Overview of the Role

Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments, and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management.

As a bank with a brain and a soul, Citi creates economic value that is systemically responsible and in our clients’ best interests. As a financial institution that touches every region of the world and every sector that shapes your daily life, our Enterprise Operations & Technology teams are charged with a mission that rivals any large tech company. Our technology solutions are the foundations of everything we do from keeping the bank safe, managing global resources, and providing the technical tools our workers need to be successful to designing our digital architecture and ensuring our platforms provide a first-class customer experience. We reimagine client and partner experiences to deliver excellence through secure, reliable, and efficient services.

Our commitment to diversity includes a workforce that represents the clients we serve from all walks of life, backgrounds, and origins. We foster an environment where the best people want to work. We value and demand respect for others, promote individuals based on merit, and ensure opportunities for personal development are widely available to all. Ideal candidates are innovators with well-rounded backgrounds who bring their authentic selves to work and complement our culture of delivering results with pride. If you are a problem solver who seeks passion in your work, come join us. We’ll enable growth and progress together.

Ideal Candidate

Whether you are an Application Developer looking to make the switch into the challenging, yet rewarding, world of information security, or you are an elite white-hat hacker, Citi is the place for you. Our team of world class, talented individuals, who are passionate about security, put their skills to the test every day on a global scale. At Citi, you will be exposed to all sorts of technologies on enterprise-scale, so hunger for knowledge and research is greatly appreciated and rewarded.

• Background is enterprise software development with expertise in technologies such as: Java/J2EE (Spring, Struts), .NET (ASP.NET, C#, Webflow, MVC, WebAPI), , JavaScript Frameworks (NodeJS, AngularJS), Web Applications, REST/SOAP APIs/Web Services, Mobile Applications, Thick Clients, Microservices Architecture based applications running on containers/cloud (GCP, AWS, Azure), or Blockchain and smart contracts implementations, then our application penetration testing team is the right place for you!
• Background is penetration testing with expertise in API security testing such as: hands-on ethical hacking using security tools (BurpSuite, AppScan), knowledge of OWASP Top 10 API Security Risks, OWASP Top 10, CWE/SANS Top 25, Threat Modeling, understanding microservice application architecture, design and functionalities with an interest in performing security reviews of diverse and challenging applications, then our application penetration testing team is the right place for you!

This team specializes in conducting various types of vulnerability assessments (full end-to-end white-box and/or grey-box testing) on a variety of Citi applications (Web, Mobile, Thick Client, and APIs) by manually identifying, researching, validating, and exploiting various known and unknown application security vulnerabilities.

Core responsibilities include:

• Act as a subject matter expert in offensive information security performing dynamic and manual security assessments on APIs.
• Drive remediation by outlining a defense-in-depth approach to business stakeholders and providing strategic solutions to developers on effective preventive and detective security controls and counter measures, such as guardrail capabilities within a well-defined OpenAPI specification.
• Have strong technical writing and presentation skills to report and articulate the vulnerability assessment results to any audience.
• Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement and automation.
• Must have or be willing to obtain Industry-accredited security certifications such as: BSCP, GWAPT, GPEN, OSCP, OSWE, CISSP, or other related certifications.

An ideal candidate will have both a development and security background with knowledge of API gateway solutions such as Apigee, API Connect, etc. Additionally, experience in developing custom security scripts for offensive security tooling and/or CI/CD tooling for shifting security testing earlier within the SDLC is a benefit. However, irrespective of your current role. Working knowledge of API specific security tools such as Traceable and Akamai as well as experience with hands on security testing tools such as Postman, ReadyAPI, BurpSuite Proxy, AppScan, WebInspect, and meet most of the above listed requirements, then don't miss this opportunity to join our growing team of expert ethical hackers.

Education:

Master’s Degree with a minimum of 3 years of experience or a Bachelor’s Degree with a minimum of 5 years of experience

Job Family Group:

Technology

Job Family:

Information Security

Time Type:

Full time

Primary Location:

Fort Lauderdale Florida United States

In addition to salary, Citi’s offerings may also include, for eligible employees, discretionary and formulaic incentive and retention awards. Citi offers competitive employee benefits, including: medical, dental & vision coverage; 401(k); life, accident, and disability insurance; and wellness programs. Citi also offers paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays. For additional information regarding Citi employee benefits, please visit citibenefits.com. Available offerings may vary by jurisdiction, job level, and date of hire.

-

Anticipated Posting Close Date:

Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View the "EEO is the Law" poster. View the EEO is the Law Supplement.

View the EEO Policy Statement.

View the Pay Transparency Posting

- Currently enrolled in an accredited college or university Master's degree program. - Majoring in Computer Science, Statistics or a related STEM discipline. - Graduation date falls in May/June 2027 and beyond. - Ability to work year-round: part-time during the school year and full-time during the summer. - Living within commutable distance to Austin, TX and able to work in-person for all hours.
The Jr. Applied Scientist role is a unique employment opportunity for students seeking to gain on-the-job applied science and machine learning experience and receive excellent mentoring while completing their education. Jr. Applied Scientists are immersed in an Amazon team and work on exciting, meaningful projects that impact real Amazon customers. Paired 1:1 with a Amazon Applied Science Mentor, Jr. Applied Scientists receive guidance and support in all aspects of their role: skill development, career advisement, project collaboration, and more! Upon successful completion of your degree and success in the Jr. Applied Scientist role, the opportunity for full-time employment will be available at the Amazon corporate site in Austin, TX. The Jr. Applied Scientist role is part of the Jr. Developer Program, a unique internship program in several respects: • We offer work year-round, part-time (16 hrs/week) while in school and full-time (40hrs/week) during summer. Working schedules are flexible and can be re-arranged each quarter to accommodate class schedules. • We offer excellent mentoring. Our full-time applied scientists, data scientists, business intelligence engineers, and software development engineers are willing and able to mentor exceptional student applied scientists, data scientists, SDEs, and BIEs. • Jr. Applied Scientists are given responsibilities and roles that prepare them to enter the workforce after graduation with “real world” applied science and machine learning experience. Jrs. who participate in the Jr. Developer Program routinely acknowledge the valuable learning experience created by the uniform excellence of their teams, mentoring offered by experienced Amazonians, and the challenge of being a principal contributor to science and software products. Key job responsibilities • Amazon applied scientists are specialists with the knowledge to help drive the scientific vision for our products. They are aware of the state-of-the-art in their respective field of expertise and are constantly focused on advancing that state-of-the-art for improving Amazon’s products and services. • As an Applied Scientist at Amazon, you will connect with world leaders in your field working on similar problems. You will be working with distributed systems of data and providing technical partnership to the product managers, teams, and organizations building machine learning solutions. You will be tackling Machine Learning challenges in Supervised, Unsupervised, and Semi-supervised Learning; utilizing modern methods such as deep learning and classical methods from statistical learning theory, detection, estimation. • This individual will analyze large amounts of data, discover and solve real world problems and build metrics and business cases around key performance of this program. • The ideal candidate will use a customer backwards approach in deriving insights and identifying actions we can take to improve the customer experience and conversion for the program.

• Previous technical internship(s).
• Effectively articulate technical challenges and solutions.
• Adept at handling ambiguous or undefined problems as well as ability to think abstractly.

Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.

Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you’re applying in isn’t listed, please contact your Recruiting Partner.

Taking care of people is at the heart of everything we do, and we start by taking care of you, our valued colleague. A career at Sedgwick means experiencing our culture of caring. It means having flexibility and time for all the things that are important to you. It’s an opportunity to do something meaningful, each and every day. It’s having support for your mental, physical, financial and professional needs. It means sharpening your skills and growing your career. And it means working in an environment that celebrates diversity and is fair and inclusive.

A career at Sedgwick is where passion meets purpose to make a positive impact on the world through the people and organizations we serve. If you are someone who is driven to make a difference, who enjoys a challenge and above all, if you’re someone who cares, there’s a place for you here. Join us and contribute to Sedgwick being a great place to work.

PRIMARY PURPOSE : To develop complex reports and analyze company data including Corporate or client specific data; to serve as a technical resource for company staff on data analysis and benchmarking issues; to meet with clients on such issues as necessary; to provide training and data analysis education for program staff; and to provide technical oversight and guidance to client dedicated analysts located in multiple field offices.

ESSENTIAL FUNCTIONS and RESPONSIBILITIES

• Develops comprehensive, complex and accurate information reports.
• Creates complex data reports and provides analysis for forecasting and/or benchmarking used by senior management.
• Reports directly to senior management; communicates data findings for forecasting and client needs.
• Obtains, analyzes and provides appropriate feedback on company or client specific information needs.
• Provides complex data analysis functions to meet client specific, program or company senior management needs.
• Serves as a resource for colleagues on data analysis and benchmarking issues.
• Provides technical oversight and guidance to client dedicated analysts located in multiple field offices.
• Provides training and data analysis education for colleagues.

ADDITIONAL FUNCTIONS and RESPONSIBILITIES

• Performs other duties as assigned.
• Supports the organization's quality program(s).
• Travels as required.

QUALIFICATIONS

Education & Licensing
Bachelor's degree with major in Business Administration, Statistics, or Quantitative Analysis from an accredited college or university preferred. Computer Science courses preferred.

Skills & Knowledge

• • Knowledge of risk management information systems including utilization and functionality
  • Excellent oral and written communication, including presentation skills
  • PC literate, including Microsoft Office products
  • Analytical and interpretive skills
  • Strong organizational skills
  • Strong time management skills
  • Excellent interpersonal skills
  • Excellent negotiation skills

WORK ENVIRONMENT
When applicable and appropriate, consideration will be given to reasonable accommodations.

