Analyst -
7 days ago
The Role:
The Vulnerability Assessments Analyst - Red Team, A VP will participate in the Adversary Emulation program by emulating cyber and criminal threat actors targeting Citi. The candidate will conduct Intelligence-led Red Team Testing and Penetration Testing targeting people, process, and technology. The candidate may also conduct regulatory driven Red Team Testing. To be successful in this role, the ideal candidate will have some experience in the following:
Responsibilities
- Support Citi's Red, Blue, and Purple Teams during the execution of offensive security assessment operations
- Participate in advanced exploitation operations against a large global enterprise, including Red and Purple Team operations
- Identify opportunities to automate and standardize information security controls and for the supported groups
- Resolve any vulnerabilities or issues detected in an application or infrastructure
- Analyze source code to mitigate identified weaknesses and vulnerabilities within the system
- Review and validate automated testing results and prioritize actions that resolve issues based on overall risk
- Scan and analyze applications with automated tools, and perform manual testing if necessary
- Reduce risk by analyzing the root cause of issues, their impact, and required corrective actions
- Assist the development and delivery of secure solutions by coordinating with business and technical contacts
- Assist in assess ing risk when making business decisions
- Demonstrate particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency
2 + years' experience or equivalent knowledge and exposure are required with most of the following:- Assisting in attack surface management
- Leveraging the MITRE ATT&CK Framework
- Helping to conduct Adversary Emulations or Assumed Breach Exercises
- Familiarity with industry Adversary Emulation Frameworks like PTES, CBEST, iCAST , GFMA
- Knowledge of tools and processes used to expose known and undocumented vulnerabilities in various different systems
- Assisting with Purple Team Testing
- Participation in Cyber Tiger Team operations
- Helping with Vulnerability Assessments and Penetration Testing (application and/or infrastructure) and articulating security issues to technical and non-technical audience
- Identifying , researching, validating , and exploiting various different , known, and unknown security vulnerabilities on the server and client side
- Red Team testing tools: Cobalt Strike, Red Team Toolkit, etc.
- Vulnerability Assessment tools: Nessus, Qualys, etc.
- Exploitation frameworks: Metasploit, CANVAS, Core Impact
- Social Engineering campaigns: email phishing, phone calls, SET
- An understanding of OSI model
- Security devices: Firewalls, VPN, AAA systems
- OS Security: Unix/Linux, Windows, OSX
- Understanding of common protocols: HTTP, LDAP, SMTP, DNS
- Web application infrastructure: Application Servers, Web Servers, Databases
- Web development and programming languages: Python, Perl, Ruby, Java, .Net
- Reporting information security vulnerabilities to the business
- Bachelor's degree/University degree or equivalent experience
- Industry-accredited security certifications highly preferred but not required ( e.g. PNPT, OSCP, OSCE, GXPN, GPEN, GCIH, GWAPT, GCFA, or CISSP)
------------------------------------------------------
- Web development and programming languages: Python, Perl, Ruby, Java, .Net
- Web application infrastructure: Application Servers, Web Servers, Databases
- Understanding of common protocols: HTTP, LDAP, SMTP, DNS
- OS Security: Unix/Linux, Windows, OSX
- Security devices: Firewalls, VPN, AAA systems
- An understanding of OSI model
- Social Engineering campaigns: email phishing, phone calls, SET
- Exploitation frameworks: Metasploit, CANVAS, Core Impact
- Vulnerability Assessment tools: Nessus, Qualys, etc.
- Red Team testing tools: Cobalt Strike, Red Team Toolkit, etc.
- Identifying , researching, validating , and exploiting various different , known, and unknown security vulnerabilities on the server and client side
- Helping with Vulnerability Assessments and Penetration Testing (application and/or infrastructure) and articulating security issues to technical and non-technical audience
- Participation in Cyber Tiger Team operations
- Assisting with Purple Team Testing
- Knowledge of tools and processes used to expose known and undocumented vulnerabilities in various different systems
- Familiarity with industry Adversary Emulation Frameworks like PTES, CBEST, iCAST , GFMA
- Helping to conduct Adversary Emulations or Assumed Breach Exercises
- Leveraging the MITRE ATT&CK Framework
- Assist in assess ing risk when making business decisions
- Assist the development and delivery of secure solutions by coordinating with business and technical contacts
- Reduce risk by analyzing the root cause of issues, their impact, and required corrective actions
- Scan and analyze applications with automated tools, and perform manual testing if necessary
- Review and validate automated testing results and prioritize actions that resolve issues based on overall risk
- Analyze source code to mitigate identified weaknesses and vulnerabilities within the system
- Resolve any vulnerabilities or issues detected in an application or infrastructure
- Identify opportunities to automate and standardize information security controls and for the supported groups
- Participate in advanced exploitation operations against a large global enterprise, including Red and Purple Team operations
Technology
------------------------------------------------------
Job Family:
Information Security
------------------------------------------------------
Time Type:
Full time
------------------------------------------------------
Citi is an equal opportunity and affirmative action employer.
Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Citigroup Inc. and its subsidiaries ("Citi) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi .
View the " EEO is the Law " poster. View the EEO is the Law Supplement .
View the EEO Policy Statement .
View the Pay Transparency Posting
-
IT Analyst
2 weeks ago
Singapore PEOPLE PROFILERS PTE. LTD. Full timeRoles & ResponsibilitiesResponsibilities:Participate in the requirement study, research, feasibility study, functional analysis and design phases, functional testing, user acceptance testing and end-user training of any new IT software development projects and/ or product development for the eldercare industry. Involve in our market-driven product design to...
-
Research Analyst
6 days ago
Singapore NTU (Nanyang Technology University- Main Office-HR) Full timeResearch Analyst / Senior Analyst (Malaysia Programme) The S. Rajaratnam School of International Studies (RSIS), a Graduate School of Nanyang Technological University (NTU), is a leading research and teaching institution in strategic and international affairs and policy think tank in the Asia-Pacific region.RSIS seeks Research Analyst/Senior Analyst for...
-
Analyst
4 weeks ago
Singapore FTI CONSULTING (SINGAPORE) PTE. LTD. Full timeRoles & ResponsibilitiesCompass Lexecon, a trading name of FTI Consulting (Singapore), is one of the world's leading economic consulting firms. We strive to recruit and develop talented people to work together to produce meaningful economic analysis of exceptional quality, and to create a positive impact on our clients and society.Our Competition Practice...
-
Country Manager
6 days ago
Singapore Investment Analyst Association, Inc. Full timeJob DescriptionCiti, a leading global financial services company, is seeking an experienced Country Manager - Facilities Operations Leader to join our team in Singapore. As a key member of our Corporate Realty Services (CRS) team, you will be responsible for managing the day-to-day operations of Citi's facilities in Singapore, ensuring that they are...
-
Singapore Investment Analyst Association, Inc. Full timeAbout the RoleWe are seeking an experienced Country Manager - Facilities Operations Leader to join our team in Singapore. As a key member of our Corporate Realty Services (CRS) team, you will be responsible for managing the day-to-day operations of Citi's facilities in Singapore, ensuring that they are well-maintained, secure, and meet the needs of our...
-
Real Estate Portfolio Manager
6 days ago
Singapore Investment Analyst Association, Inc. Full timeOverviewThe Country Manager - Facilities Operations Leader will be responsible for managing the day-to-day operations of Citi's facilities in Singapore, ensuring that they are well-maintained, secure, and meet the needs of our employees and customers. This role requires strong leadership and management skills, including the ability to motivate and direct a...
-
Corporate Realty Services Director
6 days ago
Singapore Investment Analyst Association, Inc. Full timeResponsibilities and RequirementsThe Country Manager - Facilities Operations Leader will be responsible for managing the day-to-day operations of Citi's facilities in Singapore, ensuring that they are well-maintained, secure, and meet the needs of our employees and customers. This role requires strong leadership and management skills, including the ability...
-
Analyst
3 weeks ago
Singapore INCRED GLOBAL WEALTH PTE. LTD. Full timeRoles & ResponsibilitiesWe are seeking an Analyst within our Wealth Management business. Below are the responsibilities:- To shadow Senior relationship managers and assist them in managing their clients- Monitor and review client portfolios and create process and templates which allows for ease of monitoring- Use technology to improve efficiencies in all...
-
Analyst
3 weeks ago
Singapore INCRED GLOBAL WEALTH PTE. LTD. Full timeRoles & ResponsibilitiesWe are seeking an Analyst within our Wealth Management business. Below are the responsibilities:- To shadow Senior relationship managers and assist them in managing their clients- Monitor and review client portfolios and create process and templates which allows for ease of monitoring- Use technology to improve efficiencies in all...
