Experience Inc. Jobs

Citi's Vulnerability Assessments (VA) is responsible for providing Vulnerability Assessment services to all Citi businesses and technology teams globally. The duties of a VA analyst will include manual and automated testing through a defined testing process. The analyst will be identifying weaknesses and vulnerabilities within the Citi infrastructure and applications. Recommend countermeasures to business contacts and developers to resolve identified issues during ethical hacking. Commercial and open source vulnerability assessment tools/utilities are leveraged during these assessments.

In this role you will get a chance to work in a unique environment with diverse technology implementations. Personal development is important, all of our analysts acquire and maintain industry-accredited security certifications (the candidate must have or be willing to obtain the following ones) – GIAC, GDAT, GXPN, GWAPT, GPEN, GCIH, OSCP, OSCE, CREST, GMOB and CEH.

What you will do:

• Providing vulnerability assessment and penetration testing services to Citi businesses globally through a comprehensive testing process.

• Identifying weaknesses and vulnerabilities within the system and proposing countermeasures.

• Testing of the overall security of critical infrastructure components and applications to ensure they comply with internal policies, security architecture best practices, and industry standards.

• Reporting information security vulnerabilities to businesses and vendors.

• Subject matter expert in offensive information security including databases, networking, operating systems, applications, and programming.

• Active collaboration with defensive (Blue) teams, participating and leading purple team exercises.

Your profile:

• Have at least 4-6 years working experience in a relevant role. Confident in penetration testing / ethical hacking.

• A basic understanding of web application and infrastructure security is a must .

• Bachelor’s degree/University degree or equivalent experience.

The candidate is expected to already be familiar with the majority of the below tools:

• Penetration testing (application and/or infrastructure).

• Being familiar with reverse engineering and exploit development techniques.

• Identifying, researching, validating, and exploiting various different known and unknown security vulnerabilities on server and client side.

• Exploitation frameworks, e.g. Cobalt strike, PoshC2, Metasploit, Core Impact, etc.

• Social Engineering campaigns, e.g. phishing, vishing, SET

• Deep understanding of OSI model.

• Security devices, e.g. Firewalls, VPN, AAA systems.

• OS Security, e.g. Unix, Windows, mainframes.

• Understanding of common protocols, e.g. LDAP, SMTP, DNS, Routing Protocols.

• Web application infrastructure, e.g. Application Servers, Web Servers, Databases.

• Knowledge and experience with MITRE ATT&CK framework.

The following requirements are a plus as we are willing to invest in training and development in the security and vulnerability space:

• Purple teaming and Enterprise security standard testing.

• Conducting application vulnerabilities assessments and articulating security issues to technical and non-technical audience.

• Knowledge of tools and processes used to expose common vulnerabilities and implement countermeasures.

• Experience using open source and vendor vulnerability assessment tools.

• Background in a similar role.

• Understanding enterprise networks.

• Being familiar with reverse engineering techniques.

What we can offer you:

By joining Citi Hungary, you will not only be part of a business casual workplace with a hybrid working model (up to 2 days working at home per week), but also receive a competitive compensation package and enjoy a whole host of additional benefits that support you (and your family) to be well, live well and save well:

• Cafeteria Program

• Home Office Allowance (for colleagues working in hybrid work models)

• Paid Parental Leave Program (maternity and paternity leave)

• Private Medical Care Program and onsite medical rooms at our offices

• Pension Plan Contribution to voluntary pension fund

• Group Life Insurance

• Employee Assistance Program

• Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed

• Flexible work arrangements to support you in managing work - life balance

• Career progression opportunities across geographies and business lines

• Socially active employee communities with diverse networking opportunities

Alongside these benefits Citi is committed to ensuring our workplace is where everyone feels comfortable coming to work as their whole self every day. We want the best talent around the world to be energized to join us, motivated to stay, and empowered to thrive.

Sounds like Citi has everything you need? Then apply to discover the true extent of your capabilities.

Job Family Group:

Technology

Job Family:

Information Security

Time Type:

Full time

Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi (https://www.citigroup.com/citi/accessibility/application-accessibility.htm) .

View the "EEO is the Law (https://www.dol.gov/sites/dolgov/files/ofccp/regs/compliance/posters/pdf/eeopost.pdf) " poster. View the EEO is the Law Supplement (https://www.dol.gov/sites/dolgov/files/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf) .

View the EEO Policy Statement (http://citi.com/citi/diversity/assets/pdf/eeo_aa_policy.pdf) .

View the Pay Transparency Posting (https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf)

Citi is an equal opportunity and affirmative action employer.

Minority/Female/Veteran/Individuals with Disabilities/Sexual Orientation/Gender Identity.