Penetration Tester - AVP (Hybrid)

Posted 12 Hours Ago
Be an Early Applicant
Singapore
Mid level
Fintech
The Role
As a Penetration Tester, you will prepare and execute penetration tests on infrastructure and applications, collaborate with engineering teams to address vulnerabilities, and report security issues to stakeholders, emphasizing a hands-on approach to identify and remediate security weaknesses.
Summary Generated by Built In

About the job

If you are passionate and curious about security and want to use your offensive security skills to help keep our firm’s application and infrastructure safe, we want to speak with you.

 

Who You Are

You are talented in solving problems and identifying security weaknesses, and you have experience collaborating with engineers who remediate the vulnerabilities you identified. You adapt well to changes, and speak up to ask questions to clarify when things don’t look right.

As someone with an offensive security mindset, you work closely with others to listen to ideas and share suggestions to collectively devise the best approach to remediate vulnerabilities,

continuously learn and enhance skillsets, techniques and methods.

You should have a bachelor’s degree with minimally 3 years of relevant experience. Have a good understanding of industry frameworks and methodologies such as OWASP, OSSTMM, PTES, MITRE ATT&CK, threat modeling, etc. Be certified, or intend to be certified, in accredited security certifications such as OSCP, OSWE, GXPN, GCPN, CISSP, etc.

 

What You’ll Do

As an individual contributor on our penetration testing team, you are responsible for:

· Preparing and executing penetration testing assignments on our infrastructure assets and applications

· Working closely with the engineering teams to provide expert guidance and advice on the remediation of identified vulnerabilities

· Verifying newly discovered vulnerabilities in the environment

· Reporting security vulnerabilities to businesses, clearly articulating security issues to technical and non-technical stakeholders

 

This role focuses strongly on your ability to perform manual penetration testing on infrastructure related systems and devices. To be a good fit for this role, you should be able to identify security weaknesses and vulnerabilities in various platforms, and efficiently deliver security assessment assignments.

 

What You’ll Bring

Identify vulnerabilities and zero-day exploits though various means of analysis using:

· Vulnerability assessment tools such as Nessus, Qualys, Kali Linux, AppScan, Burp Suite, etc.

· Familiar with scripting languages such as: Python

· Good knowledge of:

  • TCP/IP, IDS/IPS, firewalls, AAA systems, SSH, PKI
  • OS Security - Unix, Linux, Windows, Android/IOS
  • Common protocols - LDAP, SMTP, DNS, routing etc.
  • Web application infrastructure - application servers, web servers, databases, cloud services, containers technologies etc.

 

How You’ll Succeed

Be conscientious and consistent in identifying security vulnerabilities and working with the respective engineering teams and stakeholders to provide sound guidance and remediations. Be a team player, and a keen learner.

 

#LI-Hyrid

------------------------------------------------------

Job Family Group:

Technology

------------------------------------------------------

Job Family:

Information Security

------------------------------------------------------

Time Type:

Full time

------------------------------------------------------

Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View the "EEO is the Law" poster. View the EEO is the Law Supplement.

View the EEO Policy Statement.

View the Pay Transparency Posting

Top Skills

Python
The Company
HQ: New York, NY
223,850 Employees
Hybrid Workplace

What We Do

Citi's mission is to serve as a trusted partner to our clients by responsibly providing financial services that enable growth and economic progress. Our core activities are safeguarding assets, lending money, making payments and accessing the capital markets on behalf of our clients. We have 200 years of experience helping our clients meet the world's toughest challenges and embrace its greatest opportunities. We are Citi, the global bank – an institution connecting millions of people across hundreds of countries and cities.

Similar Jobs

Motorola Solutions Logo Motorola Solutions

Technical Support Escalations Lead

Artificial Intelligence • Hardware • Information Technology • Security • Software • Cybersecurity • Big Data Analytics
Hybrid
Singapore, SGP
21000 Employees
Hybrid
Singapore, SGP
289097 Employees
Hybrid
Singapore, SGP
289097 Employees
Hybrid
Singapore, SGP
289097 Employees

Similar Companies Hiring

Capco Thumbnail
Professional Services • Generative AI • Fintech • Financial Services • Energy • Cybersecurity • Consulting
London, GB
6000 Employees
Flywire Thumbnail
Software • Payments • Fintech
Boston, MA
1200 Employees
iCapital Thumbnail
Fintech • Financial Services
New York, NY
1500 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account