Red Team Analyst - Info Sec Tech Lead Analyst Red Team Analyst - Info Sec Tech Lead Analyst …

Citi
in Singapore, Singapore, Singapore
Permanent, Full time
Be the first to apply
Competitive
Citi
in Singapore, Singapore, Singapore
Permanent, Full time
Be the first to apply
Competitive
Citi
Red Team Analyst - Info Sec Tech Lead Analyst
This position requires at least 3-7 years working experience and at least a Bachelor's Degree. A basic understanding of web application and infrastructure security is a must.
Duties will include 
•    Providing vulnerability assessment and penetration testing services to Citi businesses globally through a comprehensive testing process 
•    Identifying weaknesses and vulnerabilities within the system and proposing countermeasures. 
•    Testing of the overall security of critical infrastructure components and applications to ensure they comply with internal policies, security architecture best practices, and industry standards
•    Scanning and discovering rouge hosts, networks, and devices
•    Scanning and discovering vulnerable systems and applications
•    Reporting information security vulnerabilities to businesses and vendors
•    Subject matter expert in offensive information security including databases, networking, operating systems, applications, and programming.
The candidate is expected to already be familiar with the majority of the below tools:
•    Experience in Web development and programming languages i/e Java/J2EE (Servlets/JSPs, STRUTS, Spring Flow, JavaServer Faces, Hibernate, JDBC, Enterprise Java Beans) 
•    Vulnerability Assessment tools, e.g. Nessus, Qualys, etc
•    Penetration testing (application and/or infrastructure)
•    Identifying, researching, validating, and exploiting various different known and unknown security vulnerabilities on server and client side 
•    Exploitation frameworks, e.g. Metasploit, CANVAS, Core Impact
•    Social Engineering campaigns, e.g. email phishing, phone calls, SET
•    Deep understanding of OSI model
•    Security devices, e.g. Firewalls, VPN, AAA systems
•    OS Security, e.g. Unix, Linux, Windows, Cisco, etc
•    Understanding of common protocols, e.g. LDAP, SMTP, DNS, Routing Protocols
•    Web application infrastructure, e.g. Application Servers, Web Servers, Databases
•    Web development and programming languages i.e. Python, Perl, Ruby, Java, and/or .Net
•    Reporting information security vulnerabilities to businesses
The following requirements are a plus as we are willing to invest in training and development in the security and vulnerability space:
•    Conducting application vulnerabilities assessments and articulating security issues to technical and non-technical audience
•    Knowledge of tools and processes used to expose common vulnerabilities and implement countermeasures
•    Experience using open source and vendor vulnerability assessment tools
•    Background in a similar role
•    Understanding enterprise networks
In this role you will get a chance to work in a unique environment with diverse technology implementations. Personal development is important, all of our analysts acquire and maintain industry-accredited security certifications (the candidate must have or be willing to obtain the following ones) - GIAC, GXPN, GDAT, GWAPT, GPEN, GCIH, OSCP, OSCE, CREST, GMOB and CEH.
#LI-SG
-------------------------------------------------
Grade :All Job Level - All Job FunctionsAll Job Level - All Job Functions - SG ------------------------------------------------------
Time Type : ------------------------------------------------------
Citi is an equal opportunity and affirmative action employer.
Minority/Female/Veteran/Individuals with Disabilities/Sexual Orientation/Gender Identity.
Citigroup Inc. and its subsidiaries ("Citi") invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity CLICK HERE .
To view the "EEO is the Law" poster CLICK HERE . To view the EEO is the Law Supplement CLICK HERE .
To view the EEO Policy Statement CLICK HERE .
To view the Pay Transparency Posting CLICK HERE .
Close
Loading...