CrawlJobs Logo

Application Penetration Tester

https://www.citi.com/ Logo

Citi

Location Icon

Location:
Singapore , Singapore

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We’re currently looking for a high caliber professional to join our team as AVP Application Penetration Tester based in Singapore. Being part of our team means that we’ll provide you with the resources to meet your unique needs, empower you to make healthy decision and manage your financial well-being to help plan for your future.

Job Responsibility:

  • Act as a subject matter expert in offensive information security performing grey and black box application reviews, programming, networking, operating systems, and databases
  • Drive remediation by outlining a defense-in-depth approach to business stakeholders and providing strategic solutions to developers on effective security controls and counter measures
  • Report and articulate the vulnerability assessment results to any audience
  • Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement and automation
  • Conduct vulnerability assessments on a variety of Citi applications (Web, Mobile, Thick Client, and APIs) by performing automated scan and manually identifying, researching, validating, and exploiting various known and unknown application security vulnerabilities

Requirements:

  • Penetration testing expertise in application security
  • Hands-on ethical hacking using security tools (Burp Suite, AppScan, etc.)
  • Knowledge of OWASP Top 10, CWE/SANS Top 25, Threat Modeling
  • Understanding application architecture, design and functionalities
  • Strong foundation on information security
  • Experienced in application vulnerability assessment
  • Bachelor’s Degree
  • Minimum of 2 years of experience
  • Must have or be willing to obtain Industry-accredited security certifications (GIAC GWAPT, GPEN, OSCP, CISSP)
  • Strong technical writing and presentation skills
What we offer:
  • Extensive on-the-job training and exposure to senior leaders
  • Traditional learning
  • Chance to give back and make a positive impact through volunteerism
  • Resources to meet your unique needs
  • Empowerment to make healthy decision and manage your financial well-being to help plan for your future

Additional Information:

Job Posted:
December 31, 2025

Employment Type:
Fulltime
Work Type:
On-site work
Icon
Citi - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Application Penetration Tester

Application Penetration Tester

We are looking for security engineer who loves solving interesting problems and ...
Location
Location
Poland , Warszawa
Salary
Salary:
Not provided
https://www.bosch.pl/ Logo
Robert Bosch Sp. z o.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 5 years of combined experience in penetration testing and security engineering roles
  • Professional certifications such as OSCP, CEH, CISSP, CISM, or equivalent
  • Advanced level of understanding of OWASP Top 10, CVE, general security controls, and other foundational topics such as the latest web application system exploits
  • Attacker mindset for breaking the websites with practical knowledge of OWASP
  • Commanding knowledge of VAPT concepts and best practices, including the requirements for WhiteHat/ethical hacking
  • Expert understanding of the difference between a vulnerability assessment and a penetration test in the context of assessment scope, objectives, and deliverables
  • In depth experience with common automated VAPT tools such as Nessus, Burp Suite
  • Proficiency with other common attack tools and frameworks such as Wireshark, Kali, Metasploit, etc.
  • Working knowledge of DevSecOps, CIS Security benchmarks, scripting languages (Python, PowerShell, Bash) for automation
  • Fluent English (both verbal and written)
Job Responsibility
Job Responsibility
  • Black-box and Grey Box penetration test applications
  • Security testing including reverse engineering of Mobile applications (Android and iOS)
  • Create innovative attacks tools/automations for project specific needs
  • Communicate complex vulnerability results to technical and non-technical audience
  • Perform research and contribute to open-source community on new attack methodology, vulnerability findings
  • Scope penetration tests and contribute to penetration test project management
What we offer
What we offer
  • Competitive salary + annual bonus
  • Hybrid work with flexible working hours
  • Referral Bonus Program
  • Copyright costs for IT employees
  • Private medical care and life insurance
  • Cafeteria System with multiple benefits (incl. MultiSport, shopping vouchers, cinema tickets, etc.)
  • Prepaid Lunch Card
  • Number of benefits for families (for instance summer camps for kids)
  • Non-working day on the 31st of December
  • Fulltime
Read More
Arrow Right

