Senior Application Penetration Tester
花旗DazhouUpdate time: August 21,2019
Job Description
达州市

Are you interested in growing your career in Cyber Security?

Whether you’re an application developer looking to make the switch into the challenging, yet rewarding, world of information security, or you’re a rock star white-hat hacker, Citi is the place for you. Our team of world class, talented individuals, who are passionate about security, put their skills to the test every day on a global scale. At Citi you’ll be exposed to all sorts of technologies, so hunger for knowledge and research is greatly appreciated and rewarded.

If your background is enterprise software development with expertise in technologies such as: Java/J2EE (Spring, Struts, AngularJS), .NET (ASP.NET, C#, Webflow, MVC, WebAPI), Application Infrastructure (Web/Application Servers, Databases, Middleware Components), and exciting new frontiers like Cloud Computing (Google Cloud Platform, AWS, Azure) running Microservices Architecture based applications on containers, then our application penetration testing team is the right place for you!

If your background is penetration testing with expertise in application security such as: hands-on ethical hacking using security tools (Burp Suite, AppScan), knowledge of OWASP Top 10, CWE/SANS Top 25, Threat Modeling, understanding application architecture, design and functionalities with an interest in performing code reviews, then our application penetration testing team is the right place for you!

This team specializes in conducting deep-dive vulnerability assessments on a variety of Citi applications (Web, Mobile, Thick Client, and APIs) by manually identifying, researching, validating, and exploiting various known and unknown application security vulnerabilities. Core responsibilities include:

  • Act as a subject matter expert in offensive information security performing white-box application reviews, programming, networking, operating systems, and databases.
  • Drive remediation by outlining a defense-in-depth approach to business stakeholders and providing strategic solutions to developers on effective security controls and counter measures.
  • Have strong technical writing and presentation skills to report and articulate the vulnerability assessment results to any audience.
  • Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement and automation.
  • Must have or be willing to obtain Industry-accredited security certifications such as: GIAC GWAPT, GPEN, OSCP, CISSP, GSSP-Java, and/or GSSP-.NET

An ideal candidate will have both a development and security background. However, irrespective of your current role, if you have a Bachelor’s Degree with 6-10 years of experience and meet most of the above listed requirements, then don't miss this opportunity to join our growing team of expert ethical hackers. Apply today!

-

Grade :All Job Level - All Job FunctionsAll Job Level - All Job Functions - US

-

Time Type :Full time

-

Citi is an equal opportunity and affirmative action employer.
Minority/Female/Veteran/Individuals with Disabilities/Sexual Orientation/Gender Identity.

Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity CLICK HERE.

To view the "EEO is the Law" poster CLICK HERE. To view the EEO is the Law Supplement CLICK HERE.
To view the EEO Policy Statement CLICK HERE.
To view the Pay Transparency Posting CLICK HERE.

Get email alerts for the latest"Senior Application Penetration Tester jobs in Dazhou"