Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead application security initiatives and collaborate with diverse teams to enhance software security.
- Company: Join Citi, a global leader in finance with a commitment to innovation and community impact.
- Benefits: Enjoy competitive salary, 27 days leave, private medical care, and flexible hybrid work options.
- Why this job: Make a real impact on global finance while growing your career in a supportive environment.
- Qualifications: Bachelor's degree with 4-6 years in web development and strong knowledge of application security.
- Other info: Be part of a diverse team that values your unique contributions and fosters continuous learning.
The predicted salary is between 48000 - 72000 £ per year.
Discover your future at Citi
Working at Citi is far more than just a job. A career with us means joining a team of more than 230,000 dedicated people from around the globe. At Citi, you\’ll have the opportunity to grow your career, give back to your community and make a real impact.
Job Overview
Discover your future at Citi
Working at Citi is far more than just a job. A career with us means joining a team of more than 230,000 dedicated people from around the globe. At Citi, you\’ll have the opportunity to grow your career, give back to your community and make a real impact.
Job Overview
Engineer the future of global finance. At Citi, our Tech team doesn\’t just support finance – we are helping to redefine it. Every day, $5 trillion crosses through our network. We do business in 180+ countries operating at a scale few can match. From deploying advanced AI to helping shape global markets, we build systems that matter. Look to join a team where your work helps influence economies, your ideas can drive innovation and outcomes, and your growth is backed by mentorship, continuous learning and flexibility with potential hybrid work opportunities. Help solve real-world challenges that touch millions and get the opportunity to build the future of finance with Citi Tech.
Description:
The position is a cross-functional role that will be responsible for various Application Security program initiatives. The position reports directly to the Application Security Program Director. The successful candidate must be an individual who understands modern software development trends, understands engineering-led software security practices, and keeps up with the evolving cyber security threat landscape.
Key Responsibilities:
The candidate will be responsible for the aspects of the Application Security Program initiatives including but not limited to the following:
- Establish/manage multiple security programs that support the security testing requirements at the bank
- Forging and maintaining strong working relationships with development functions/teams, product delivery teams, project management, third party management, enterprise architecture, audit teams, etc.
- Participate in security and technology strategic planning to ensure identified risk governance is incorporated into the CISO enterprise strategy.
- In partnership with business sectors, run delegate action groups to provide recommendations to strengthen development processes and security testing
- Appropriately assess risk and provide software security advice when business decisions are made
- Interface with Application Security Program Team to oversee Program Projects and Initiatives and make strategic recommendations to senior manager on standards and policy changes
Qualifications
- Experience or deep knowledge of key activities within software security group such Threat Modeling / Application Risk Assessment, Vulnerability Assessments, Governance and Metrics, Training, etc.
- Pre-requisites for this position are a Bachelor\’s Degree with 4 – 6 years\’ experience in web application development or application code review
- Experience must include experience as a technical lead or manager
- Knowledge of cloud computing concepts and DevOps tools (OpenShift, Kubernetes, Docker, Chef, etc)
- Experience using or testing cloud platforms (AWS, Google, Azure, etc) and security in/of the cloud
- Understanding of security, web-based and infrastructure vulnerabilities is required
- Experience in source code management, build and deployment technologies such as RLM, Ueploy, Jenkins, Artifactory, Maven, GitHub, etc
- Experience conducting vulnerability assessments and articulating security issues to technical and non-technical audience.
- Understanding of Snyk, Checkmarx, CDXGen, Dependency Track, Fortify, GitHub Adcance Security, Sonatype or Black Duck platform is a plus.
- Knowledge of tools and processes used to expose common vulnerabilities and implement countermeasures is expected.
- Excellent communication skills (written and verbal) and the ability to communicate with all levels of staff and management are also essential.
- Demonstrated knowledge of recognized security industry standards and leading practices (e.g., FFIEC, NIST, C2M2, ISO)
- Relevant professional certifications: GIAC, CISA, CISM, CRISC, CISSP or equivalent desiredEffective strategic planning and execution abilities with exceptional planning, organizaDemonstratvanced and functional understanding of Security industry operations, technologies and sses.
