CrawlJobs Logo

Senior Penetration Tester

https://www.citi.com/ Logo

Citi

Location Icon

Location:
Singapore , Singapore

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

The role involves conducting deep-dive vulnerability assessments on a variety of Citi applications (Web, Mobile, Thick Client, and APIs) by manually identifying, researching, validating, and exploiting various known and unknown application security vulnerabilities.

Job Responsibility:

  • Act as a subject matter expert in offensive information security
  • Drive remediation by outlining a defense-in-depth approach
  • Report and articulate vulnerability assessment results
  • Contribute to the review of internal processes and activities

Requirements:

  • Bachelor’s degree with a minimum of 5 years of experience
  • Expertise in Java, JavaScript (React, Node.js), .NET (ASP.NET, C#, Webflow, MVC, WebAPI), Application Infrastructure (Web/Application Servers, Databases, Middleware Components), and Cloud Computing (Google Cloud Platform, AWS, Azure)
  • Expertise in application security, ethical hacking using security tools (Burp Suite, AppScan), knowledge of OWASP Top 10, CWE/SANS Top 25, Threat Modeling
  • Industry-accredited security certifications such as GIAC GWAPT, GPEN, GXPN, OSCP and/or CISSP

Nice to have:

  • Development and security background
  • Strong technical writing and presentation skills
  • Interest in performing code reviews

Additional Information:

Job Posted:
March 21, 2025

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Citi - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Senior Penetration Tester

Senior Penetration Tester

As a Penetration Tester, you'll conduct regular, comprehensive security assessme...
Location
Location
Belgium , Brussels
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 5 years' experience in one or more of the following areas: Penetration Tester, Red/Purple Team Member, Security Engineer
  • Knowledge of technologies up to system level (web frameworks, communications protocols, database systems)
  • Offensive security knowledge of cyber-attack techniques, vulnerabilities, and mitigation strategies
  • Knowledge of penetration testing tools, frameworks, and methodology
  • Skills using Kali Linux, Nmap, PowerShell, Metasploit, Cobalt Strike, OWASP ZAP, Burp Suite
  • Proficiency in scripting
  • Awareness of frameworks such as MITRE ATT&CK and NIST and how they can be applied effectively within an enterprise
  • Familiarity with the latest exploits, tactics, techniques, and procedures (TTP), vulnerability remediation and security trends
  • Cyber security qualifications from Offensive Security, SANS, Pentester Academy, CREST, eLearnSecurity or others
Job Responsibility
Job Responsibility
  • Scoping and executing of complex penetrations test across a wide scope of technologies, products, services, and applications and critical infrastructure companies
  • Helping the team to define and improve the internal security testing programme
  • Documenting technical issues both Cyber and IT related during testing assessments
  • Improve our monitoring services by working in purple style exercises and operating in a red team capacity to improve the ability to detect and respond to threats
  • Supporting incident response by providing context and expertise around cyber threats
  • Mentor to our junior & medior colleagues
What we offer
What we offer
  • Extensive career development opportunities, both local and international
  • Part of a dynamic network of 56,000 professionals at all stages of their careers
  • Wide array of offices to explore
  • Fulltime
Read More
Arrow Right

Senior Penetration Tester

A senior penetration tester's main responsibility is to execute highly complex a...
Location
Location
Belgium , Olen
Salary
Salary:
Not provided
belden.com Logo
Belden, Inc
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on experience in penetration testing, red teaming, or a related offensive security role
  • Relevant industry certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), or GIAC certifications (e.g., GPEN, GWAPT)
  • Proficiency in at least one scripting language (e.g., Python, Ruby, PowerShell) for automating tasks and developing custom tools
  • Deep knowledge of Windows and Linux/Unix operating systems
  • Strong understanding of TCP/IP, network protocols, and common network services
  • Extensive experience with common web vulnerabilities (e.g., OWASP Top 10) and familiarity with various web application frameworks
  • Experience with penetration testing in at least one major cloud provider (e.g., AWS, Azure)
  • Excellent written and verbal communication skills
  • Strong problem-solving and analytical abilities
  • Ability to work independently and as part of a team
Job Responsibility
Job Responsibility
  • Executing Advanced Penetration Tests: conduct in-depth security assessments on complex systems, including web applications, cloud environments, networks, and mobile applications
  • Developing Custom Tools and Exploits: develop own scripts and exploits to bypass sophisticated security controls and find zero-day vulnerabilities
  • Technical Mentorship: Guiding and mentoring junior and mid-level testers
  • Reporting and Communication: writing detailed technical reports that clearly outline vulnerabilities, their potential impact, and actionable recommendations for remediation
  • Staying Current: continuously research new threats, attack vectors, and security technologies
Read More
Arrow Right

