Why This Team
The Chief Information Security Office (CISO) is home to deeply talented colleagues that work to ensure the safety of Citi's clients, revenue, employees, and proprietary data. We manage information security as one end‑to‑end program – one with a clear mandate and accountability. Our mission is a program fully anchored to modern control and architectural frameworks, fully aligned with the enterprise architecture of the firm, and deeply integrated into the businesses and functions.
AI Security Specialist
AI models can now autonomously discover and exploit zero‑day vulnerabilities in production software — and we’re building the defensive capability to match. We’re hiring across four CISO teams working at the intersection of AI and cyber security.
What Makes This Different
* AI‑driven vulnerability management. When frontier models can generate thousands of findings in a weekend, the bottleneck shifts from discovery to triage, verification, and remediation. We’re building the pipeline that makes this sustainable.
* Security architecture for the AI era. Defining how a global bank deploys, monitors, and governs agentic AI – from standards and evaluation frameworks to production runtime monitoring.
* AI at scale, not in a lab. Citi has deployed AI tools to 180,000+ employees, equipped 30,000 developers with AI coding assistants, and is rolling out agentic AI capabilities firm‑wide. Securing that footprint and the platforms that underpin them is the job.
* Securing AI agents that can behave like insider threats. Frontier models can harvest credentials, escape sandboxes, and adapt when they detect monitoring. We’re designing the containment architectures and runtime controls to operate them safely at enterprise scale.
* Real security engineering. This isn’t a cyber seat where you’ll spend your time in administration. You will be expected to understand the code, the architecture, the threats, and find solutions. You’ll have the mandate and the backing to build something meaningful.
What You’ll Work On
* Offensive Security & Vulnerability Management — AI‑assisted pen testing at a scale previously impossible. Automated exploit validation. Bridge the gap from "AI found a vulnerability" to "the application team has a PR to fix it."
* AI & Emerging Technology Security — Define how the bank deploys AI safely. Security architecture and assurance for new implementations, plus building the next generation of AI‑powered tools for our CISO colleagues. Test new models at the cutting edge of creation and influence.
* Cyber Security AI Services — Own the AI products CISO depends on in production — security assurance, cyber security operations, governance and controls, vulnerability assessment. Keep them reliable, evolve them fast.
* Cyber Security Operations — Detection, triage, and response for a world where adversaries use AI to find and exploit vulnerabilities faster than traditional detection can keep up. Behavioral analytics for AI agents. Playbooks for AI‑originated attack scenarios.
What We’re Looking For
* AI/ML Engineering — Hands‑on LLM API experience (context management, tool use, evaluation, failure modes). Agentic systems design. AI safety at the infrastructure level, not just the prompt level.
* Cyber Security — Vulnerability research, exploit development, or pen testing with real depth. Detection engineering for novel attack patterns. Threat modelling (STRIDE, ATT&CK). Security architecture.
* Software Engineering — Built and operated production systems, not just prototypes. Strong Python and/or systems programming. Bonus if comfortable reading disassembly or tracing through kernel code.
* Research & Communication — Can digest dense technical research and turn it into actionable security recommendations. Published research, conference talks, or open‑source contributions.
* Mindset — Love to engineer solutions to problems versus purchasing tools, and see problems as opportunities.
* At any level: genuinely curious, comfortable with ambiguity, biased toward building, able to work across disciplines.
Levels
* Assistant Vice President (C12 Mid – Senior Level): 5‑7+ years. Own workstreams end‑to‑end with real autonomy.
* Vice President (C13 Senior – Lead/Staff Level): 8‑10+ years. Define technical approach, make architectural decisions, mentor others.
* Senior Vice President (C14 Lead/Staff – Principal Level): 10+ years. Set technical direction for a function and influence the firm’s approach to AI security.
Why Citi, Why Now
* Real and urgent. Not an innovation lab. The threats are active, the work ships into production, and it protects one of the world’s largest financial institutions.
* Technical teams. These are engineering‑led functions. Small teams, high autonomy, minimal governance overhead.
* Strong mandate. Executive sponsorship to move fast.
* Unique scope. Very few organizations operate at this intersection at this scale.
Education
* Bachelor’s degree/University degree or equivalent experience
* Master’s degree preferred
We Offer
* 27 days annual leave (plus bank holidays)
* Discretionary annual performance‑related bonus
* Private Medical Care & Life Insurance
* Employee Assistance Program
* Pension Plan
* Paid Parental Leave
* Special discounts for employees, family, and friends
* Access to an array of learning and development resources
Visit our Global Benefits page to learn more.
Alongside these benefits Citi is committed to ensuring our workplace is where everyone feels comfortable coming to work as their whole self, every day. We want the best talent around the world to be energized to join us, motivated to stay and empowered to thrive.
Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law.
If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.
View Citi’s EEO Policy Statement and the Know Your Rights poster.
#J-18808-Ljbffr