Citi | Applications Vulnerability Assessment Analyst India | Poona | Bharat | BigDataKB.com | 2023-03-05

The Apps Support Intmd Analyst is a developing professional role. Deals with most problems independently and has some latitude to solve complex problems. Integrates in-depth specialty area knowledge with a solid understanding of industry standards and practices. Good understanding of how the team and area integrate with others in accomplishing the objectives of the subfunction/ job family. Applies analytical thinking and knowledge of data analysis tools and methodologies. Requires attention to detail when making judgments and recommendations based on the analysis of factual information. Typically deals with variable issues with potentially broader business impact. Applies professional judgment when interpreting data and results. Breaks down information in a systematic and communicable manner. Developed communication and diplomacy skills are required in order to exchange potentially complex/sensitive information. Moderate but direct impact through close contact with the businesses’ core activities. Quality and timeliness of service provided will affect the effectiveness of own team and other closely related teams.

Responsibilities:

• The Application Vulnerability Analyst provides technical and business support for users of Citi Applications. This includes providing quick resolutions to application vulnerability (VA/CVM/ SBT) issues, driving stability, efficiency and effectiveness improvements to help us and the business succeed.
• Adapt at data analysis using tools like Excel, SharePoint, PowerBI or Tableau (front end)
• Manages, maintains and supports vulnerability tester to achieve AVA/LVA/CIVA/IVA. Connects with vendors, focusing on stability, quality and functionality against service level expectations.
• Develop and maintain vulnerability assessment documentation.
• Identifies ways to improve resolutions to vulnerabilities found in the application.
• Assess risk and impact of application vulnerability issues and escalate to business and technology management in a timely manner.
• Ensures that VA process and monitoring is in place and functioning correctly
• Reviews and develops issues resolution plan aliasing with App Manager.
• Partners with appropriate development and production support areas to prioritize vulnerability fixes and support tooling requirements.
• Engages in open issues analysis to ensure successful plan to remediate the issues
• Identifies risks, vulnerabilities and security issues; communicates impact.
• Ensures essential procedures are followed and helps to define operating standards and processes.
• Act as a liaison between App manager/vendors, interfacing internal technology groups like SSO.
• Expected to be able to raise problems to appropriate technology and business teams, while adhering to Service Level Agreements.
• Performs other duties and functions as assigned.
• Has the ability to operate with a limited level of direct supervision.
• Can exercise independence of judgement and autonomy.
• Acts as SME to senior stakeholders and /or other team members.
• Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm’s reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.

Qualifications:

• 2-5 years experience in an Application Vulnerability Assessment/ Vulnerability testing/ Ethical hacker/ Penetration testing role

Familiar and good understanding of top 10 OWASP issues and path to resolutions

• Ability to act as champion to drive vulnerability assessment issues
• Good understanding to static code analysis, penetration testing
• Good Understanding of agile processes like Kanban/ Scrum
• Effective written and verbal communications including ability to explain technical issues in simple terms that non-IT staff can understand.
• Consistently demonstrates clear and concise written and verbal communication skills
• Ability to communicate appropriately to relevant stakeholder
• Demonstrated analytical skills
• Issue tracking and reporting using tools
• Knowledge/ experience of problem Management Tools.
• Experience with some programming languages and willingness/ability to learn.
• Advanced execution capabilities and ability to adjust quickly to changes and re-prioritization
• Effectively share information with other support team members and with other technology teams
• Ability to plan and organize workload

Education:

• Bachelor’s/University degree or equivalent experience

Exposure to penetration testing, or CREST certification will be a plus

Prior experience in Application support and maintenance will be advantages.

–

Job Family Group:

Technology

–

Job Family:

Applications Support

–

Time Type:

Full time

–

Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries (Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View the EEO is the Law poster. View the EEO is the Law Supplement.

View the EEO Policy Statement.

View the Pay Transparency Posting