Red Team

**The Role**:
**Responsibilities**
- Support Citi’s Red, Blue, and Purple Teams during the execution of offensive security assessment operations
- Develop and implement Red Team automation tools utilizing various programming languages
- Collect, analyze, monitor, and interpret data related to the firm’s security posture
- Assist in developing and maintaining technical documentation
- Establish meaningful partnerships with relevant stakeholders across the enterprise is a key function of this role to build and maintain a comprehensive model of applicable, feasible threats, and risks to the business
- Participate in advanced exploitation operations against a large global enterprise, including Red and Purple Team operations
- Identify opportunities to automate and standardize information security controls and for the supported groups
- Analyze source code to mitigate identified weaknesses and vulnerabilities within the system
- Review and validate automated testing results and prioritize actions that resolve issues based on overall risk
- Reduce risk by analyzing the root cause of issues, their impact, and required corrective actions
- Direct the development and delivery of secure solutions by coordinating with business and technical contacts

**Qualifications**

4+ years’ experience or equivalent knowledge and exposure are required with most of the following:

- Deep understanding of programming concepts and experience developing offensive tooling
- Strong programming background with Python
- Experience with utilizing Breach Attack Simulation tools and developing custom code to enhance tooling
- Leveraging the MITRE ATT&CK Framework
- Knowledge of tools and processes used to expose known and undocumented vulnerabilities in various different systems
- Leading or conducting Purple Team Testing
- Strong communication and interpersonal skills, including experience with technical and non-technical teams
- Excellent analytical and problem-solving skills, with the ability to analyze complex data sets, and provide recommendations for mitigating risk
- Identifying, researching, validating, and exploiting various different, known, and unknown security vulnerabilities on the server and client side
- Red Team testing tools: Cobalt Strike, Red Team Toolkit, etc.
- Vulnerability Assessment tools: Nessus, Qualys, etc.
- Exploitation frameworks: Metasploit, CANVAS, Core Impact
- Deep understanding of OSI model
- OS Security: Unix/Linux, Windows, OSX
- Understanding of common protocols: HTTP, LDAP, SMTP, DNS
- Web development and programming languages: Python, Perl, Ruby, Java,.Net
- Reporting information security vulnerabilities to the business

**Education**:

- Bachelor’s degree/University degree or equivalent experience
- Master’s degree preferred
- Industry-accredited security certifications highly preferred but not required (e.g. PNPT, OSCP, OSCE, GXPN, GPEN, GCIH, GWAPT, GCFA, or CISSP)

This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.
- **Job Family Group**:
Technology
- **Job Family**:
Information Security
- **Time Type**:
Full time
- Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

View the "**EEO is the Law**" poster. View the **EEO is the Law Supplement**.

View the **EEO Policy Statement**.

View the **Pay Transparency Posting