Citi · 6 hours ago
Senior Application Security Analyst - Vice President
Irving, TX
Full-time
Onsite
Mid, Senior Level
$126K/yr - $189K/yr
6+ years expCiti, the leading global bank, is seeking a Senior Application Security Analyst to join their Cyber Security team. This role involves conducting deep-dive penetration testing assessments on various Citi applications and providing strategic solutions to enhance security measures. The ideal candidate will act as a subject matter expert in offensive information security and contribute to improving internal processes.
BankingFinanceFinancial Services
Responsibilities
Act as a subject matter expert in offensive information security, application pentesting, networking, operating systems, and databases
Research and identify potential security issues within Citi Applications
Demonstrate the impact of any identified vulnerability through the development of proof-of-concept code
Drive remediation by outlining a defense-in-depth approach to business stakeholders and providing strategic solutions to developers on effective security controls and counter measures
Have strong technical writing and presentation skills to report and articulate the vulnerability assessment results to any audience
Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement and automation
Qualification
Required
6-10 years of experience in an engineering role
Minimum of 3-5 years of experience in a penetration testing or application development role
Strong understanding of a variety of application architectures (Microservices, REST APIs, SOA, MVC), software development methodologies (Agile, DevOps, Waterfall), programming/scripting languages (Java, .NET/C#, C/C++, Python, Ruby), development frameworks (Spring, Struts, AngularJS, NodeJS), and application infrastructure (web/app servers, middleware components, databases, public/private/hybrid cloud deployment, cloud service models - SaaS/PaaS/IaaS)
Hands on knowledge and experience in a subset of the following tools: BurpSuite Proxy, AppScan, WebInspect, CheckMarx, BlackDuck, Snyk, Nessus, NMAP
Must have or be willing to obtain Industry-accredited security certifications such as: GIAC GWEB, GWAPT, GMOB, GPEN, GXPN, OSCP, OSWE, CISSP
Deep knowledge of common application security related industry standards such as OWASP Top 10, CWE/SANS Top 25
Demonstrated experience in vulnerability discovery, analysis, and exploitation
Understand CVEs and should be able to reproduce proof-of-concept easily
Comfortable with manual application penetration testing and threat modeling
Prior experience with application development and performing manual code review is a plus
Master's Degree in Computer Science, Cyber Security or related field
Bachelor's Degree in Computer Science, Cyber Security or related field
Benefits
Medical, dental & vision coverage
401(k)
Life, accident, and disability insurance
Wellness programs
Paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays
Company
Citi
Citi's mission is to serve as a trusted partner to our clients by responsibly providing financial services that enable growth and economic progress.
10001+ employees
H1B Sponsorship
Citi has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (1386)
2024 (849)
2023 (1375)
2022 (1117)
2021 (876)
2020 (901)
Funding
Current Stage
Late StageLeadership Team
James Monahan
Managing Director / Global Head of Asset Servicing
Naveed Sultan
Managing Director, Chairman, Institutional Clients Group
Recent News
2026-01-20
2026-01-15
Company data provided by crunchbase