Expoint - all jobs in one place

Finding the best job has never been easier

Limitless High-tech career opportunities - Expoint

Citi Group Vulnerability Assessments Analyst - Red Team AVP C12 
United States, Florida, Tampa 
775214411

03.12.2024

Share

Log in to apply

experience in the following:Responsibilities:

  • Support Citi’s Red, Blue, and Purple Teams during the execution of offensive security assessment operations
  • Participate in advanced exploitation operations against a large global enterprise, including Red and Purple Team operations
  • Identify opportunities to automate and standardize information security controls and for the supported groups
  • Resolve any vulnerabilities or issues detected in an application or infrastructure
  • Analyze source code to mitigate identified weaknesses and vulnerabilities within the system
  • Review and validate automated testing results and prioritize actions that resolve issues based on overall risk
  • Scan and analyze applications with automated tools, and perform manual testing if necessary
  • Reduce risk by analyzing the root cause of issues, their impact, and required corrective actions
  • Assist the development and delivery of secure solutions by coordinating with business and technical contacts
  • Assist in assessing risk when making business decisions
  • Demonstrate particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency


Qualifications:

+ years’ experience or equivalent knowledge and exposure arewith most of the following:

  • Assisting in attack surface management
  • Leveraging the MITRE ATT&CK Framework
  • Helping to conduct Adversary Emulations or Assumed Breach Exercises
  • Familiarity with industry Adversary Emulation Frameworks like PTES, CBEST, iCAST, GFMA
  • Knowledge of tools and processes used to expose known and undocumented vulnerabilities in various different systems
  • Assisting with Purple Team Testing
  • Participation in Cyber Tiger Team operations
  • Helping with Vulnerability Assessments and Penetration Testing (application and/or infrastructure) and articulating security issues to technical and non-technical audience
  • Identifying, researching, validating, and exploiting various different, known, and unknown security vulnerabilities on the server and client side
  • Red Team testing tools: Cobalt Strike, Red Team Toolkit, etc.
  • Vulnerability Assessment tools: Nessus, Qualys, etc.
  • Exploitation frameworks: Metasploit, CANVAS, Core Impact
  • Social Engineering campaigns: email phishing, phone calls, SET
  • An understanding of OSI model
  • Security devices: Firewalls, VPN, AAA systems
  • OS Security: Unix/Linux, Windows, OSX
  • Understanding of common protocols: HTTP, LDAP, SMTP, DNS
  • Web application infrastructure: Application Servers, Web Servers, Databases
  • Web development and programming languages: Python, Perl, Ruby, Java, .Net
  • Reporting information security vulnerabilities to the business


Education:

  • Bachelor’s degree/University degree or equivalent experience
  • Industry-accredited security certifications highly preferred but not required (e.g. PNPT, OSCP, OSCE, GXPN, GPEN, GCIH, GWAPT, GCFA, or CISSP)


This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.

Full timeFort Lauderdale Florida United States$90,080.00 - $135,120.00


Anticipated Posting Close Date:

Dec 27, 2024

View the " " poster. View the .

View the .

View the

These jobs might be a good fit

Professional CV Builder tool from Expoint.

Get to the top of the "yes list" with a standout CV!

CREATE CV