The Security Operations Center (SOC) Cyber Threat Analyst will be part of the Global SOC Team. This center operates 24x7, follow-the-sun model to monitor, analyze and respond to cyber-attacks and information/data breaches. SOC Analysts are the critical first line of defense, in charge of monitoring Citi’s environment globally through state-of-the-art security detections tools, responding to security events and escalating security incidents that have potential impact to Citi.

Responsibilities:

• Analyze security events to identify potential threats and intrusions. Events include but not limited to Intrusion Detection/Prevention tools, anomaly detection systems, Firewalls, Antivirus and EDR systems, proxy devices, cloud security solution and data leakage prevention system.

• Assess and investigate potential security threats sourced from other channel leveraging variety of data and tools

• Drive a continuous effort to improve SOC process. Execute adhoc tasks or small projects as needed.

• Undertakes root cause analysis of events, perform risk assessment on threat or vulnerability and make recommendations to improve detection capability

• Drive a continuous effort to review and fine tune detection rule/use case/signature to reduce unnecessary noise and increase alert fidelity

• Handle threat incidents call like DDOS incidents, adhoc high severity cases including collaboration and escalation to other support groups

• Participate in daily and adhoc conference calls, self-assessment processes and documentation related tasks.

• Stay updated with the latest cybersecurity trends, emerging threats and technologies.

Qualifications:

• 4-8 years of relevant experience in Cyber

• Proven influencing and relationship management skills

• Understand the life cycle of network threats, web attacks, attack vectors, and methods of exploitation.

• Ability to conduct analysis utilizing network traffic (packet capture), web logs, endpoint logs and others to identify unusual behavior that may indicate malicious activity.

• Proven and strong analytical skills

• Attentive to detail and possess a strong investigative mindset

• A good team player, self-driven and able to act as individual contributor

• Consistently demonstrates clear and concise written and verbal communication

• Relevant cyber security certification is a bonus

• Regular weekly work shift will include one of the weekends (e,g, Saturday, Sunday)

Education:

• Bachelor’s degree/University degree or equivalent experience

This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.

#LI-Hybrid

Regular weekly work shift will include one of the weekends (e,g, Saturday, Sunday)

------------------------------------------------------

Job Family Group:

Technology

------------------------------------------------------

Job Family:

Information Security

------------------------------------------------------

Time Type:

Full time

------------------------------------------------------

Most Relevant Skills

Please see the requirements listed above.

------------------------------------------------------

Other Relevant Skills

For complementary skills, please see above and/or contact the recruiter.

------------------------------------------------------

Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law.

 

If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View Citi’s EEO Policy Statement and the Know Your Rights poster.