Senior Penetration Tester

As a Penetration Tester, you'll conduct regular, comprehensive security assessme...
Location
Location
Belgium , Brussels
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 5 years' experience in one or more of the following areas: Penetration Tester, Red/Purple Team Member, Security Engineer
  • Knowledge of technologies up to system level (web frameworks, communications protocols, database systems)
  • Offensive security knowledge of cyber-attack techniques, vulnerabilities, and mitigation strategies
  • Knowledge of penetration testing tools, frameworks, and methodology
  • Skills using Kali Linux, Nmap, PowerShell, Metasploit, Cobalt Strike, OWASP ZAP, Burp Suite
  • Proficiency in scripting
  • Awareness of frameworks such as MITRE ATT&CK and NIST and how they can be applied effectively within an enterprise
  • Familiarity with the latest exploits, tactics, techniques, and procedures (TTP), vulnerability remediation and security trends
  • Cyber security qualifications from Offensive Security, SANS, Pentester Academy, CREST, eLearnSecurity or others
Job Responsibility
Job Responsibility
  • Scoping and executing of complex penetrations test across a wide scope of technologies, products, services, and applications and critical infrastructure companies
  • Helping the team to define and improve the internal security testing programme
  • Documenting technical issues both Cyber and IT related during testing assessments
  • Improve our monitoring services by working in purple style exercises and operating in a red team capacity to improve the ability to detect and respond to threats
  • Supporting incident response by providing context and expertise around cyber threats
  • Mentor to our junior & medior colleagues
What we offer
What we offer
  • Extensive career development opportunities, both local and international
  • Part of a dynamic network of 56,000 professionals at all stages of their careers
  • Wide array of offices to explore
  • Fulltime
Read More
Arrow Right

Senior Penetration Tester

The role involves conducting deep-dive vulnerability assessments on a variety of...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree with a minimum of 5 years of experience
  • Expertise in Java, JavaScript (React, Node.js), .NET (ASP.NET, C#, Webflow, MVC, WebAPI), Application Infrastructure (Web/Application Servers, Databases, Middleware Components), and Cloud Computing (Google Cloud Platform, AWS, Azure)
  • Expertise in application security, ethical hacking using security tools (Burp Suite, AppScan), knowledge of OWASP Top 10, CWE/SANS Top 25, Threat Modeling
  • Industry-accredited security certifications such as GIAC GWAPT, GPEN, GXPN, OSCP and/or CISSP
Job Responsibility
Job Responsibility
  • Act as a subject matter expert in offensive information security
  • Drive remediation by outlining a defense-in-depth approach
  • Report and articulate vulnerability assessment results
  • Contribute to the review of internal processes and activities
  • Fulltime
Read More
Arrow Right
New

Principal Penetration Tester

Make your mark at Comcast -- a Fortune 30 global media and technology company. B...
Location
Location
United States , Philadelphia; Colorado; Maryland; Virginia; Texas
Salary
Salary:
117225.34 - 224681.90 USD / Year
comcastcorporation.com Logo
Comcast
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in penetration testing with hands-on experience using tools like Burp Suite, Nmap, Metasploit, Nessus etc.
  • Advanced proficiency in cloud platforms - AWS, GCP, Azure and mobile app security testing.
  • Stay current with emerging threats and techniques in AI/ML security.
  • Complete understanding of the OWASP Top 10, CVSS, and CVE databases.
Job Responsibility
Job Responsibility
  • Perform vulnerability scanning and penetration testing across diverse systems, applications, technologies and environments.
  • Identify program improvement opportunities and develop processes to mature and scale the Pen Testing program.
  • Present thought leadership in new and emerging advanced security trends, vulnerabilities and attack techniques
  • Lead security research and development efforts and provide technical leadership.
  • Develop remediation strategies and architect solution to challenging cybersecurity gaps.
  • Execute application penetration tests for APIs, mobile SDKs, cloud environments and web applications from both open and closed-box perspectives.
  • Analyze and prioritize findings based on the Common Vulnerabilities and Exposures (CVE) database, the Common Vulnerability Scoring System (CVSS) and internal Risk Rating system.
  • Contribute to and maintain the team’s tools, labs, and attack infrastructure
  • actively share knowledge through internal wikis and repositories.
  • Effectively communicate findings and recommendations to both technical and non-technical stakeholders, preparing comprehensive reports and presentations.
What we offer
What we offer
  • Medical & Dental
  • 401(k) Savings Plan
  • Generous paid time off
  • Life Milestones - from adoption assistance, childcare resources, pet insurance, and more, Comcast supports you at all life stages.
  • Courtesy Services - We offer all of our full-time employees in serviceable areas free digital TV and internet.
  • Discount tickets for Universal Resorts, including theme park tickets and onsite hotel rooms.
  • Fulltime
Read More
Arrow Right

