AI & Offensive Security Analyst - Vice President
About The Position
Citi, a leading global bank, is seeking an AI & Offensive Security Analyst for its Advanced Pentesting & Research team. This role involves driving offensive security research, vulnerability discovery, and developing AI-powered security tooling and automation. The ideal candidate will possess deep adversarial security expertise combined with hands-on AI engineering capabilities to identify and exploit system weaknesses and build intelligent solutions for defense at scale. The successful candidate will have a strong R&D mindset, a natural curiosity, and a discipline to stay at the forefront of security and AI research, actively identifying new research opportunities. This role will collaborate closely with engineering, architecture, and risk teams to embed security intelligence across the firm's technology landscape.
Requirements
- 6+ years of experience in Cyber Security or related field.
- Master’s degree in computer science, Cyber Security or related field with a minimum of 3 years of experience in a penetration testing or application development role OR Bachelor’s degree in computer science, Cyber Security or related field with a minimum of 5 years of experience in a penetration testing or application development role
- Hands-on experience with security & Software engineering tooling : Burp Suite, SAST/DAST scanners, Claude Code, GH copilot & custom exploit development from CVE advisories
- Demonstrated proficiency in penetration testing across web, network, and binary domains
- Strong R&D mindset — demonstrated ability to independently identify new research opportunities, follow emerging academic and industry security research, and translate findings into actionable tooling or defensive improvements
- Good proficiency in reading, understanding, and working with code and its features — including the ability to navigate unfamiliar codebases, reason about code behaviour, identify logic flaws, and leverage language-specific constructs in security analysis and tool development
Responsibilities
- Perform deep vulnerability research on emerging attack surfaces including LLM-based systems, AI pipelines, model inference endpoints, and prompt injection vectors.
- Design, build, and maintain AI harnesses capable of performing security-related tasks, including autonomous vulnerability scanning agents, AI-driven exploit classification systems, intelligent threat detection models, and LLM-assisted code analysis engines.
- Research and prototype novel attack techniques and defensive countermeasures, contributing findings to internal knowledge bases, threat models, and security engineering standards — driven by a proactive R&D mindset and continuous lookout for new research opportunities.
- Analyze source code using both manual review and AI-augmented static analysis to identify and mitigate security weaknesses, logic flaws, and injection vulnerabilities across polyglot codebases.
- Conduct offensive security assessments and penetration testing against applications, infrastructure, and AI/ML systems to identify exploitable vulnerabilities before adversaries do.
- Identify opportunities to automate and standardize information security controls using AI-driven pipelines, reducing manual effort and improving detection fidelity across supported groups.
Benefits
- medical, dental & vision coverage
- 401(k)
- life, accident, and disability insurance
- wellness programs
- paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
