Application Penetration Tester (Assistant Vice President)

Whether you’re at the start of your career or looking to discover your next adventure, your story begins here. At Citi, you’ll have the opportunity to expand your skills and make a difference at one of the world’s most global banks. We’re fully committed to supporting your growth and development from the start with extensive on-the-job training and exposure to senior leaders, as well as more traditional learning. You’ll also have the chance to give in and make a positive impact where we live and work through volunteerism.

Citibank serves as a trusted advisor to our retail, mortgage, small business and wealth management clients at every step of their financial journey. Through Citi's Access Account, Basic Banking, Citi Priority, Citigold and Citigold Private Client, we offer an array of products, services and digital capabilities to clients across the full spectrum of consumer banking needs worldwide.

We’re currently looking for a high caliber professional to join our team as AVP Application Penetration Tester based in Singapore. Being part of our team means that we’ll provide you with the resources to meet your unique needs, empower you to make healthy decisions, and manage your financial well‑being to help plan for your future. For instance:

If your background is penetration testing with expertise in application security such as hands‑on ethical hacking using security tools (Burp Suite, AppScan and etc.), knowledge of OWASP Top 10, CWE/SANS Top 25, Threat Modeling, understanding application architecture, design and functionalities, then our application penetration testing team is the right place for you!

• Act as a subject matter expert in offensive information security performing grey and black box application reviews, programming, networking, operating systems, and databases.
• Drive remediation by outlining a defense‑in‑depth approach to business stakeholders and providing strategic solutions to developers on effective security controls and counter‑measures.
• Have strong technical writing and presentation skills to report and articulate the vulnerability assessment results to any audience.
• Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement and automation.
• Must have or be willing to obtain Industry‑accredited security certifications such as: GIAC GWAPT, GPEN, OSCP, CISSP.

An ideal candidate will have a strong foundation in information security and experience in application vulnerability assessment. However, irrespective of your current role, if you have a Bachelor’s Degree with a minimum of 2 years of experience and meet most of the above listed requirements, then don’t miss this opportunity to join our growing team of expert ethical hackers. Apply today!

#LI-Hybrid

Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law.

If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity, view Citi’s Accessibility at Citi. View Citi's EEO Policy Statement and the Know Your Rights poster.