Education:
- Bachelor\’s degree/University degree or equivalent experience
- Master\’s degree preferred
What we\’ll provide you
By joining Citi London, you will not only be part of a business casual workplace with a hybrid working model (up to 2 days working at home per week), but also receive a competitive base salary (which is annually reviewed), and enjoy a whole host of additional benefits such as:
- 27 days annual leave (plus bank holidays)
- A discretional annual performance related bonus
- Private Medical Care & Life Insurance
- Employee Assistance Program
- Pension Plan
- Paid Parental Leave
- Special discounts for employees, family, and friends
- Access to an array of learning and development resources
Visit our Global Benefits page to learn more.
Alongside these benefits Citi is committed to ensuring our workplace is where everyone feels comfortable coming to work as their whole self, every day. We want the best talent around the world to be energized to join us, motivated to stay and empowered to thrive.
LI-MR
–
Job Family Group:
Technology
–
Job Family:
Information Security
–
Time Type:
Full time
–
Most Relevant Skills
Please see the requirements listed above.
–
Other Relevant Skills
For complementary skills, please see above and/or contact the recruiter.
–
Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law.
If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.
View Citi\’s EEO Policy Statement and the Know Your Rights poster.
Application Security Technical Lead employer: Citi
Contact Detail:
Citi Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Application Security Technical Lead
✨Network Like a Pro
Get out there and connect with people in the industry! Attend meetups, webinars, or even just grab a coffee with someone who works at Citi. Building relationships can open doors that a CV just can't.
✨Show Off Your Skills
When you get the chance to chat with recruiters or during interviews, make sure to highlight your hands-on experience with application security tools and practices. Share specific examples of how you've tackled security challenges in past roles.
✨Research, Research, Research
Before any interview, dive deep into Citi's values, recent projects, and their approach to application security. This will not only impress your interviewers but also help you tailor your answers to align with their goals.
✨Apply Through Our Website
Don't forget to apply directly through the Citi careers page! It shows you're genuinely interested and gives you a better chance of being noticed by the hiring team. Plus, it’s super easy to navigate!
We think you need these skills to ace Application Security Technical Lead
Some tips for your application 🫡
Tailor Your Application: Make sure to customise your CV and cover letter for the Application Security Technical Lead role. Highlight your experience with software security practices and any relevant projects you've worked on. We want to see how your skills align with what we're looking for!
Showcase Your Technical Skills: Don’t hold back on showcasing your technical expertise! Mention your experience with cloud platforms, DevOps tools, and any vulnerability assessments you've conducted. This is your chance to shine and show us you know your stuff!
Communicate Clearly: Since excellent communication skills are essential for this role, make sure your application reflects that. Use clear and concise language, and don’t forget to proofread for any typos or errors. We appreciate attention to detail!
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way to ensure your application gets into the right hands. Plus, it shows us you're proactive and keen to join our team at Citi!
How to prepare for a job interview at Citi
✨Know Your Stuff
Make sure you brush up on your knowledge of application security practices and modern software development trends. Be ready to discuss specific tools and methodologies you've used, like threat modelling or vulnerability assessments, as this will show you're not just familiar with the concepts but have practical experience.
✨Build Relationships
Since the role involves forging strong working relationships with various teams, think about how you can demonstrate your interpersonal skills. Prepare examples of how you've successfully collaborated with development teams or project managers in the past, as this will highlight your ability to work cross-functionally.
✨Communicate Clearly
You’ll need to articulate complex security issues to both technical and non-technical audiences. Practice explaining some of your past projects or challenges in simple terms, so you can showcase your communication skills during the interview. Remember, clarity is key!
✨Stay Current
The cyber security landscape is always evolving, so be prepared to discuss recent trends or threats you've noticed. This shows that you're proactive and engaged in your field. Consider mentioning any relevant certifications or training you've pursued to keep your skills sharp.
