Citi · 9 hours ago
Senior Application Security Analyst, VP
Irving, TX
Full-time
Onsite
Mid, Senior Level
$126K/yr - $189K/yr
6+ years expCiti is a leading global bank providing a broad range of financial products and services. The Senior Application Security Analyst (VP) will serve as a subject matter expert within Citi’s Cybersecurity organization, supporting Application Security Programs by performing manual source code reviews and guiding stakeholders on secure coding practices.
BankingFinanceFinancial Services
Responsibilities
Perform static application security testing (SAST) and manual source code reviews (Java-focused) to identify vulnerabilities, malicious code, and hardcoded secrets
Review and validate automated scan results, prioritize remediation based on risk, and provide actionable guidance
Develop custom detection rules for secrets and malicious code
Collaborate with development teams to ensure timely remediation and promote secure coding and secrets management best practices
Design and implement AI/ML-driven utilities to enhance code analysis and automate detection of secrets and vulnerabilities
Prepare formal security assessment reports using standard templates
Research emerging threats, tools, and methodologies to continuously improve detection capabilities
Mentor junior team members and contribute to knowledge sharing within the security organization
Qualification
Required
6+ years of experience in secure software development, or SAST
Strong understanding of application security principles, common vulnerabilities (OWASP Top 10, CWE), and secure coding practices
Hands-on development experience in Java/J2EE (required); experience with other enterprise languages such as C#, .NET, Python, or JavaScript is a plus
Familiarity with DevSecOps practices, CI/CD pipelines, and integrating security tools into the SDLC
Experience with SAST tools (e.g., Fortify, Checkmarx) and manual code review techniques
Knowledge of secrets management best practices and detection tools
Exposure to AI/ML concepts for security automation is a plus
Bachelor's degree or equivalent experience in Computer Science, Information Security, or a related field
Preferred
Secrets Scanning and secrets management best practices
DevSecOps principles and CI/CD integration
AI/ML skills for security automation
Experience with .NET, Python, or other enterprise languages
Familiarity with security tools such as Fortify, Snyk, Burp Suite
Knowledge of DAST (Dynamic Application Security Testing) is a plus
Preferred Certifications: CSSLP, GIAC (GSSP or GWEB), or equivalent secure coding credentials. OWASP or SANS secure coding training is a plus
Benefits
Medical, dental & vision coverage
401(k)
Life, accident, and disability insurance
Wellness programs
Paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays
Company
Citi
Citi's mission is to serve as a trusted partner to our clients by responsibly providing financial services that enable growth and economic progress.
10001+ employees
H1B Sponsorship
Citi has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (1386)
2024 (849)
2023 (1375)
2022 (1117)
2021 (876)
2020 (901)
Funding
Current Stage
Late StageLeadership Team
James Monahan
Managing Director / Global Head of Asset Servicing
Naveed Sultan
Managing Director, Chairman, Institutional Clients Group
Recent News
2026-01-20
2026-01-15
Company data provided by crunchbase