-
Business Analyst
4 weeks ago
Singapore HELIUS TECHNOLOGIES PTE. LTD. Full timeRoles & ResponsibilitiesTitle: Business AnalystDomain: BankingJD:This is a business analyst role within Trading Risk domain with primary responsibilities including understanding, assessing, and implementing the changing risk management needs of the bank's Market and ALM risk.This role provides a balanced mixture of quantitative and qualitative exposures,...
-
System Analyst
2 weeks ago
Singapore SAKSOFT PTE LIMITED Full timeRoles & ResponsibilitiesExperience: 10+ YearsRole: System AnalystKey Skills:· MS SQL, Java, JiraKey Responsibilities:Experience System Analyst with a strong background in supporting branch teller system Participate in requirements gathering with Business Users and Business Analyst. Suggest alternate solutions to meet or improve the desired...
-
Research Analyst
3 days ago
Singapore NTU (Nanyang Technology University- Main Office-HR) Full timeResearch Analyst/Senior Analyst/Associate Research Fellow (China Programme) The S. Rajaratnam School of International Studies (RSIS) , a Graduate School of Nanyang Technological University, Singapore, is a leading research and teaching institution in strategic and international affairs and policy-oriented think-tank in the Asia-Pacific region.RISIS is...
-
T24 Business Analyst
2 weeks ago
Singapore TANGSPAC CONSULTING PTE LTD Full timeRoles & ResponsibilitiesJob TitleSenior Business Analyst - T24OccupationBUSINESS ANALYSTJob Description & RequirementsJob Description & RequirementsAs a Business Analyst, you will be responsible for gathering requirements, analysis and participate in change management for Core banking (T24) for banking client . The focus is on the implementing new...
-
Business Analyst
3 weeks ago
Singapore NEWGEN SOFTWARE TECHNOLOGIES PTE. LTD. Full timeRoles & ResponsibilitiesJob Description:The incumbent will be responsible for post-sales Engagement Management with the clients along with the role of Business & Systems Analyst. As an Engagement Manager, the person will act as a single point of contact for the customer to ensure that during the course of project all the requirements, concerns and deliveries...
-
Data Analyst
2 days ago
Singapore MEINHARDT SUIT PTE. LTD. Full timeRoles & ResponsibilitiesJob Summary:The Junior Data Analyst will focus on developing dashboards and visualizations to present performance metrics and AI-generated outputs. The role involves validating data, supporting reporting efforts, and creating insights for stakeholders.Key Responsibilities:Develop dashboards to visualize performance metrics derived...
-
Business Analyst
4 weeks ago
Singapore THE EDGE PARTNERSHIP HOLDINGS PTE. LTD. Full timeRoles & ResponsibilitiesMy client is a leading airline committed to providing exceptional travel experiences. We are seeking a talented and analytical Business Analyst to join our team and support our strategic initiatives through data-driven insights and analysisBusiness AnalystPerform thorough business analysis to identify areas of growth, optimize...
-
Business Analyst
3 weeks ago
Singapore THE EDGE PARTNERSHIP HOLDINGS PTE. LTD. Full timeRoles & ResponsibilitiesMy client is a leading airline committed to providing exceptional travel experiences. We are seeking a talented and analytical Business Analyst to join our team and support our strategic initiatives through data-driven insights and analysisBusiness AnalystPerform thorough business analysis to identify areas of growth, optimize...
-
Business Analyst
5 days ago
Singapore DELTA SG CONSULTING Full timeRoles & ResponsibilitiesA Functional Business Analyst who is Success-driven and Focused business analyst bringing extensive expertise of automating manual processes, diagnosing existing inefficiencies and proposing innovative solutions based on specified needs.The Functional Business Analyst must have expertise in the cards and unsecured domain and...
-
Business Analyst
3 weeks ago
Singapore NEWGEN SOFTWARE TECHNOLOGIES PTE. LTD. Full timeRoles & ResponsibilitiesJob Description:The incumbent will be responsible for post-sales Engagement Management with the clients along with the role of Business & Systems Analyst. As an Engagement Manager, the person will act as a single point of contact for the customer to ensure that during the course of project all the requirements, concerns and deliveries...
-
Business Analyst
6 days ago
Singapore NSEARCH GLOBAL PTE. LTD. Full timeRoles & ResponsibilitiesOur client, one of Asia-Pacific's leading organizations is looking for:Business AnalystRequirementsShall have a degree in Computer Science, Computing, Electrical Engineering, IT or equivalent. Shall fulfil at least one of the following criteria:o Shall have at least two years' experience in system analysis and design and Java...
