidance and direction in Cryptographic Key and Hardware Security Module management within technology infrastructure.
• Solves / works a variety of high-impact high-profile problems / projects with considerable business impact through in-depth evaluation of complex business processes system processes and industry standards; performs root cause analyses.
• Designs testing approaches.
• Designs and creates complex processes and reporting streams.
• Examines and updates processes and procedures for hardware acquisition.

Qualifications

Skills:

CA Siteminder, Ping, LDAP – KDC, Weblogic, Websphere

Ability to understand SOAP calls

Strong understanding of enterprise network - DMZ, BIG IP, VIP, Firewalls, Proxy

Strong verbal and written communication skills

Team player with ability to work under pressure

CA accreditation or certification

Good to have:

Experience in implementation and operational support of Secure Transport protocol solutions that support FTP/ HTTP/s, SSH-FTP, SCP, SFTP

understanding of PGP encryption

Experience with implementing and supporting end to end encryption technology

Experience with supporting one time password technology using Voice, SMS, Biometrics

ITIL / CISSP certification

Education Level Required: Bachelor's Degree

Years of Related Experience: 3-7

#LI-SG