Vulnerability Assessments Analyst - Red Team Dev Sec Ops

• Support existing Red Team lab infrastructure, and build out new requirements to align with exercise requirements
• Ensuring effective design, safe and secure deployment, continued patching and assurance of these systems from cradle to grave
• Manage keys, and user access to systems within the lab
• Manage logging and auditing of user access to infrastructure and tooling within the lab
• Manage risk appropriately for mission critical, and sensitive systems
• Develop and maintain automation scripts for rapid deployment, configuration management, and gold images
• Demonstrate consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency

• 4+ years’ experience or equivalent knowledge and exposure are required with most of the following: Understanding and able to deploy and orchestrate virtualized systems
• Understanding and ability to apply secure network design concepts, systems hardening, and RBAC/AAA
• Familiarity with common network and host security and logging platforms and products such as firewalls, VPNs, EDRs, SIEMs
• Familiarity with logging, log forwarding, and resource monitoring of deployed services and infrastructure
• Familiarity with CI/CD concepts and how it can be applied with Infrastructure as Code
• Understanding and ability to develop automation and maintain scripts such as terraform, ansible, chef/puppet to deploy and management systems at scale
• Hands on experience and functional experience in deploying common C2 frameworks such as Sliver, and Mythic
• Bachelor’s degree/University degree or equivalent experience
• Industry-accredited security certifications highly preferred but not required

Industry-accredited security certifications