In this role you will get a chance to work in a unique environment with diverse technology implementations. Personal development is important, all of our analysts acquire and maintain industry-accredited security certifications (the candidate must have or be willing to obtain the following ones) – GIAC, GDAT, GXPN, GWAPT, GPEN, GCIH, OSCP, OSCE, CREST, GMOB and CEH.
What you will do:
- Providing vulnerability assessment and penetration testing services to Citi businesses globally through a comprehensive testing process.
- Identifying weaknesses and vulnerabilities within the system and proposing countermeasures.
- Testing of the overall security of critical infrastructure components and applications to ensure they comply with internal policies, security architecture best practices, and industry standards.
- Reporting information security vulnerabilities to businesses and vendors.
- Subject matter expert in offensive information security including databases, networking, operating systems, applications, and programming.
- Active collaboration with defensive (Blue) teams, participating and leading purple team exercises.
Your profile:
- Have at least 4-6 years working experience in a relevant role. Confident in penetration testing / ethical hacking.
- A basic understanding of web application and infrastructure security is a must .
- Bachelor’s degree/University degree or equivalent experience.
- Penetration testing (application and/or infrastructure).
- Being familiar with reverse engineering and exploit development techniques.
- Identifying, researching, validating, and exploiting various different known and unknown security vulnerabilities on server and client side.
- Exploitation frameworks, e.g. Cobalt strike, PoshC2, Metasploit, Core Impact, etc.
- Social Engineering campaigns, e.g. phishing, vishing, SET
- Deep understanding of OSI model.
- Security devices, e.g. Firewalls, VPN, AAA systems.
- OS Security, e.g. Unix, Windows, mainframes.
- Understanding of common protocols, e.g. LDAP, SMTP, DNS, Routing Protocols.
- Web application infrastructure, e.g. Application Servers, Web Servers, Databases.
- Knowledge and experience with MITRE ATT&CK framework.
By joining Citi Hungary, you will not only be part of a business casual workplace with a hybrid working model (up to 2 days working at home per week), but also receive a competitive compensation package and enjoy a whole host of additional benefits that support you (and your family) to be well, live well and save well:
- Cafeteria Program
- Home Office Allowance (for colleagues working in hybrid work models)
- Paid Parental Leave Program (maternity and paternity leave)
- Private Medical Care Program and onsite medical rooms at our offices
- Pension Plan Contribution to voluntary pension fund
- Group Life Insurance
- Employee Assistance Program
- Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
- Flexible work arrangements to support you in managing work - life balance
- Career progression opportunities across geographies and business lines
- Socially active employee communities with diverse networking opportunities
Information Security
Time Type:
Full timeView the " " poster. View the .
View the .
View the