Vulnerability Assessments Automation Analyst (VP)
Job Description :
The Vulnerability Assessments Automation Analyst provides automation services within Vulnerability Assessments (VA) department to enhance internal security tooling. The candidate will primarily be working on creating enterprise level solutions that help streamline end-to-end processes for vulnerability identification, reporting and remediation by automating repetitive tasks. The enhancements introduced by the engineer in this role will instantly benefit internal Citi businesses and security testing teams. This role requires candidate to have strong development background and awareness in application security. The candidate needs to be a problem solver, analytical thinker, team player, and an effective communicator who is able to bridge business, technology, and security requirements. Responsibilities :
• Develop extensions to well-known security tools such as AppScan, Burp, Checkmarx, Qualys, and Archer by leveraging available API services. This requires development experience in various languages such as .NET, Java and Python.
• Understand client requirements and support existing applications to reprogram,
update, and add new features.
• Write high quality source code in a fast-paced environment with minimal directions.
• Create technical documents and user manuals for all applications.
• Troubleshoot problems or defects within each solution and drive issues to resolution.
• Conduct functional and non-functional testing.
• Develop secure applications using modern frameworks and programming techniques to ensure that feature requests and functionalities are completed in a timely manner.
• Identify key areas of automation within Vulnerability Assessment services and integrate them into existing automated tools ensuring consistent results are obtained.
• Perform application security testing on various types of applications such as web, APIs (REST/SOAP/Micro services), thick clients, mobile, etc., inclusive of the supporting infrastructure components. Qualifications :
• Bachelor's degree in Computer Science, Information Systems Management, or related field preferred.
• Experience with Spring Framework, Apache Struts, SOAP web services, RESTful API's, Spring Boot, Spring Cloud.
• Analytical thinking and problem-solving capabilities.
• Experience with CI/CD tools and test automation using Selenium or similar.
• Having a good understanding of security vulnerabilities of web-based, mobile and desktop applications is required.
• Excellent communication skills (written and verbal) and the ability to communicate with all levels of staff and management are also essential. Job Family Group:
Technology Job Family:
Information Security Time Type:
Citi is an equal opportunity and affirmative action employer.
Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Citigroup Inc. and its subsidiaries ("Citi") invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi
View the " EEO is the Law
" poster. View the EEO is the Law Supplement
View the EEO Policy Statement
View the Pay Transparency Posting