Skip Navigation
open main navigation menu
city landscape

Jakie Ty zrobisz postępy?

The health and safety of our colleagues and candidates for employment are our highest priority. Accordingly, Citi continues to monitor the COVID-19 situation closely. We have implemented precautionary measures across our firm globally, including conducting all candidate interviews virtually on a temporary basis until further notice where needed.



Dopasuj swoje umiejętności

Pozwól nam szukać pracy dla Ciebie w oparciu o umiejętności i doświadczenie wymienione w swoim profilu LinkedIn.

Rozpocznij dopasowywanie

Szansa na karierę zawodową

Kerberos Unix Authentication Engineer (VP)

Locations: Irving, Texas, Tampa, Florida Job Function: Technology Employee Status: Regular Job ID: 20216145

Job Description:

  • This position is within the CISO IAM Security Engineering team, who are responsible for the design, development, and testing of Citi’s global IAM security solutions for all the firms locations.
  • The job involves understanding and developing authentication solutions for UNIX client systems including Linux(RHEL), Solaris and AIX, using MIT Kerberos server on Linux,  Ping Identity Directory Server  on Linux, and Microsoft Active Directory. 
  • The design and development of the unix infrastructure components, eg Kerberos and Directory Server are also the responsibility of the group.
  • An in depth knowledge of one or more UNIX O/S including Linux is essential.   An understanding of how LDAP and/or Kerberos work and experience of working with one or more directory server products is required since this forms the majority of the work which will be required from the applicant.
  • The job will involve working primarily with our Security Operations team and collaborate  with  engineering groups, including O/S platform engineering, Active Directory engineering, and ID management teams.
  • The applicant will be responsible for producing documentation including standards, implementation and requirements.


  • Bachelor’s Degree/University degree or equivalent experience
  • 6+ years of relative work experience

Technical Skills:

  • Kerberos – Knowledge/experience of a Unix based KDC  (MIT Kerberos) or Active Directory. 
  • LDAP – Knowledge of  LDAP (Directory Servers), this includes detailed understanding of the LDAP schema, Directory Tree, ACIs, replication and different bind methods.  The applicant should be able to create LDIF files to perform changes to add/modify and delete entries and know how to perform LDAP command line queries.   The directory servers that will be used are Oracle and PING but in-depth experience of any LDAP server is more valuable than superficial knowledge of a specific product.   Experienced gained using Active Directory is also acceptable provided the applicant has the required level of Unix skills.
  • Unix – Linux experience, preferably in RHEL 6/7.   Experience with other versions of Unix, especially Solaris or AIX is beneficial as is understanding Pluggable Authentication Modules (PAM) configurations for unix authentication.  Experience with RPM or other Unix packaging is also required.
  • Programming/Scripting – The applicant  will be expected to create software solutions and  automate processes/deployment wherever possible.  Hence,  must have experience of programming or script writing in at least in one language.  This will preferably include Bourne/KSH Shell Scripting and either Perl, Python or Java but other programming languages will also be considered.  Source code control – experience with Bitbucket/Git will be useful.  
  • Documentation:  Must document all deliverables (preferably in Confluence).  The document should cater to self and other third parties, and must cover all aspects of a development/solution cycle i.e requirements, design, testing, implementation/deployment  and troubleshooting

Soft Skills:

  • Self-motivated and capable of working in globally distributed environment with minimal supervision.
  • Attitude for taking accountability and ownership of tasks.
  • Be open to learn and adopt new technologies.
  • High standard of accuracy and detail in a highly controlled environment where critical infrastructures are being designed and built.


Job Family Group:



Job Family:

Systems & Engineering


Time Type:

Full time


Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View the "EEO is the Law" poster. View the EEO is the Law Supplement.

View the EEO Policy Statement.

View the Pay Transparency Posting