Skip Navigation

open main navigation menu
city landscape


Advanced Search

Search Jobs

Match Your Skills

Search jobs based on your LinkedIn profile.

Match Now

Career Opportunity

CSIS Cyber Program DevOps Team Lead

Locations: Irving, Texas, Tampa, Florida Job Function: Corporate Services Employee Status: Regular Job ID: 20196622


Citi's Global Cyber Investigations Team seeks a highly skilled DevOps engineer to support critical efforts aimed at protecting Citi infrastructure, assets, clients and stakeholders.This is a demanding role with global exposure and responsibility. You will serve both as a technical subject matter expert and as an ambassador for the global investigations team. Youwill be assigned to Citi's Cyber Security Fusion Center and will support a talented cadre of security specialists and incident responders in their efforts to react aggressively to urgent security events. Your actions will impact security decisions across the organization, and play an important part in maturing the fusion center's team-of-teams operation.


As a DevOps Lead Engineer in the Cyber Security Fusion Center your primary responsibility is to develop and maintain infrastructure and applications that directly support cyber investigators as they respond to critical security events. Related activities include but are not limited to:

  • Build and lead an agile DevOps team
  • Architect, design, develop, deploy, maintain and support infrastructure and applications to support cyber investigations in both on-premise and cloud environments
  • Collaborate with fusion center partners to strengthen feedback loops around common data schemas, frameworks and taxonomies
  • Establish and maintain versioned code repositories 
  • Automate high value, high cost work streams to improve efficiency and reduce cycle times

  • Support investigator actions aimed at disrupting, containing, eradicating, and remediating cyber threats


You should be all of the following:

1. A skilled and creative engineer. Success will depend on your ability to:

  • Stay current with the evolving landscape of relevant applications, tools and devops best practices
  • Write clean, efficient, well documented code
  • Maintain a versioned code repository
  • Pursue and champion API's, automation, scalability and high-availability

2. A goal oriented individual contributor. Success will depend on your ability to:

  • Stay motivated and work independently with minimal oversight
  • Adapt to changing requirements in a fast paced environment
  • Multitask and meet deadlines despite competing priorities
  • Navigate operational impediments in order to complete time sensitive tasks
  • Identify and document any opportunities for process improvement

3. A reliable team player. Success will depend on your ability to:

  • Practice mutual respect at all times
  • Establish trust and build strong partnerships
  • Resolve conflict in a constructive manner and use as an opportunity to develop team unity
  • Prioritize collective success ahead of individual ambition

4. A great communicator. Success will depend on your ability to :

  • Establish clear narratives to describe any observations and recommendations
  • Clearly and concisely articulate goals and expectations to your direct reports and other teammates  
  • Motivate colleagues and partners to cooperate and support as needed
  • Exert influence both verbally and in writing

Minimum Requirements

  • Education and Experience
    • Bachelor’s degree in a technically rigorous domain such as Computer Science, Information Security, Engineering, etc.
    • Minimum 5 years of professional experience as an application developer, system architect and/or devops engineer, or demonstrated equivalent capability.
    • Minimum 5 years of professional experience as team lead or manager
    • Prior success leading application development/deployment projects
    • Prior experience managing a team of individual contributors
  • Knowledge and Skills
    • Strong understanding of SDLC best practices and agile methods
    • Strong understanding of how computer applications, systems, and networks are managed and secured.
    • Proficient in an object-oriented programming language (e.g. Python, C#, Java)
    • Proficient in a scripting language (e.g. Bash, PowerShell)
    • Proficient in any query language (e.g. SQL)
    • Working knowledge of assembly or low level languages (e.g. C)
    • Working knowledge of relational database systems and concepts (SQL Server, PostgreSQL, etc.)
    • Working knowledge of REST API development and maintenance, including use of documentation engines such as Swagger
    • Working knowledge of virtualization products (e.g. VMware Workstation)
    • Working knowledge of versioned code repositories (e.g. Git, BitBucket)
    • Working knowledge of agile knowledge management tools (e.g. Jira, Confluence)
    • Basic knowledge of common security threats and vulnerabilities, attack vectors, and adversary tactics, techniques and procedures (TTP's)
  • Other
    • Must have flexibility to work outside of normal business hours when necessary

Preferred Requirements

  • Education and Experience

    • Graduate degree in a technically rigorous domain such as Computer Science, Information Security, Engineering, etc.

    • Minimum 8 years of professional experience as an application developer, system architect and/or devops engineer

    • Prior experience with information technology and/or information security in the financial services industry

    • Prior experience withapplication deployment and support incloud environments (e.g. AWS, GCP, Azure), including use of specific tools such as CloudFormation and TerraForm. 

    • Prior experience with containerization methods and tools (e.g. Docker, Kubernetes)

    • Prior experience with DevSecOps, including CI/CD methods and tools (e.g. Jenkins, Travis, AWS CodeBuild)

    • Prior experience with aDFIR toolset (e.g. EnCase, FTK, Sleuth Kit) and related scripting (e.g. EnScripts, EnConditions)
    • Prior experience with some of the following tools: Splunk, Volatility, YARA, FastAPI, CrowdStrike Falcon, SIFT Workstation, Security Onion, Wireshark, Plaso, Nuix, IBM I2, Metasploit, ServiceNow.

    • Prior experience with database design and administration
  • Knowledge and Skills

    • Any professional certifications issued by GIAC, AWS, etc.

    • Working knowledge of security and/or incident response in cloud environments

    • Working knowledge of common security models (Defense-in-Depth), standards (NIST 800-53, CIS 20 Controls) and frameworks (MITRE Attack, Cyber Kill Chain, STIX)

    • Working knowledge of reverse engineering, vulnerability discovery/analysis, and/or exploit development

    • Working knowledge of OSI model

    • Working knowledge of network components such as switches, routers, firewalls in both Windows/Linux environments

    • Basic knowledge of cyber forensic procedures to collect, handle, examine, and analyze evidentiary artifacts while preserving integrity and maintaining a strict chain of custody

    • Basic knowledge of digital forensic analysis


Grade :All Job Level - All Job FunctionsAll Job Level - All Job Functions - US


Time Type :Full time


Citi is an equal opportunity and affirmative action employer.
Minority/Female/Veteran/Individuals with Disabilities/Sexual Orientation/Gender Identity.

Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity CLICK HERE.

To view the "EEO is the Law" poster CLICK HERE. To view the EEO is the Law Supplement CLICK HERE.
To view the EEO Policy Statement CLICK HERE.
To view the Pay Transparency Posting CLICK HERE.