Senior Penetration Tester

A senior penetration tester's main responsibility is to execute highly complex a...
Location
Location
Belgium , Olen
Salary
Salary:
Not provided
belden.com Logo
Belden, Inc
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on experience in penetration testing, red teaming, or a related offensive security role
  • Relevant industry certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), or GIAC certifications (e.g., GPEN, GWAPT)
  • Proficiency in at least one scripting language (e.g., Python, Ruby, PowerShell) for automating tasks and developing custom tools
  • Deep knowledge of Windows and Linux/Unix operating systems
  • Strong understanding of TCP/IP, network protocols, and common network services
  • Extensive experience with common web vulnerabilities (e.g., OWASP Top 10) and familiarity with various web application frameworks
  • Experience with penetration testing in at least one major cloud provider (e.g., AWS, Azure)
  • Excellent written and verbal communication skills
  • Strong problem-solving and analytical abilities
  • Ability to work independently and as part of a team
Job Responsibility
Job Responsibility
  • Executing Advanced Penetration Tests: conduct in-depth security assessments on complex systems, including web applications, cloud environments, networks, and mobile applications
  • Developing Custom Tools and Exploits: develop own scripts and exploits to bypass sophisticated security controls and find zero-day vulnerabilities
  • Technical Mentorship: Guiding and mentoring junior and mid-level testers
  • Reporting and Communication: writing detailed technical reports that clearly outline vulnerabilities, their potential impact, and actionable recommendations for remediation
  • Staying Current: continuously research new threats, attack vectors, and security technologies
Read More
Arrow Right

Principal Security Engineer

We’re looking for a principal Security Testing Engineer to work closely with the...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years penetration testing experience in a consultancy, dedicated internal pentesting team, or similar offensive security function
  • 2+ years experience as an offensive security team lead
  • Strong experience in white-box application security testing
  • Full stack application security technical experience
  • Delivery focused
  • Experience mentoring junior penetration testers
  • The ability to complete a penetration test and code review of a modern cloud application
  • Experience leading security teams on complex penetration testing engagements
  • Strong, practical understanding of security testing methodologies, supporting infrastructure requirements and legal considerations
  • Strong collaboration and communication skills when working with closely with deeply technical development and infrastructure teams
Job Responsibility
Job Responsibility
  • Providing SME knowledge and guidance to a team of pen testers/code review
  • Continuing to mature pen testing/code review workflows
  • Identifying and recruiting top-class penetration testing talent
  • Supporting and guiding the growth of a India based penetration testing team
  • Analysing vulnerability data for trends and gaps in controls
  • Identifying significant vulnerabilities in Atlassian products prior to production deployment
  • Building contacts in the Atlassian engineering team, product team and security team
  • Building and leveraging existing contacts to identify potential talent to join the team
  • Establishing testing processes in the local team that complements and extends existing processes
  • Identifying insights which contribute to strategic investments
What we offer
What we offer
  • health and wellbeing resources
  • paid volunteer days
  • Fulltime
Read More
Arrow Right

