Cloud Security Architect Engineer, SVP

Citi
Full_time$156k-234k/year (USD)Irving, United States

📍 Job Overview

  • Job Title: Cloud Security Architect Engineer, SVP
  • Company: Citi
  • Location: Irving, Texas, United States
  • Job Type: On-site
  • Category: Security Architecture
  • Date Posted: 2025-06-24

🚀 Role Summary

  • Define and drive Google Cloud Platform (GCP) security architecture across Citi's global cloud initiatives
  • Collaborate with infrastructure teams, application developers, compliance officers, and risk managers to embed secure design principles and mitigate evolving cloud threats
  • Lead engineering activities, including hardware, software, and network infrastructure design, acquisition, and deployment
  • Ensure quality standards are met within existing and planned frameworks

💻 Primary Responsibilities

  • Cloud Security Strategy: Develop and implement a comprehensive security strategy for GCP that aligns with the organization’s business goals and compliance standards, such as GDPR, SOC 2, and HIPAA
  • Architecture Design: Develop security infrastructure architectures and frameworks, focusing on protecting sensitive data and mitigating risks across networks, storage, applications, and authentication services using automation
  • Data Security and Encryption: Design and enforce encryption and rest and in transit between all compute boundaries
  • Vulnerability Management: Proactively monitor GCP environments for vulnerabilities, manage threat detection, and ensure prompt response to potential security incidents
  • Cross-Functional Collaboration: Work closely with engineering, development, SRE, and operations teams to enforce security policies and integrate security best practices into the development lifecycle
  • Team Leadership and Training: Guide the security team, promote security awareness across the organization, and ensure compliance with industry standards (e.g., ISO 27001, NIST)

🎓 Skills & Qualifications

Education: Bachelor’s degree/University degree or equivalent experience, Master’s degree preferred

Experience:

  • 10+ years in a Security Architecture role
  • 10+ years in a Cloud Security Engineering role

Required Skills:

  • In-depth understanding of GCP core infrastructure services, security services, encryption practices, and compliance frameworks
  • Deep understanding of GCP IAM, RBAC, Cloud Identity, and zero-trust principles for managing secure access to data and applications in the cloud
  • Expertise in GCP networking, including VPC’s, subnets, firewall configurations, and Google Cloud VPN
  • Experience with scripting and configuration management tools like Bash, Python, Ansible, Puppet, and Chef
  • Analytical skills to assess complex security risks, identify vulnerabilities, and design effective security solutions
  • Git versioning proficiency
  • Proven ability to communicate technical information to stakeholders and work with cross-functionality to enforce security measures

Preferred Skills:

  • None specified

📊 Web Portfolio & Project Requirements

  • Not applicable for this role

💵 Compensation & Benefits

  • Salary Range: $156,160 - $234,240 per year
  • Benefits: Medical, Dental, Vision Coverage, 401(k), Life Insurance, Accident Insurance, Disability Insurance, Wellness Programs, Paid Time Off

🎯 Team & Company Context

🏢 Company Culture

  • Industry: Financial Services
  • Company Size: Large (200,000+ employees)
  • Founded: 1812
  • Team Structure: Large, global security team with cross-functional collaboration across various departments
  • Development Methodology: Agile, with a focus on secure development lifecycle practices

📈 Career & Growth Analysis

  • Web Technology Career Level: Senior-level, strategic role with significant influence on GCP security architecture and compliance
  • Reporting Structure: Reports directly to the Senior Vice President of Cloud Security
  • Technical Impact: Responsible for defining and driving GCP security architecture, ensuring compliance with financial regulations, and mitigating evolving cloud threats

🌐 Work Environment

  • Office Type: On-site, with a global presence in major financial hubs
  • Office Location(s): Irving, Texas, United States (primary location mentioned)
  • Workspace Context: Collaborative, cross-functional workspace with access to relevant tools and resources for cloud security architecture and management
  • Work Schedule: Full-time, with a focus on project deadlines and maintenance windows

📄 Application & Technical Interview Process

  • Interview Process:

    1. Technical preparation and assessment of GCP security knowledge
    2. Web architecture expectations and system design discussion
    3. Cross-functional team interaction and cultural fit assessment
    4. Final evaluation criteria and technical impact discussion

  • Portfolio Review Tips: Not applicable for this role

  • Technical Challenge Preparation:

    1. Familiarize yourself with GCP core infrastructure services, security services, and encryption practices
    2. Brush up on GCP IAM, RBAC, Cloud Identity, and zero-trust principles
    3. Prepare for architecture design and vulnerability management scenarios

🛠 Technology Stack & Web Infrastructure

  • Cloud Platform: Google Cloud Platform (GCP)
  • Infrastructure Tools: Bash, Python, Ansible, Puppet, Chef, Git
  • Security Tools: GCP IAM, RBAC, Cloud Identity, zero-trust principles, vulnerability management tools
  • Networking Tools: GCP networking tools, including VPC’s, subnets, firewall configurations, and Google Cloud VPN

👥 Team Culture & Values

  • Web Development Values: Not applicable for this role
  • Collaboration Style: Cross-functional collaboration with engineering, development, SRE, and operations teams, with a focus on secure development lifecycle practices

⚡ Challenges & Growth Opportunities

  • Technical Challenges:

    1. Staying up-to-date with evolving cloud threats and GCP security best practices
    2. Managing a large, global security team with diverse skill sets and expertise
    3. Ensuring compliance with financial regulations and industry standards in a dynamic cloud environment

  • Learning & Development Opportunities:

    1. Continuous learning and development in cloud security architecture and management
    2. Opportunities to mentor and train junior security team members
    3. Potential career progression to Chief Information Security Officer (CISO) or other senior leadership roles

💡 Interview Preparation

  • Technical Questions:

    1. GCP security architecture and design principles
    2. Vulnerability management and threat detection strategies
    3. Cross-functional collaboration and secure development lifecycle practices

  • Company & Culture Questions: Not applicable for this role

  • Portfolio Presentation Strategy: Not applicable for this role

📌 Application Steps

To apply for this cloud security architecture role:

  1. Submit your application through the application link
  2. Prepare for technical interviews focused on GCP security architecture and management
  3. Research Citi's cloud security initiatives and compliance requirements
  4. Tailor your application and interview responses to highlight your relevant experience and expertise in cloud security architecture

Application Requirements

Candidates should have 10+ years of experience in Security Architecture and Cloud Security Engineering roles, with in-depth knowledge of GCP core infrastructure services and security practices. Strong analytical skills and experience with scripting and configuration management tools are also required.