Citi Group Vulnerability Assessment Analyst Hybrid 

United States, Florida, Tampa 

420481171

Overview of the Role

The primary focus of this role is to coordinate vulnerability assessment engagements with our stake holders and liaise with our Internal and external partners. This role requires someone with strong technical, organizational, and management skills to maintain an active presence throughout the lifecycle of a vulnerability assessment engagement.

Responsibilities:

Core responsibilities and Traits include:

• Liaise between clients and the testing team, to coordinate engagements and ensure the collection of testing artifacts.

• Act as an application security subject matter expert to assist both businesses and ethical hack partners during vulnerability discussions.

• Demonstrate Technical, analytical thought process—the ability to identify cause and effect relationships as it applies to application security and Citi standards.

• Understanding of API security and practical experience with relevant API tools

• Knowledge ofOWASP top 10 and SANs top 25

• Conduct 3rd party vendor report reviews against Citi’s procedures and reporting guidelines to assess their application security posture.

• Effective time management skills in order manage multiple concurrent deadlines.

• Have strong technical writing and presentation skills to articulate the vulnerability assessment process to senior stakeholders.

• Review internal processes and activities to identify potential opportunities for improvement and automation.

• Create various oversight activity reports to maintain high operational standards and establish further efficiencies

Qualifications:

• Bachelor's Degree and/or relevant years of experience

• 5 + years of experience in Cyber Security and/or relevant Technology role.

• Hands-on application security testing

• problem-solve in a fast-paced environment, understand client requests, provide guidance to Citi businesses to ensure that the vulnerability assessment is conducted swiftly, and participate in technical discussions with stakeholders.

Relevant Certifications is a plus not a requirement :GPEN, GWAPT, GMOB, GWEB

Anticipated Posting Close Date:

View the " " poster. View the .

View the .

View the