The Development Administration Analyst plays a pivotal role in bridging the gap between application development and enterprise technology risk and control frameworks. This position is designed to streamline application management processes, acting as a crucial partner and delegate for Application Managers to reduce their administrative burden. This role requires a unique blend of technical acumen and process expertise to navigate the complexities of application governance in a large, regulated enterprise, including the management of third-party vendor applications.
The analyst will act as a "pseudo Application Manager," possessing excellent communication and stakeholder management skills. The core mission is to proactively manage administrative and compliance tasks, identify process improvement opportunities, and ensure development teams can operate efficiently while adhering to the highest standards of risk management and control.
Key Responsibilities:
The responsibilities of this role are a strategic blend of administrative, compliance, and technical duties, with a strong focus on facilitating complex enterprise processes:
Application Lifecycle & Governance Support:
Act as a delegate for Application Managers to navigate key institutional processes for a portfolio of applications.
Coordinate, prepare, and track requests within internal governance and IT Service Management (ITSM) platforms for critical lifecycle events, including new application onboarding, inter-departmental application transfers, and infrastructure capacity requests.
Manage application metadata and ensure its accuracy within the central Application Portfolio Management (APM) system, reflecting the correct risk posture, data classification, and ownership.
Risk & Control Process Facilitation:
Proactively manage the administrative execution of the firm's risk and control framework, ensuring adherence to performance metrics and timely task completion.
Serve as a liaison between development teams, Application Managers, and control groups (e.g., Information Security, Enterprise Architecture).
Facilitate and track submissions for technology risk and control assessments and requests for using non-standard or restricted technologies.
Ensure all necessary architecture sign-offs (e.g., for cloud environment onboarding) are completed on schedule by coordinating with the relevant stakeholders.
Vendor & Third-Party Management Support:
Act as a primary administrative point of contact between internal technical teams and external software vendors.
Coordinate the third-party risk assessment process for new and existing vendors, working alongside Information Security, Procurement, and Legal teams.
Facilitate technical support sessions with vendors to troubleshoot application issues, and coordinate the deployment of vendor-supplied patches, upgrades and compliance.
Maintain clear and accessible documentation for vendor contracts, support procedures, and key contacts.
Security & Compliance Administration:
Collaborate with Information Security Officers and development teams to document and track compliance with key security requirements.
Support the coordination of Application Vulnerability Assessments (AVA) and penetration testing, and monitor the remediation of identified findings in vulnerability management tools (e.g., Blackduck, Snyk, Checkmarx).
Assist in the management and maintenance of the application's Software Bill of Materials (SBOM) to ensure all third-party components are licensed, secure, and compliant.
Knowledge Management & Process Automation:
Develop and maintain comprehensive knowledge maps identifying key stakeholders, processes, and contacts for specific applications and Lines of Business (LOBs).
Create and refine knowledge bases for repeatable administrative and compliance tasks to drive efficiency and consistency.
Identify and implement automation opportunities for repetitive tasks, such as evidence collection for audits or status report generation.
Reporting and Communication:
Generate and distribute clear and concise status reports to keep Application Managers and other stakeholders informed of progress, potential risks, and upcoming deadlines related to compliance and administrative tasks.
Qualifications:
2+ years of IT experience, with a minimum of 3+ years in a relevant Application Development, Production Support, or DevOps role.
Demonstrable experience navigating large, complex enterprise environments with formal risk and control processes.
Experience supporting the management of vendor-supplied applications, including coordinating with third-party support and internal risk assessment teams, is highly desirable.
Excellent communication skills and a proven ability to liaise with a large number of diverse stakeholders, from technical developers to senior managers.
Strong understanding of the full Software Development Lifecycle (SDLC) process, modern DevOps/DevSecOps principles, and system architecture.
Exceptional ability to plan, organize, and manage a demanding workload, with the capacity to adjust quickly to changing priorities.
Experience in the Capital Markets or a similar regulated financial domain is a significant advantage.
Required Technical Skills:
Jira or equivalent agile tracking tool.
Microsoft Excel (Intermediate to Expert) for data analysis and reporting.
Preferred Technical Skills:
Experience with Project Management tools.
Foundational knowledge of ITIL concepts.
Familiarity with DevSecOps toolchains (e.g., Blackduck, Snyk, Checkmarx).
Experience with IT Service Management platforms (e.g., ServiceNow) and low-code automation tools.
Education:
Bachelor's degree/University degree or equivalent experience.
------------------------------------------------------
Job Family Group:
Technology------------------------------------------------------
Job Family:
Applications Development------------------------------------------------------
Time Type:
Full time------------------------------------------------------
Primary Location Full Time Salary Range:
$79,320.00 - $110,680.00------------------------------------------------------
Most Relevant Skills
Please see the requirements listed above.------------------------------------------------------
Other Relevant Skills
For complementary skills, please see above and/or contact the recruiter.------------------------------------------------------
Automated Processing and AI
We use automated processing, including artificial intelligence, for our legitimate business interests (or our reasonable and appropriate business purposes) to identify and align the candidate's skills and abilities with a specific job opening. Additionally, if you so choose, or consent, we can match your skills and abilities to other suitable roles at Citi.
Importantly, all our hiring processes and decisions, including determining your suitability for a role, are conducted, checked, and decided by individuals. Our automated processing and AI do not involve relying on automatic or autonomous decision-making. Please refer to any Jurisdictional Considerations, with specific provisions for your country (where relevant) for further details.
------------------------------------------------------
This job opening is for an existing job vacancy.
------------------------------------------------------
Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law.
If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.
View Citi’s EEO Policy Statement and the Know Your Rights poster.