Senior Lead AI Security Specialist

About Citi

Citi, the leading global bank, has approximately 200 million customer accounts and operates in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments, and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management.

As a bank with a brain and a soul, Citi creates economic value that is systemically responsible and in our clients’ best interests. Our Technology & Business Enablement teams are charged with a mission that rivals any large tech company. Our technology solutions underpin everything we do. We keep the bank safe and provide the technical tools our workers need to succeed. We design our digital architecture and ensure our platforms provide a first-class customer experience.

Our commitment to diversity includes a workforce that represents the clients we serve from all walks of life, backgrounds, and origins. We foster an environment where the best people want to work. We value and demand respect for others, promote individuals based on merit, and ensure opportunities for personal development are widely available to all. Ideal candidates are innovators with well-rounded backgrounds who bring their authentic selves to work and complement our culture of delivering results with pride. If you are a problem solver who seeks passion in your work, come join us. We’ll enable growth and progress together.

At Citi, trust is paramount, and safeguarding our customer data is a core commitment. The Chief Information Security Office (CISO) is comprised of dedicated professionals focused on ensuring the safety of Citi's and its clients' assets and information. We manage information security as an end-to-end program, grounded in modern control and security frameworks, fully aligned with firm technology, and driven by threat intelligence and data. Our global security program is deeply integrated across all Citi businesses.

The Advanced Penetration Testing and Research team, a vital component of Citi's Cyber Security Operations, provides critical security testing services that enable rapid and secure delivery of solutions to our customers.

The Senior Lead AI Security Specialist is a pivotal cross-functional role responsible for leading in-depth analysis and research into new vulnerabilities and exploits, and for identifying systemic issues within mission-critical Citi applications. Leveraging advanced AI development skills, this role will design, develop, and implement cutting-edge AI-powered tools and solutions to significantly enhance vulnerability assessment and penetration testing capabilities.

We are seeking an innovative, analytical thinker, a collaborative team player, and an effective communicator capable of bridging intricate business, technology, and security requirements. The ideal candidate possesses a deep understanding of modern software development frameworks, AI technologies, complex enterprise architectures, and proactively stays abreast of the evolving cyber security threat landscape.

• Perform in-depth analysis and research of new vulnerabilities and exploits. Demonstrate the impact through the development of proof-of-concept code.
• Act as a subject matter expert in offensive information security, application pentesting, networking, operating systems, and databases.
• Research and identify potential security issues within Citi Applications.
• Drive remediation by outlining a defense-in-depth approach to business stakeholders and providing strategic solutions to developers on effective security controls and countermeasures.
• Contribute to the architecture, design, and development of advanced AI tooling to assist with vulnerability detection and code analysis.
• Collaborate with cross-functional teams to integrate AI capabilities into existing security tools and processes.
• Design and implement user-friendly interfaces and workflows for AI-powered security tools.
• Conduct thorough testing and evaluation of AI models and tools to ensure accuracy, reliability, and effectiveness.
• Communicate results clearly (written and verbal) to stakeholders.
• Review internal tools and testing processes within the Application Security space and identify opportunities for improvement and automation.
• Mentor and guide junior security analysts and teams.

• 10 years of professional experience in Information Security or Cybersecurity, specifically in vulnerability discovery, analysis, exploitation, manual application penetration testing, and threat modeling.
• Multiple years of experience in an Artificial Intelligence (AI) Development role focusing on developing AI-powered security applications, with hands-on experience in AI technologies such as Large Language Models (LLMs), Agentic AI Architecture, Retrieval Augmented Generation (RAG) integrations, and frameworks like LangChain, PyTorch, or TensorFlow.
• Demonstrated experience in vulnerability discovery, analysis, and exploitation; comfortable with manual application penetration testing and threat modeling.
• Passion for security research, evidenced by published work, community participation, or security community contributions.
• Understand CVEs and reproduce proof-of-concept exploits easily.
• Experience developing AI-powered security tools and applications, preferably in the security domain.
• Hands-on experience with security tools such as BurpSuite, AppScan, WebInspect, SoapUI, Qualys, Checkmarx, BlackDuck, Snyk, Nessus, NMAP.
• Deep knowledge of common application security standards such as OWASP Top 10, CWE / SANS Top 25.
• Excellent problem-solving skills and the ability to work in a fast-paced environment.
• Effective communication skills to articulate complex security issues to technical and non-technical stakeholders.
• Industry security certifications or willingness to obtain them (e.g., GIAC GWEB, GWAPT, GMOB, GPEN, GXPN, OSCP, OSWE, CISSP, AI/ML certifications).
• Experience with AI-related technologies (LLMs, Agentic AI, RAG integrations, LangChain, PyTorch, TensorFlow, Haystack, etc.).
• Contributions to open-source AI or security projects are a plus.
• Strong understanding of applications architectures (Microservices, REST APIs, SOA, MVC), development methodologies (Agile, DevOps, Waterfall), languages (Java, .NET/C#, C/C++, Python, Ruby), frameworks (Spring, Struts, AngularJS, NodeJS), and infrastructure (web/app servers, databases, cloud deployment, SaaS/PaaS/IaaS).
• Education: Bachelor’s degree in Computer Science, Cyber Security, Artificial Intelligence, or related fields; Master’s degree preferred.

Bachelor’s degree in Computer Science, Cyber Security, Artificial Intelligence, or related fields. Master’s Degree preferred.

About Citi may be found at | Twitter : | YouTube : | Blog : | Facebook : | LinkedIn : .

Job Family Group: Technology

Job Family: Information Security

Time Type: Full time

Primary Location: Fort Lauderdale, Florida, United States

Primary Location Full Time Salary Range: $145,000 - $218,000

In addition to salary, Citi’s offerings may include discretionary and formulaic incentive and retention awards. Citi offers competitive employee benefits, including medical, dental & vision coverage; 401(k); life, accident, and disability insurance; and wellness programs. Citi also offers paid time off packages including vacation, sick leave, and holidays. For additional information regarding Citi employee benefits, please visit. Availability may vary by jurisdiction, job level, and date of hire.

Anticipated Posting Close Date: Oct 31, 2025