CrawlJobs Logo

Lead Application Security Specialist

https://www.citi.com/ Logo

Citi

Location Icon

Location:
United States, Fort Lauderdale

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

145840.00 - 218760.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

The Lead Application Security Specialist role focuses on researching vulnerabilities, designing AI tools for security, and ensuring protection for mission-critical applications at Citi.

Job Responsibility:

  • Perform in-depth analysis and research of new vulnerabilities and exploits
  • act as a subject matter expert in offensive information security, application pentesting, networking, operating systems, and databases
  • research and identify potential security issues within Citi Applications
  • drive remediation by outlining a defense-in-depth approach to business stakeholders and providing strategic solutions to developers on effective security controls and counter measures
  • contribute to the architecture, design, and development of advanced AI tooling to assist with vulnerability detection and code analysis
  • collaborate with cross-functional teams to integrate AI capabilities into our existing security tools and processes
  • design and implement user-friendly interfaces and workflows for AI-powered security tools
  • conduct thorough testing and evaluation of AI models and tools to ensure their accuracy, reliability, and effectiveness
  • have excellent communication (written and verbal) skills to report and articulate the results
  • review internal tools, testing processes and methodologies within Application Security space and assist in identifying potential opportunities for improvement and automation
  • mentor and guide junior security analysts and teams.

Requirements:

  • 10+ years of professional experience in an Information Security or Cybersecurity role
  • proficient in Manual Application Penetration Testing and Threat Modeling, with hands-on experience using Security tools (e.g., BurpSuite, AppScan, Qualys, Nessus, CheckMarx, BlackDuck, Snyk)
  • deep knowledge of industry standards (e.g., OWASP Top 10, CWE/SANS Top 25)
  • strong understanding of a variety of Application Architectures (Microservices, REST APIs, SOA, MVC)
  • strong understanding of a variety of Development Frameworks (Spring, Struts, AngularJS, NodeJS)
  • strong understanding of Application Infrastructure(web/app servers, middleware components, databases, public/private/hybrid cloud deployment, cloud service models - SaaS/PaaS/IaaS)
  • strong understanding of a variety of Software Development Methodologies(Agile, DevOps, Waterfall)
  • hands-on experience with a variety of Programming/Scripting Languages(Java, .NET/C#, C/C++, Python, Ruby)
  • hands-on experience with advanced AI related technologies, such as Large Language Models (LLMs), Agentic AI Architecture, MCP server/clients, RAG integrations, and frameworks like LangChain, RAG, PyTorch, TensorFlow, Haystack, etc.
  • proficient in vulnerability discovery, analysis, and exploitation
  • passion for security research, demonstrated by published research, active participation in community events, or contributions to the security community
  • understand CVEs and should be able to reproduce proof-of-concept easily
  • experience in developing AI-powered applications and tools, preferably in the security domain
  • excellent problem-solving skills and the ability to work in a fast-paced environment
  • effective communication skills with the capacity to articulate complex security issues to technical and non-technical stakeholders.

Nice to have:

  • Multiple years of professional experience in an Artificial Intelligence (AI) Development role, focusing on developing AI-powered applications and tools for security, and hands-on experience with advanced AI technologies such as Large Language Models (LLMs), Agentic AI Architecture, Retrieval Augmented Generation (RAG) integrations, and frameworks like LangChain, PyTorch, or TensorFlow
  • contributions to open-source AI or security projects
  • obtained or be willing to obtain industry-accredited security certification such as: GIAC GWEB, GWAPT, GMOB, GPEN, GXPN, OSCP, OSWE, CISSP, AI/ML certifications.
What we offer:
  • Medical, dental & vision coverage
  • 401(k)
  • life, accident, and disability insurance
  • wellness programs
  • paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays.

Additional Information:

Job Posted:
October 29, 2025

Expiration:
December 01, 2025

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
View All Jobs In This Company
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon
Welcome to CrawlJobs.com
Your Global Job Discovery Platform
At CrawlJobs.com, we simplify finding your next career opportunity by bringing job listings directly to you from all corners of the web. Using cutting-edge AI and web-crawling technologies, we gather and curate job offers from various sources across the globe, ensuring you have access to the most up-to-date job listings in one place.
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Australia Jobs China Jobs Canada Jobs Mexico Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
© 2025 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy