Citi Group Penetration Tester 

Hungary 

304284140

What you will do:

• Active collaboration with defensive (Blue) teams, participating and leading purple team exercises.
• Perform adversary emulation exercises and mimic APT actors.
• Identifying weaknesses and vulnerabilities within the system and proposing countermeasures.
• Support the internal Red Team Infrastructure development, and maintenance of the Red Network
• Testing of the overall security of critical infrastructure components and applications, provide recommendations for corrective actions.
• Reporting information security vulnerabilities to businesses and vendors.
• Providing penetration testing services to Citi businesses globally through a comprehensive testing process.
• Work with industry leading technologies and products.

Your profile:

• Have at least 2-4 years working relevant experience and at least a Bachelor's Degree.
• A basic understanding of web application and infrastructure security is a must.

The candidate is expected to alreadybe familiar withthe majority of the below tools:

• Identifying, researching, validating, and exploiting various known and unknown security vulnerabilities on server and client side.
• Exploitation frameworks, e.g. Metasploit, Cobalt Strike, Sliver, Core Impact, etc.
• Social Engineering campaigns, e.g. email phishing, phone calls, SET.
• Vulnerability Assessment tools, e.g. Nessus, Qualys, etc.
• Penetration testing (application and/or infrastructure).
• Deep understanding of OSI model.
• Security devices, e.g. Firewalls, VPN, AAA systems.
• OS Security, e.g. Unix, Linux, Windows, Cisco, etc.
• Understanding of common protocols, e.g. LDAP, SMTP, DNS, Routing Protocols.
• Web application infrastructure, e.g. Application Servers, Web Servers, Databases.

The following requirements
are a plusas we are willing to invest in training and development in the security and vulnerability space:

• Knowledge of tools and processes used to expose common vulnerabilities and implement countermeasures.
• Experience using open source and vendor vulnerability assessment tools.
• Understanding enterprise networks.
• Being familiar with reverse engineering techniques.

In this role you will get a chance to work in a unique environment with diverse technology implementations. Personal development is important, all of our analysts acquire and maintain industry-accredited security certifications (the candidate must have or be willing to obtain the following ones) – GIAC, GDAT, GXPN, GWAPT, GPEN, GCIH, OSCP, OSCE, CREST, GMOB and CEH.

By joining Citi Hungary, you will not only be part of a business casual workplace with a hybrid working model (up to 2 days working at home per week), but also receive a competitive compensation package and enjoy a whole host of additional benefits that support you (and your family) to be well, live well and save well:

• Cafeteria Program
• Home Office Allowance (for colleagues working in hybrid work models)
• Paid Parental Leave Program (maternity and paternity leave)
• Private Medical Care Program and onsite medical rooms at our offices
• Pension Plan Contribution to voluntary pension fund
• Group Life Insurance
• Employee Assistance Program
• Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
• Flexible work arrangements to support you in managing work - life balance
• Career progression opportunities across geographies and business lines
• Socially active employee communities with diverse networking opportunities

Time Type:

View the " " poster. View the .

View the .

View the