Application Security Automation Engineer

Employment Type

: Full-Time


: Engineering

The Application Security Automation Engineer provides automation services within Vulnerability Assessments (VA) to enhance internal security tooling. The candidate will primarily be working on creating enterprise level solutions that help streamline end-to-end processes for vulnerability identification, reporting and remediation by automating repetitive tasks. The enhancements introduced by the engineer in this role will instantly benefit internal Citi businesses and security testing teams. This role requires candidate to have strong development background and awareness in application security. The candidate needs to be a problem solver, analytical thinker, team player, and an effective communicator who is able to bridge business, technology, and security requirements.


  • Develop extensions to well-known security tools such as AppScan, Burp, Checkmarx, Qualys, and Archer by leveraging available API services. This requires development experience in various languages such as .NET, Java and Python.
  • Understand client requirements and support existing applications to reprogram,

    update, and add new features.

  • Write high quality source code in a fast-paced environment with minimal directions.
  • Create technical documents and user manuals for all applications.
  • Troubleshoot problems or defects within each solution and drive issues to resolution.
  • Conduct functional and non-functional testing.
  • Develop secure applications using modern frameworks and programming techniques to ensure that feature requests and functionalities are completed in a timely manner.
  • Identify key areas of automation within Vulnerability Assessment services and integrate them into existing automated tools ensuring consistent results are obtained.
  • Perform application security testing on various types of applications such as web, APIs (REST/SOAP/Micro services), thick clients, mobile, etc., inclusive of the supporting infrastructure components.
  • Qualifications:

  • Bachelor’s degree in Computer Science, Information Systems Management, or related field preferred.
  • At least 3-7 years of experience in development using programming languages such as Java, .NET, Python, JavaScript.
  • Experience with Spring Framework, Apache Struts, SOAP web services, RESTful API’s, Spring Boot, Spring Cloud.
  • Analytical thinking and problem-solving capabilities.
  • Experience with CI/CD tools and test automation using Selenium or similar.
  • Having a good understanding of security vulnerabilities of web-based, mobile and desktop applications is required.
  • Excellent communication skills (written and verbal) and the ability to communicate with all levels of staff and management are also essential.
  • -------------------------------------------------

    Grade :All Job Level - All Job FunctionsAll Job Level - All Job Functions - US


    * The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.

    Launch your career - Create your profile now!

    Create your Profile

    Loading some great jobs for you...