Finding the best job has never been easier
Share
Responsibilities:
Design and develop adversary emulation exercises (internal, vendor driven, and regulatory)
Developing and applying documentation, processes, and procedures to a program
Experience leveraging advanced exploits within an environment
Conducting Vulnerability Assessments and Penetration Testing (application and/or infrastructure) and articulating security issues to technical and non-technical audience
Identifying, researching, validating, and exploiting various, known, and unknown security vulnerabilities on the server and client side
Red Team testing tools. e.g., Cobalt Strike, Red Team Toolkit.
Vulnerability Assessment tools. e.g., Nessus, Qualys, etc
Exploitation frameworks, e.g., Metasploit, CANVAS, Core Impact
Social Engineering campaigns. e.g. email phishing, phone calls, SET
Deep understanding of OSI model
Security devices, i.e. Firewalls, VPN, AAA systems
OS Security. e.g. Unix/Linux, Windows, OSX
Understanding of common protocols. e.g. HTTP, LDAP, SMTP, DNS
Web application infrastructure. e.g. Application Servers, Web Servers, Databases
Web development and programming languages. e.g. Python, Perl, Ruby, Java, .Net
Direct the development and delivery of secure solutions by coordinating with business and technical contacts
Appropriately assess risk when business decisions are made, demonstrating consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.
Qualifications:
7+ years of relevant experience
Proven experience with scripting and programming languages preferred
Proven experience working with regulatory red team frameworks (World wide)
Advanced Microsoft Office skills preferred
Demonstrated ability to collaborate with a variety of analytical groups and service delivery organizations
Advanced analytical and problem solving skills
Consistently demonstrates clear and concise written and verbal communication
Certifications if possible PNPT, OSCP, OSCE, GXPN, GPEN, GCIH, GWAPT, GCFA, or CISSP.
Proficient in interpreting and applying policies, standards and procedures
Demonstrated ability to remain unbiased in a diverse working environment
Education:
Bachelor’s degree/University degree or equivalent experience
Master’s degree preferred
Time Type:
View the " " poster. View the .
View the .
View the
These jobs might be a good fit