Senior Penetration Tester

Serve as a Subject Matter Expert providing testing expertise of the Risk Managem...
Location
Location
United States , Annapolis Junction
Salary
Salary:
Not provided
ctp-web.com Logo
Columbia Technology Partners
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Eight (8) experience of related work experience as a Penetration Tester performing both network and application-level testing using established test protocols and methods
  • A Bachelor's degree in Computer Science or a related field (e.g. General Engineering, Computer Engineering, Electrical Engineering, Systems Engineering, Mathematics, Computer Forensics, Cybersecurity, Information Technology, Information Assurance, Information Security, and Information Systems)
  • In lieu of a Bachelor's degree, four (4) additional years of Penetration Testing experience maybe substituted
  • U.S. Citizenship is required for all applicants
  • All applicants and employees are subject to random drug testing in accordance with Executive Order 12564
  • Employment is contingent upon successful completion of a security background investigation and polygraph
  • DoD 8570 compliance with IAT III is required
  • This position requires an active Security Clearance with appropriate Polygraph
Job Responsibility
Job Responsibility
  • Serve as a Subject Matter Expert providing testing expertise of the Risk Management Framework
  • Direct and/or participate in the testing phase of security controls assessments using specialized knowledge of network protocols, operating systems, architectures, equipment, services, and standards
  • Perform vulnerability and penetration testing using a wide variety of tools
  • Research and evaluate emerging technologies relevant to information systems security
  • interpret agency specific and federal security regulations
  • Perform both network and application-level testing using established testing protocols and methods
What we offer
What we offer
  • Medical: CTP offers 3 superior plans, bringing our employees both in-network and out-of-network options
  • Vision + Dental: Both free to you + paid in full by CTP
  • Retirement: 401k - 6% company contribution
  • PTO + Leave: A work life balance is extremely important to our team here at CTP, which is why our paid time off plans are so lucrative. Offering customizable leave plans to meet your needs is just one of our many perks! Jury Duty, Bereavement + Military Leave provided
  • Career Growth: Up to $10,000 provided for approved career-related learning, training, education, and/or tuition
  • Life and AD&D Insurance/Short-Term & Long-Term Disability: More peace of mind, at zero cost to you
  • Profit Sharing Bonus: End of year cash gets added to your bottom-line
  • Referral Bonus Program: Our tiered program provides an incentive with each stage of the hiring process your referral passes. Our bonuses range from $7,000-$20,000, if your referral joins the team
  • Fulltime
Read More
Arrow Right

Application Security Engineer II

In this role, you will support Rackspace's application security program by imple...
Location
Location
India
Salary
Salary:
Not provided
rackspace.com Logo
Rackspace
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2-4 years in the information security field
  • Experience working with application security, security testing, or DevSecOps practices
  • Working knowledge of the SDLC, security concepts, and vulnerability assessment methodologies
  • Hands-on experience with or understanding of programming and scripting languages including one or more of the following: Python, Java, Node.js, Go, Ruby, PHP
  • databases such as SQL
  • and related tools such as Github, Gitlab, Jenkins, and CircleCI
  • Understanding of common vulnerabilities, remediation approaches, and industry-standard classification schemes (CVE, CWE, CVSS, OWASP Top 10)
  • Familiarity with relevant compliance regulations, such as PCI-DSS, ISO 27001, SOC 2, or HIPAA
  • Passion for security and eagerness to learn about new technologies and emerging security vulnerabilities
  • Strong communication skills with the ability to work collaboratively across teams
Job Responsibility
Job Responsibility
  • Execute application security testing using both automated tools and manual testing techniques on web applications, APIs, containers, and other software components
  • Configure, maintain, and operate SAST, DAST, and other application security testing tools
  • Analyze and triage security findings, documenting clear remediation guidance for development teams
  • Support the vulnerability reporting process and track findings through to resolution
  • Assist with triage and validation of external vulnerability disclosures and bug bounty reports
  • Contribute to the development and documentation of application security processes and standards
  • Participate in security code reviews and threat modeling exercises
  • Help track and report metrics for application security program health
  • Collaborate with development and DevOps teams to integrate security into CI/CD pipelines
  • Stay current with application security trends, tools, and best practices
  • Fulltime
Read More
Arrow Right