Mental: Clear and conceptual thinking ability; excellent judgment, troubleshooting, problem solving, analysis, and discretion; ability to handle work-related stress; ability to handle multiple priorities simultaneously; and ability to meet deadlines

Physical: Computer keyboarding, travel as required

Auditory/Visual: Hearing, vision and talking

NOTE : Credit security clearance, confirmed via a background credit check, is required for this position.

The statements contained in this document are intended to describe the general nature and level of work being performed by a colleague assigned to this description. They are not intended to constitute a comprehensive list of functions, duties, or local variances. Management retains the discretion to add or to change the duties of the position at any time.

Sedgwick is an Equal Opportunity Employer and a Drug-Free Workplace.

Jr. Business Analyst

Location: Remote

Project Details: Corporate Banking Application Support and Enhancements

Accounting and Data Governance related Analysis and support

Maintain overall In house applications systems to ensure day to day functioning

End of Term Support and ensure monthly, quarterly and yearly reports submission to Regulatory Boards

Responsibilities:

• Conduct comprehensive requirement analysis to capture and document end-to-end business use cases effectively.
• Develop detailed business cases and provide support to Operations teams during User Acceptance Testing (UAT).
• Create and maintain functional requirement documentation with accuracy and clarity.
• Communicate and transfer end-to-end requirements seamlessly to the technical team, ensuring alignment with business objectives.
• Offer ongoing support and clarification to the technical team during the development phase.

Requirements:

• Strong understanding of capital markets and the corporate banking regulatory framework.
• Expertise in accounting principles and practices.
• In-depth knowledge of US banking regulations is essential.
• Experience providing data governance support for accounting teams.

Title: Cloud Architect
Location: Hybrid

Resource Proposal for Cloud Security Engineer – Integration Modernization Initiative
Project Name: Integration Modernization
Key Technologies Involved: TIBCO, APIGEE, Kafka, and other integration tools (TBD)
Initiative Timeframe: Short-term (3-6 months): Focus on TIBCO, APIGEE, Kafka - Long-term (6-12 months): Additional integration tools (TBD)

Scope of Work
The Cloud Security Engineer will work closely with the Integration Modernization team to design, implement, and monitor security measures across various integration tools. They will ensure the integrity, confidentiality, and availability of data as it flows between systems. The security engineer will also assist in defining policies and best practices for integrating TIBCO, APIGEE, Kafka, and any future tools. This role will involve both strategic planning and tactical implementation.
Key responsibilities include:

1. Security Assessment and Risk Management:
   • Conduct security risk assessments for integration tools (TIBCO, APIGEE, Kafka, etc.)
   • Identify and mitigate potential vulnerabilities in cloud-based architectures.
   • Ensure proper encryption and key management protocols are in place.
2. Architecture and Design:
   • Collaborate with solution architects to design secure integration architectures, ensuring proper authentication, authorization, and data protection across the platforms.
   • Work with cross-functional teams to integrate security into DevOps pipelines, CI/CD workflows, and API lifecycle management.
3. Tool and Platform Security:
   • Ensure security configurations of TIBCO, APIGEE, Kafka, and other integration tools are aligned with industry standards and organizational policies.
   • Manage security integrations with Ulta's identity management systems.
4. Monitoring and Incident Response:
   • Set up continuous monitoring for security events and anomalies across the integration platforms.
   • Respond to security incidents and provide remediation guidance in the event of breaches or vulnerabilities.
5. Documentation and Knowledge Transfer:
   • Maintain up-to-date security documentation for each platform transferring monitoring and incident response to the Security Operations Center.
   • Conduct knowledge transfer sessions for the wider IT and security teams to ensure ongoing security practices are followed.

Resource Justification
Given the breadth of tools involved, including TIBCO, APIGEE, and Kafka, a dedicated Cloud Security Engineer is required to ensure that security considerations are fully embedded into every phase of the integration process. Their expertise will not only safeguard the organization's assets but will also promote efficiency by proactively addressing potential security gaps before they evolve into major issues.

Skills and Experience Required
The ideal candidate will have a combination of the following skills and experience:
Technical Skills:

• Cloud Security Expertise: Experience securing cloud-based architectures, including AWS, Azure, or Google Cloud.
• Integration Platforms: Deep knowledge of integration tools such as TIBCO, APIGEE, and Kafka with a focus on security.
• API Security: Expertise in securing APIs using industry-standard protocols (OAuth 2.0, OpenID Connect, JWT, etc.).
• Network Security: Knowledge of securing microservices, messaging systems, and network communication in hybrid and multi-cloud environments.
• Identity and Access Management (IAM): Experience implementing IAM solutions for integration platforms, including SSO, RBAC, and MFA.