Vulnerability Assessments Analyst - Red Team, AVP (C12)The Role:The Red Team DevOps Analyst - Red Team, AVP will design, manage, and support Red Team infrastructure that drives complex engagements. The candidate will additionally support the on-going Red Team and Purple Team programs and is expected to take an active hands-on role in focusing on reducing technical overhead through design simplification, orchestration, and automation.In addition, this role will expose the DevOps analyst to complex Red Team operations in a fast-paced environment where the ability to perform under pressure is key to success.ResponsibilitiesSupport existing Red Team lab infrastructure, and build out new requirements to align with exercise requirementsEnsuring effective design, safe and secure deployment, continued patching and assurance of these systems from cradle to graveManage keys, and user access to systems within the labManage logging and auditing of user access to infrastructure and tooling within the labManage risk appropriately for mission critical, and sensitive systemsDevelop and maintain automation scripts for rapid deployment, configuration management, and gold imagesDemonstrate consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparencyQualifications4+ years’ experience or equivalent knowledge and exposure are required with most of the following:Understanding and able to deploy and orchestrate virtualized systemsUnderstanding and ability to apply secure network design concepts, systems hardening, and RBAC/AAAFamiliarity with common network and host security and logging platforms and products such as firewalls, VPNs, EDRs, SIEMsFamiliarity with logging, log forwarding, and resource monitoring of deployed services and infrastructureFamiliarity with CI/CD concepts and how it can be applied with Infrastructure as Code.Understanding and ability to develop automation and maintain scripts such as terraform, ansible, chef/puppet to deploy and management systems at scaleHands on experience and functional experience in deploying common C2 frameworks such as Sliver, and MythicEducation:Bachelor’s degree/University degree or equivalent experienceIndustry-accredited security certifications highly preferred but not requiredThis job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.Job Family Group: TechnologyJob Family: Information SecurityTime Type: Full timeCiti is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law.If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review .View Citi’s and the poster.
Vulnerability Assessments Analyst - Red Team, AVP (C12)The Role:The Red Team DevOps Analyst - Red Team, AVP will design, manage, and support Red Team infrastructure that drives complex engagements. The candidate will additionally support the on-going Red Team and Purple Team programs and is expected to take an active hands-on role in focusing on reducing technical overhead through design simplification, orchestration, and automation.In addition, this role will expose the DevOps analyst to complex Red Team operations in a fast-paced environment where the ability to perform under pressure is key to success.ResponsibilitiesSupport existing Red Team lab infrastructure, and build out new requirements to align with exercise requirementsEnsuring effective design, safe and secure deployment, continued patching and assurance of these systems from cradle to graveManage keys, and user access to systems within the labManage logging and auditing of user access to infrastructure and tooling within the labManage risk appropriately for mission critical, and sensitive systemsDevelop and maintain automation scripts for rapid deployment, configuration management, and gold imagesDemonstrate consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparencyQualifications4+ years’ experience or equivalent knowledge and exposure are required with most of the following:Understanding and able to deploy and orchestrate virtualized systemsUnderstanding and ability to apply secure network design concepts, systems hardening, and RBAC/AAAFamiliarity with common network and host security and logging platforms and products such as firewalls, VPNs, EDRs, SIEMsFamiliarity with logging, log forwarding, and resource monitoring of deployed services and infrastructureFamiliarity with CI/CD concepts and how it can be applied with Infrastructure as Code.Understanding and ability to develop automation and maintain scripts such as terraform, ansible, chef/puppet to deploy and management systems at scaleHands on experience and functional experience in deploying common C2 frameworks such as Sliver, and MythicEducation:Bachelor’s degree/University degree or equivalent experienceIndustry-accredited security certifications highly preferred but not requiredThis job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.Job Family Group: TechnologyJob Family: Information SecurityTime Type: Full timeCiti is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law.If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review .View Citi’s and the poster.