Senior Security Engineer

PagerDuty is seeking a Senior Security Engineer to join our diverse, customer-fo...
Location
Location
Canada , Toronto
Salary
Salary:
137000.00 - 207000.00 CAD / Year
https://www.pagerduty.com Logo
PagerDuty
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proficiency with Application & Product Security typically associated with 4 - 5 years of experience in a Security Engineering role working with a cloud-native, microservices environment, preferably AWS
  • Familiarity with cloud-native product technologies including: Vulnerability detection via multiple approaches including SAST, DAST, SCA, and runtime (e.g., Qualys/Nessus, Wiz, Snyk, GHAS, Semgrep, etc.)
  • CI/CD technologies and integrations (e.g., CircleCI, Buildkite, Helm, Terraform, Chef)
  • Product security event logging standards and analysis tools (e.g., SIEM such as: SumoLogic, LogRythm, or Splunk, etc.)
  • Security Incident Response & Risk Management processes and tools
  • Proficiency in at least one programming language and framework (e.g. Python, Bash, Phoenix/Elixir, Java, Ruby on Rails), typically associated with 3 - 4 years of experience with the language/framework
  • Have exceptional written, oral communication, and interpersonal skills
  • Organizational skills with the ability to successfully manage multiple priorities and deadlines
Job Responsibility
Job Responsibility
  • Embrace the role of hands-on technical lead in defining product security standards and guiding platform protections
  • Establish criteria and conduct comprehensive security reviews throughout all stages of product development to identify and address security risks
  • Perform regular threat assessments, coordinate with third-party testers for penetration testing, and conduct internal penetration testing to identify and mitigate security risks
  • Mentor and guide team members to ensure product and business objectives are prioritized in project implementations, fostering a strong documentation culture with project charters and design documents
  • Work with loosely defined requirements where you exercise your analytical skills to clarify questions, share your approach, and collaborate with the team to design and implement effective security frameworks. Maintain a strong appetite for challenging problems with a high degree of ownership
  • Participate in the team’s On-Call rotation, triaging and addressing security issues as they arise, and implement measures to prevent future occurrences
  • Enable service team security implementations by developing security-as-code constructs, including infrastructure-as-code (IaC) modules, libraries and frontend components, while creating and maintaining developer-focused documentation to promote easy adoption
  • Establish and uphold baseline standards and hardened configurations for platform components
  • Continuously enhance security frameworks by focusing on product security standards and software supply chain protections, tailored for application security in cloud-native, microservices environments
What we offer
What we offer
  • Competitive salary
  • Comprehensive benefits package from day one
  • Flexible work arrangements
  • Company equity
  • ESPP (Employee Stock Purchase Program)
  • Retirement or pension plan
  • Generous paid vacation time
  • Paid holidays and sick leave
  • Dutonian Wellness Days & HibernationDuty - companywide paid days off in addition to PTO
  • Paid parental leave: 22 weeks for pregnant parent, 12 weeks for non-pregnant parent (some countries have longer leave standards and we comply with local laws)
  • Fulltime
Read More
Arrow Right

