Are you interested in growing your career in Cyber Security?
Whether you are an application developer looking to make the switch into the challenging, yet rewarding, world of information security, or you are an elite white-hat hacker, Citi is the place for you. Our team of world class, talented individuals, who are passionate about security, put their skills to the test every day on a global scale. At Citi, you will be exposed to all sorts of technologies on enterprise-scale, so hunger for knowledge and research is greatly appreciated and rewarded.
If your background is enterprise software development with expertise in technologies such as: Java/J2EE (Spring, Struts, AngularJS), .NET (ASP.NET, C#, Webflow, MVC, WebAPI), Web Applications, REST/SOAP APIs/Web Services, Mobile Applications, Thick Clients, Application Infrastructure (Web/Application Servers, Databases, Middleware Components), and exciting new frontiers like Microservices Architecture based applications running on containers/cloud (Google Cloud Platform, AWS, Azure), or Blockchain implementations, then our application penetration testing team is the right place for you!
If your background is penetration testing with expertise in application security such as: hands-on ethical hacking using security tools (BurpSuite, AppScan), knowledge of OWASP Top 10, CWE/SANS Top 25, Threat Modeling, understanding application architecture, design and functionalities with an interest in performing security reviews of diverse and challenging applications, then our application penetration testing team is the right place for you!
This team specializes in conducting various types of vulnerability assessments (full end-to-end white-box and/or grey-box testing) on a variety of Citi applications (Web, Mobile, Thick Client, and APIs) by manually identifying, researching, validating, and exploiting various known and unknown application security vulnerabilities. Core responsibilities include: