Logo of Huzzle

Home

Matches

Explore

Manage

Application Penetration Tester - AVP (Hybrid)

image

Citi

2mo ago

  • Job
    Full-time
    Senior Level
  • Software Engineering
    IT & Cybersecurity
  • Pune

AI generated summary

  • You need 5-8 years in application penetration testing, expertise with tools like Burp Suite, knowledge of OWASP Top 10, scripting skills (Python), and strong communication and analytical abilities.
  • You will conduct application security reviews, advise stakeholders on remediation strategies, present findings, and identify process improvements and automation opportunities in security practices.

Requirements

  • 5-8 years of relevant experience
  • Penetration Testing with expertise in application security.
  • Hands-on experience using security tools (Burp Suite, AppScan, WebInspect, Qualys etc.).
  • Knowledge of OWASP Top 10, CWE/SANS Top 25, Threat Modeling, Open Source Reconnaissance.
  • Knowledge of Scripting languages for automation (preferably Python).
  • Knowledge of application architecture, design and functionalities
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills
  • Proven analytical skills
  • Bachelor’s degree/University degree or equivalent experience

Responsibilities

  • Act as a subject matter expert in offensive information security performing grey and black box application reviews, programming, networking, operating systems, and databases.
  • Drive remediation by outlining a defense-in-depth approach to business stakeholders and providing strategic solutions to developers on effective security controls and counter measures.
  • Have strong technical writing and presentation skills to report and articulate the vulnerability assessment results to any audience.
  • Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement and automation.

FAQs

What is the job title for this position?

The job title is Application Penetration Tester - AVP (Hybrid).

What kind of experience is required for this role?

The role requires 5-8 years of relevant experience, specifically in penetration testing with a focus on application security.

What technical skills are necessary for this position?

Necessary technical skills include hands-on experience using security tools (like Burp Suite, AppScan, WebInspect, Qualys), knowledge of OWASP Top 10, Scripting languages for automation (preferably Python), and understanding application architecture and functionalities.

Are there any certifications that are required or preferred for this role?

While not mandatory, candidates must have or be willing to obtain industry-accredited security certifications such as GIAC GWAPT, GPEN, OSCP, or CISSP.

What types of applications will the penetration testing team work on?

The penetration testing team will conduct vulnerability assessments on various Citi applications, including Web, Mobile, Thick Client, and APIs.

What are the core responsibilities of this position?

Core responsibilities include acting as a subject matter expert in offensive security, driving remediation efforts, reporting and articulating vulnerability assessment results, and contributing to process improvement and automation.

What level of education is required for this position?

A Bachelor’s degree or equivalent experience is required for this position.

How important are communication skills for this role?

Strong communication skills, both written and verbal, are essential for reporting and articulating vulnerability assessment results to various audiences.

Is Citi an equal opportunity employer?

Yes, Citi is an equal opportunity and affirmative action employer, and qualified applicants will receive consideration without regard to various protected statuses.

What is the job family group for this position?

The job family group for this position is Technology, with a focus on Information Security.

image

Citi

Finance
Industry
10,001+
Employees
1998
Founded Year

Mission & Purpose

Citigroup Inc. or Citi is an American multinational investment bank and financial services corporation headquartered in New York City. Citi's operation is to provide financial services that enable growth and economic progress. Core activities are safeguarding assets, lending money, making payments and accessing the capital markets.

Benefits

  • Live Well, Stay Healthy

    Citi provides programs and services for your physical and mental well-being including access to telehealth options, health advocates, confidential counseling and more. Coverage varies by country.

  • Paid parental leave

    We believe all parents deserve time to adjust to parenthood and bond with the newest members of their families. That’s why in early 2020 we began rolling out our expanded Paid Parental Leave Policy to include Citi employees around the world.

  • Save well, for now and your future

    We empower our employees to manage their financial well-being and help them plan for the future.

  • Keep learning

    Citi provides access to an array of learning and development resources to help broaden and deepen your skills and knowledge as your career progresses.

  • Be well, take time off

    We have a variety of programs that help employees balance their work and life, including generous paid time off packages.

  • Support Your Community

    We offer our employees resources and tools to volunteer in the communities in which they live and work. In 2019, Citi employee volunteers contributed more than 1 million volunteer hours around the world.