VAPT Manager

Core Responsibilities: Conduct end-to-end Vulnerability Assessment and Penetrati...
Location
Location
India , Coimbatore
Salary
Salary:
Not provided
ambconline.com Logo
AMBC
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Conduct end-to-end Vulnerability Assessment and Penetration Testing (VAPT) across web applications, mobile apps, networks, Active Directory, APIs, and enterprise systems
  • Perform manual and automated penetration testing with strong hands-on depth in web, network, and AD security testing
  • Execute Red Teaming / adversary simulation activities, including privilege escalation and lateral movement
  • Perform cloud security assessments across AWS, Azure, and GCP environments
  • Review and assess security configurations of network devices, servers, databases, and cloud services
  • Evaluate CI/CD pipelines and DevSecOps practices to identify security gaps in build and deployment processes
  • Analyze findings, assign risk ratings, and prepare clear VAPT reports with impact analysis and actionable remediation guidance
  • Collaborate with development, DevOps, IT, and client stakeholders to prioritize and support vulnerability remediation
  • Continuously track emerging threats and attack techniques and enhance testing methodologies accordingly
  • Certifications (At Least One Mandatory): CRTO – Certified Red Team Operator
Job Responsibility
Job Responsibility
  • Conduct end-to-end Vulnerability Assessment and Penetration Testing (VAPT) across web applications, mobile apps, networks, Active Directory, APIs, and enterprise systems
  • Perform manual and automated penetration testing with strong hands-on depth in web, network, and AD security testing
  • Execute Red Teaming / adversary simulation activities, including privilege escalation and lateral movement
  • Perform cloud security assessments across AWS, Azure, and GCP environments
  • Review and assess security configurations of network devices, servers, databases, and cloud services
  • Evaluate CI/CD pipelines and DevSecOps practices to identify security gaps in build and deployment processes
  • Analyze findings, assign risk ratings, and prepare clear VAPT reports with impact analysis and actionable remediation guidance
  • Collaborate with development, DevOps, IT, and client stakeholders to prioritize and support vulnerability remediation
  • Continuously track emerging threats and attack techniques and enhance testing methodologies accordingly
Read More
Arrow Right
New

Singapore - 2026 Voyage Program - F&B Operations

The Voyage Global Leadership Development Program is a full-time, paid developmen...
Location
Location
Singapore
Salary
Salary:
Not provided
https://www.marriott.com Logo
Marriott Bonvoy
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelors degree or equivalent higher level education required (Associates degree acceptable for Culinary)
  • Superior critical thinking & interpersonal communication skills
  • Ability to foster relationships & work collaboratively
  • Self-manage & be a self-starter
  • Real desire for personal & professional growth
  • Work authorization in the country you apply (local citizen or permanent resident)
  • Graduated from a university or hotel school within the past year
Job Responsibility
Job Responsibility
  • Cultivate customer relationships
  • Be a champion for innovation within the organization
  • Get exposure to managing projects & people
  • Improve processes & pitch new initiatives through your Voyage project
  • Take on special projects that will draw upon all your training
What we offer
What we offer
  • Opportunity to grow in your career
  • Work with teammates that feel like family
  • Open road to opportunity and growth
  • Access to Marriott’s senior leaders and coaches
  • Many opportunities to stand out
  • Participate in mini-rotations across disciplines
  • Connect with current and former Voyage participants through social collaboration tools
  • Immersed in rich culture and portfolio of global brands
  • Participate in management meetings and collaborate with Voyage participants worldwide
  • Opportunity to provide feedback on curriculum and have an impact on future Voyage hires’ experiences
  • Fulltime
Read More
Arrow Right
New

Centre Assistant Manager & MOT Tester

Location
Location
United Kingdom , Burgess Hill
Salary
Salary:
Not provided
webrecruit.co Logo
Webrecruit
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Flexible approach to tasks
  • Able to manage own workload
  • Excellent communicator
  • Proven experience working in a busy retail environment in an automotive setting
  • Valid MOT Tester licence issued by the DVSA
Job Responsibility
Job Responsibility
  • Ensure Customers receive the best Customer Service and care to keep complaints to a minimum
  • Ensure all sales targets and KPI’s are achieved
  • Maintain the cleanliness of the Centre and its equipment on an ongoing basis
  • Increase sales of products and services offered by the Company in accordance with procedures
  • Recruit and interview all employees for the Centre
  • Identify any training needs for employees to progress and develop within the Company
  • Carry out service and repair on all makes of vehicle
  • Carry out MOT test to DVSA standard and input details on the DVSA computer system
  • Fit any product specified by the Company to customer vehicles and carry out a range of ancillary services
  • Support other Centres when asked when necessary
What we offer
What we offer
  • NEST Pension Scheme enrolment after 3 months continuous service paid via Salary Sacrifice
  • Life Assurance
  • Bonus Scheme - If Centre Based
  • Stream - releases earnings by giving instant access to pay
  • Retail Discounts (High St, Online and much more)
  • Staff Discounts
  • Wellbeing Support (Employee Assistance Programme, Financial Advice, Health)
  • Training opportunities to further your career within the Company
  • In-house IMI accredited course to further your development & capability
  • Company Uniform including Safety Boots
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy