Cyber Security Fusion – Purple Team Testing Lead C14 - (SVP) - Telecommute

New York, New York| Irving, TexasNew YorkUnited StatesNorth AmericaIrvingTexasUnited StatesNorth AmericaApril 1, 2023

The Chief Information Security Office (CISO) is home to deeply talented colleagues that work to ensure the safety of Citi's clients' and our proprietary data. We manage information security as one end-to end program – one with a clear mandate and accountability. Our mission is a program that is fully anchored to modern control and architectural frameworks, is fully aligned with the enterprise architecture of the Firm and is deeply integrated into the sectors and functions.

Citi maintains two Cyber Security Fusion Centers (CSFCs) across the United States and Asia to act as its information and crisis response hub in its mission to strengthen Citi's resilience to cyber-attacks.

Organizational Mission:

As the leading global bank, Citi has a heightened responsibility to keep its customers safe. The Cybersecurity Fusion Center (CSFC) is on the front lines of that effort. The CSFC coordinates Citi’s cybersecurity organizational response to protect Citi and its customers from cyber threats.

Citi is at the forefront of Cyber Fusion in financial services and leverages a data-driven, “technology first” approach to determine, inform, respond to, and govern overall cybersecurity threats to Citi.

Team Mission:

The Governance Function within the Fusion Center is a new function that is underpinned by a comprehensive Governance Framework to measure, monitor and report Cyber Security Operational risk to internal stakeholders, appropriate supervisory groups, and regulators. This organization acts as the liaison for the CSO organization with other internal risk functions and external risk related activity.

This function regularly interfaces with Citi seniors, regulators, and supervisory groups on topics of cybersecurity, Red Team exercises, etc. One of the functions performed by this team is project management and coordination of regulatory and internal driven penetration testing (Red Team testing).

This role is for a Team Lead.  In addition to the below responsibilities, this individual will be responsible for managing a team of Purple Team Testing Coordinator(s) responsible for driving the day-to-day success of the program.  This individual is expected to act as an escalation point to CSFC leadership across all ongoing exercises and help to manage the overall book of work.  More broadly, this individual will play a pivotal role in partnering with the CSFC Governance Lead to further design and implement future state goals and objectives of the Governance Framework.


Exercise execution

  • Coordinate Red Team confidential testing operations that emulate a threat actor (either Citi’s internal Red Team or a Red Team service provider) that attack Citi’s cyber defenses
  • Manage multiple teams’ efforts to assess courses of action to meet exercise testing objectives while considering potential risks to Citi when making recommendations to senior cybersecurity leadership
  • Coordinate testing execution, including generating project updates, summarizing decision points, and leading regular meetings with the project team, Red Team, and support personnel
  • Partner with Red Team to define and develop scope and objectives of the exercise
  • Identify and establish exercise engagement model
  • Partner with Citi’s Red Team validate testing scenarios and capabilities that accomplish leadership’s strategic testing goals
  • Coordinate technical validation and leadership review of Red Team reports detailing testing results and potential areas of improvement
  • Partner with problem management and project management teams to ensure Red Team observations are researched and remediated
  • Incorporate and review regulator testing framework updates in Citi’s Red Team procedures and standards
  • Maintain strategic testing roadmap, incorporating senior leadership’s testing goals to further strengthen Citi’s cybersecurity defenses
  • Develop and maintain relationships with Red Team service providers, including onboarding and Citi supplier maintenance tasks
  • Ensure Red Team testing complies with Citi’s internal policies and regulatory requirements


  • Project management experience
  • Demonstrable interest in Red Team activity management
  • Working knowledge of regulatory testing frameworks (CREST, C-RAF)
  • Cybersecurity industry experience


  • 10+ years of relevant experience
  • Certifications or willingness to earn within 12 months of joining
  • Working knowledge in one or more of the following areas: Advanced Persistent Threat, Third Party Risks/Threats, Cybercrime, Extremist Groups and Cyber Terrorists, Hacktivism, Distributed Denial of Service attacks, Fraud, Malware, Mobile Threats
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills
  • Proven analytical skills


  • Bachelor’s degree/University degree or equivalent experience
  • Master’s degree preferred


Job Family Group:



Job Family:

Information Security


Time Type:

Full time


Primary Location:

New York New York United States


Primary Location Salary Range:

$170,880.00 - $256,320.00


Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View the "EEO is the Law" poster. View the EEO is the Law Supplement.

View the EEO Policy Statement.

View the Pay Transparency Posting

Cyber Security Jobs by Category

Cyber Security Jobs by Location

Cyber Security Salaries