CrawlJobs Logo

Cloud Security Threat Modeler Senior Analyst

https://www.citi.com/ Logo

Citi

Location Icon

Location:
United Kingdom, London

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

Citi is looking for a security focused person with a good understanding of cybersecurity principles to work in the Cloud Threat Modeling team. Using threat modeling you will identify threats and specify mitigating controls which will directly reduce the risk of Citi operating in the public cloud.

Job Responsibility:

  • Perform Threat Modeling using a documented process
  • Development of automation tools as required
  • Maintain a high standard of work in identifying threats and specifying mitigating controls
  • Attending to the lifecycle of identified threats and controls
  • Delivery of threat models and supporting tasks within existing timeframes
  • Provide feedback, support, and improvements to the existing threat modeling process
  • Present work to seniors, the team, and other technical teams

Requirements:

  • Extensive experience in a Cybersecurity role
  • Proven experience with Jira or other similar ticketing systems
  • Strong understanding of security best practices related to Authentication, Authorization, Logging/Monitoring, Encryption, Infrastructure Security, and Network Segmentation
  • Experience with scripting languages (e.g., Python, Bash, PowerShell) or Infrastructure as Code tools (e.g., Terraform, CloudFormation)
  • Familiarity with threat modeling methodologies like STRIDE, PASTA, Attack Trees, and the MITRE ATT&CK framework, as well as threat modeling tools (e.g., IriusRisk, ThreatModeler, Microsoft Threat Modeling Tool)
  • Ability to identify vulnerabilities using CWE or OWASP frameworks
  • Working knowledge of Operating Systems (e.g., Windows, Linux) and their hardening best practices
  • Familiarity with Development Concepts such as CI/CD pipelines, and SDLC
  • Working knowledge of Cloud Platforms (e.g., AWS, Azure, GCP)
  • Ability to design and review technical architectures
  • Strong analytical skills, diligence, and attention to detail
  • Excellent skills in creating and maintaining high-quality documentation
  • Demonstrated ability to work effectively with diverse individuals and teams
  • Excellent written and verbal communication skills
  • A passion for continuous learning and staying up-to-date with new technologies and methodologies
  • Proven ability to build relationships across multiple cross-functional teams

Nice to have:

  • Proven experience specifically focused on Threat Modeling
  • Experience with Docker, Kubernetes, Serverless Technologies (e.g., AWS Lambda, Azure Functions, Google Cloud Functions), and Helm
  • Familiarity with Cloud Development Kit (CDK) and GitOps principles
  • Experience supporting or performing Penetration Testing activities (e.g., vulnerability scanning, network penetration testing, web application testing, mobile application testing)
  • Experience with Snowflake, MongoDB, Terraform Cloud, GitHub, or Databricks
  • Experience working in a regulated environment (e.g., financial services)
  • Ability to think like an attacker and anticipate potential threats
  • Cloud Certifications (AWS Certified Cloud Practitioner, AWS Certified Solutions Architect – Associate, Google Cloud Certified Professional Cloud Architect, Microsoft Certified: Azure Solutions Architect Expert, Microsoft Certified: Azure Administrator Associate, CompTIA Cloud+)
  • Cybersecurity Certifications (CompTIA Security+, (ISC)² Certified in Cybersecurity, GIAC Security Essentials Certification (GSEC), ISACA CSX Cybersecurity Fundamentals Certificate)
What we offer:
  • 27 days annual leave (plus bank holidays)
  • A discretional annual performance related bonus
  • Private Medical Care & Life Insurance
  • Employee Assistance Program
  • Pension Plan
  • Paid Parental Leave
  • Special discounts for employees, family, and friends
  • Access to an array of learning and development resources

Additional Information:

Job Posted:
September 24, 2025

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
View All Jobs In This Company
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon
Welcome to CrawlJobs.com
Your Global Job Discovery Platform
At CrawlJobs.com, we simplify finding your next career opportunity by bringing job listings directly to you from all corners of the web. Using cutting-edge AI and web-crawling technologies, we gather and curate job offers from various sources across the globe, ensuring you have access to the most up-to-date job listings in one place.
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Australia Jobs China Jobs Canada Jobs Mexico Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
© 2025 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy