Senior Application Security Lead, VP

14000 CITI CARDS WAY BUILDING B JACKSONVILLE, United States Citi Citi is a leading global bank for institutions with cross-border needs, a global provider in wealth management and a U.S. personal bank. Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments, and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management. As a bank with a brain and a soul, Citi creates economic value that is systemically responsible and in our clients' best interests. Our technology solutions are the foundations of everything we do from keeping the bank safe, managing global resources, and providing the technical tools our workers need to be successful to designing our digital architecture and ensuring our platforms provide a first-class customer experience. Our commitment to diversity includes a workforce that represents the clients we serve from all walks of life, backgrounds, and origins. We foster an environment where the best people want to work. If you are a problem solver who seeks passion in your work, come join us. About Our Team: The Chief Information Security Office (CISO) is home to deeply talented colleagues that work to ensure the safety of Citi's clients, our revenue, our employees and our proprietary data. As a member of the AppSec team, your duties include interfacing with development organizations to onboard applications to our automated security testing platform and performing secure code review assessments using commercial static analysis tools like Checkmarx, Snyk, and Fortify. Responsibilities: Perform analysis and execution of scans for Software Composition Analysis findings, mobile scanning vulnerabilities. Review and validate automated testing results and prioritize actions that resolve issues based on overall risk. Perform manual source code review for security vulnerabilities. Identify opportunities to automate and standardize information security controls. Write formal security assessment report for each application. Direct the development and delivery of secure solutions. Manage and execute security assessments for multiple projects simultaneously. Research and explore new testing tools and methodologies. Actively participate in research and knowledge sharing discussions. Appropriately assess risk when business decisions are made. Qualifications: 6+ years of relevant experience in web development, source code review, or application security testing. Basic understanding of application security and associated vulnerabilities. Development background in Java/J2EE, C#, .NET in an enterprise environment. Good understanding of the Software Development Life Cycle. Experience using ALM and CICD tools like Bitbucket, GitHub, Jenkins, etc. Familiarity with static analysis and application pen-testing techniques. Experience using commercial enterprise automated security testing tools. Knowledge with mobile platforms and languages is a plus. Experience using or testing cloud platforms is a plus. Proven influencing and relationship management skills. Consistently demonstrates clear and concise written and verbal communication. Professional certifications are a plus. Education: Bachelor's degree in technology, Computer Science, Engineering, or related field. Master's degree is a plus. Job Family Group: Technology Job Family: Information Security Time Type: Full time Primary Location: Jacksonville Florida United States Primary Location Full Time Salary Range: $113,840.00 - $170,760.00 In addition to salary, Citi's offerings may also include competitive employee benefits. Anticipated Posting Close Date: Jan 31, 2025 Citi is an equal opportunity and affirmative action employer. #J-18808-Ljbffr

Created: 2025-03-01