Application Security Engineer II

In this role, you will support Rackspace's application security program by imple...
Location
Location
India
Salary
Salary:
Not provided
rackspace.com Logo
Rackspace
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2-4 years in the information security field
  • Experience working with application security, security testing, or DevSecOps practices
  • Working knowledge of the SDLC, security concepts, and vulnerability assessment methodologies
  • Hands-on experience with or understanding of programming and scripting languages including one or more of the following: Python, Java, Node.js, Go, Ruby, PHP
  • databases such as SQL
  • and related tools such as Github, Gitlab, Jenkins, and CircleCI
  • Understanding of common vulnerabilities, remediation approaches, and industry-standard classification schemes (CVE, CWE, CVSS, OWASP Top 10)
  • Familiarity with relevant compliance regulations, such as PCI-DSS, ISO 27001, SOC 2, or HIPAA
  • Passion for security and eagerness to learn about new technologies and emerging security vulnerabilities
  • Strong communication skills with the ability to work collaboratively across teams
Job Responsibility
Job Responsibility
  • Execute application security testing using both automated tools and manual testing techniques on web applications, APIs, containers, and other software components
  • Configure, maintain, and operate SAST, DAST, and other application security testing tools
  • Analyze and triage security findings, documenting clear remediation guidance for development teams
  • Support the vulnerability reporting process and track findings through to resolution
  • Assist with triage and validation of external vulnerability disclosures and bug bounty reports
  • Contribute to the development and documentation of application security processes and standards
  • Participate in security code reviews and threat modeling exercises
  • Help track and report metrics for application security program health
  • Collaborate with development and DevOps teams to integrate security into CI/CD pipelines
  • Stay current with application security trends, tools, and best practices
  • Fulltime
Read More
Arrow Right

Product Security Engineer

At Atlassian, we're motivated by a common goal: to unleash the potential of ever...
Location
Location
United States , San Francisco
Salary
Salary:
150700.00 - 206000.00 USD / Year
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Science, Cybersecurity or related field
  • 24 months of experience working as Application Security Engineer, Product Security Engineer, or Penetration Tester
  • experience in application security tooling such as BurpSuite Pro, Postman, Docker, Command Line Interface (CLI) tools, Nmap, and Metasploit
  • understanding and coding common programming languages such as Java, Python, or Go
  • penetration testing, vulnerability assessment, composing and generating vulnerability reports
  • administering and managing Jira project
  • data analysis and data visualization tooling such as Tableau and Databricks
  • code versioning tools such as Bitbucket Cloud and GitHub
  • must pass technical interview
Job Responsibility
Job Responsibility
  • Evaluate submissions from security researchers to bug bounty program, assess the impact of each vulnerability, and communicate with the researcher community to help obtain additional details that may be helpful to engineering teams as they work to remediate the issues
  • drive improvement to the policies, processes, and automation to make bug bounty programs effective and ensure to get the most accurate information about each vulnerability to the proper engineering team as quickly as possible
  • work on vulnerability management improvements on processes, policies and standards
  • make sure the company's products and services are safe and secure, the internal vulnerability management workflow is accurate and up to date
  • identify vulnerabilities at scale and help engineering teams systematically remediate them
  • work on securing open-source supply chain
  • interact with some of the world’s leading security researchers through bug bounty program
  • build cutting edge tools to help identify and remediate vulnerabilities at scale
  • work with web application security and a strong ability to work with colleagues to develop and build solutions to help us scale in order to be successful in this role
  • read and write code
What we offer
What we offer
  • health and wellbeing resources
  • paid volunteer days
  • Fulltime
Read More
Arrow Right
Welcome to CrawlJobs.com
Your Global Job Discovery Platform
At CrawlJobs.com, we simplify finding your next career opportunity by bringing job listings directly to you from all corners of the web. Using cutting-edge AI and web-crawling technologies, we gather and curate job offers from various sources across the globe, ensuring you have access to the most up-to-date job listings in one place.
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Poland Jobs Ireland Jobs Germany Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
© 2025 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy