Citi · 12 hours ago
Senior Application Security Analyst - Vice President
Irving Texas United States
Full-time
Hybrid
Mid, Senior Level
$126K/yr - $189K/yr
6+ years expCiti, the leading global bank, is seeking a Senior Application Security Analyst to join their team. The role focuses on conducting penetration testing assessments, identifying security vulnerabilities, and providing strategic solutions to enhance application security across various platforms.
BankingFinanceFinancial Services
Responsibilities
Act as a subject matter expert in offensive information security, application pentesting, networking, operating systems, and databases
Research and identify potential security issues within Citi Applications
Demonstrate the impact of any identified vulnerability through the development of proof-of-concept code
Drive remediation by outlining a defense-in-depth approach to business stakeholders and providing strategic solutions to developers on effective security controls and counter measures
Have strong technical writing and presentation skills to report and articulate the vulnerability assessment results to any audience
Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement and automation
Qualification
Required
6-10 years of experience in an engineering role
Minimum of 3-5 years of experience in a penetration testing or application development role
Strong understanding of a variety of application architectures (Microservices, REST APIs, SOA, MVC), software development methodologies (Agile, DevOps, Waterfall), programming/scripting languages (Java, .NET/C#, C/C++, Python, Ruby), development frameworks (Spring, Struts, AngularJS, NodeJS), and application infrastructure (web/app servers, middleware components, databases, public/private/hybrid cloud deployment, cloud service models - SaaS/PaaS/IaaS)
Hands on knowledge and experience in a subset of the following tools: BurpSuite Proxy, AppScan, WebInspect, CheckMarx, BlackDuck, Snyk, Nessus, NMAP
Must have or be willing to obtain Industry-accredited security certifications such as: GIAC GWEB, GWAPT, GMOB, GPEN, GXPN, OSCP, OSWE, CISSP
Deep knowledge of common application security related industry standards such as OWASP Top 10, CWE/SANS Top 25
Demonstrated experience in vulnerability discovery, analysis, and exploitation
Understand CVEs and should be able to reproduce proof-of-concept easily
Comfortable with manual application penetration testing and threat modeling
Prior experience with application development and performing manual code review is a plus
Master's Degree in Computer Science, Cyber Security or related field
Bachelor's Degree in Computer Science, Cyber Security or related field
Benefits
Medical, dental & vision coverage
401(k)
Life, accident, and disability insurance
Wellness programs
Paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays
Company
Citi
Citi's mission is to serve as a trusted partner to our clients by responsibly providing financial services that enable growth and economic progress.
10001+ employees
H1B Sponsorship
Citi has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (1386)
2024 (849)
2023 (1375)
2022 (1117)
2021 (876)
2020 (901)
Funding
Current Stage
Late StageLeadership Team
James Monahan
Managing Director / Global Head of Asset Servicing
Naveed Sultan
Managing Director, Chairman, Institutional Clients Group
Recent News
2026-01-20
2026-01-15
Company data provided by crunchbase