This list contains only the countries for which job offers have been published in the selected language (e.g., in the French version, only job offers written in French are displayed, and in the English version, only those in English).
Design, develop and engineer Cryptographic, PKI and Certificate management Systems alongside existing engineering team members fulfilling corporate requirements, policies and standards
Take part in defining cryptographic standards, architectures, and governance, and help develop Citi’s next generation crypto ecosystem, a large scale enterprise security solutions using the latest advancements in cryptography and information security and advanced algorithms
Certificate management engineering, focused on automated certificate management, deployment, renewal in various clients, applications operating systems
cryptographic protocols and controls, including but not limited to, post-quantum cryptography, PKI solutions, and strategic vendor interaction
Working with advanced mathematical algorithms within PKI
Participate in device and user certificate management focusing on certificate lifecycle automation projects in Citi, including certificate automation for microservices, desktops, servers, Windows/Unix hosts, network security devices and other appliances
Design and introduce enterprise level certificate automation processes and solutions
Work with all disciplines, engineers, and operational product owners to integrate PKI and certificate management related technologies with Citi platforms
Perform product evaluation, testing and certification of PKI and Crypto technologies
Ensure that all security products meet or exceed Citi internal and regulatory requirements
Provide occasional 4th level support for the product toolset
Produce documentation of processes and procedures for the usage of the product
Follow the Technology Development Life Cycle in the development of all security tools
Requirements
Strong solid experience in cryptography, crypto protocols/algorithms and peripheral technologies is required
Must be familiar with information security concepts, best practices and solutions
Must have a strong engineer background
Database knowledge, preferably MSSQL and scripting background, preferably Powershell is required
Experience with commercial Certificate Authority (CA) products and/or certificate management systems is a plus
Understanding of Microsoft Windows and Unix operating systems
Sound security engineering principles as background to understanding the inner workings of the systems and controls that form an enterprise security ecosystem
Understanding of symmetric key encryption and asymmetric encryption
Experience with a variety of HSM platforms is a plus
Working with Trust Providers is a plus
Bachelor’s degree/University degree or equivalent experience