Senior DevSecOps Analyst - Cloud Security Operations, Citi

Citi

Location:
Hungary, Budapest

Category:
IT - Software Development

Contract Type:
Not provided

Salary:

Not provided

Save Job

Apply Position

Job Description:

The Cloud Security Operations team works in a multi-disciplinary team of teams driving cyber security services and solutions to enable Citi to securely adopt private, hybrid, public cloud and SaaS platforms. This role is one of the primary security interfaces with development teams, architects, engineers, and operational teams involved in cloud-related projects. Our operating model emphasizes DevSecOps, that is, automation, integration, and agility based on Security as a Service / Security as Code concepts.

Job Responsibility:

End to end security assurance activities in (AWS/GCP/Azure) including Vulnerability Assessments, Purple Team exercises (Red and Blue team collaboration) to identify areas of risk and ensure any gaps are documented and remediated
Provide threat modeling and risk assessment services to characterize the risk and severity posture of various systems and components in the cloud environment
Partner with Engineering and Operations teams to create, implement, and apply DevSecOps practices and processes that are consumed by developers across all sectors in Citi
Develop and enhance existing processes through automation

Requirements:

Offensive Security-oriented mindset (threat-modeling, vulnerability assessment, penetration testing, etc.)
Hands-on experience with cloud platforms
Excellent understanding of cloud security concepts/best practices in various cloud Service Providers (for example: AWS, GCP, Azure)
Familiarity with the current threat landscape of public cloud platforms
Understanding of recent breaches, APTs and common TTPs used to attack these platforms
Familiarity with securing containers and container orchestration frameworks (such as Kubernetes)
Understanding of MITRE ATT&CK
Programming/scripting languages a plus (Python and PowerShell preferred, but not required)
Ability to deliver presentations to technical and non-technical individuals
Fluency in English
Bachelor's Degree or equivalent working experience
Candidates must possess or be open to pursuing one or more of the following industry-accredited certifications within the 1st year of employment: Cloud security certifications: Azure Security Engineer Associate, Microsoft 365 Certified Security Administrator Associate, AWS Security Specialty, GCP Professional Cloud Security Engineer, etc.
Container/Kubernetes certifications: CKA, CKAD, CKS, etc.
Other security certifications: CEH, OSCP, OSCE, GCPN, etc.

What we offer:

Cafeteria Program
Home Office Allowance (for colleagues working in hybrid work models)
Paid Parental Leave Program (maternity and paternity leave)
Private Medical Care Program and onsite medical rooms at our offices
Pension Plan Contribution to voluntary pension fund
Group Life Insurance
Employee Assistance Program
Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
Flexible work arrangements to support you in managing work - life balance
Career progression opportunities across geographies and business lines
Socially active employee communities with diverse networking opportunities

Additional Information:

Job Posted:
June 26, 2025

Employment Type:

Fulltime

Work Type:

Hybrid work

View All Jobs In This Company

Job Link Share:

Senior DevSecOps Analyst - Cloud Security Operations