SOC Cyber Threat Senior Analyst & Assistant Vice President

The Security Operations Center (SOC) Cyber Threat Analyst will be part of the Global SOC Team. This center operates 24x7, follow-the-sun model to monitor, analyze and respond to cyber-attacks and information/data breaches. SOC Analysts are the critical first line of defense, in charge of monitoring Citi’s environment globally through state-of-the-art security detections tools, responding to security events and escalating security incidents that have potential impact to Citi.

• Analyze security events to identify potential threats and intrusions. Events include but not limited to Intrusion Detection/Prevention tools, anomaly detection systems, Firewalls, Antivirus and EDR systems, proxy devices, cloud security solution and data leakage prevention system.
• Assess and investigate potential security threats sourced from other channel leveraging variety of data and tools.
• Drive a continuous effort to improve SOC process. Execute adhoc tasks or small projects as needed.
• Undertake root cause analysis of events, perform risk assessment on threat or vulnerability and make recommendations to improve detection capability.
• Drive a continuous effort to review and fine tune detection rule/use case/signature to reduce unnecessary noise and increase alert fidelity.
• Handle threat incidents call like DDOS incidents, adhoc high severity cases including collaboration and escalation to other support groups.
• Participate in daily and adhoc conference calls, self-assessment processes and documentation related tasks.
• Stay updated with the latest cybersecurity trends, emerging threats and technologies.

• 4-8 years of relevant experience in Cyber.
• Proven influencing and relationship management skills.
• Understand the life cycle of network threats, web attacks, attack vectors, and methods of exploitation.
• Ability to conduct analysis utilizing network traffic (packet capture), web logs, endpoint logs and others to identify unusual behavior that may indicate malicious activity.
• Proven and strong analytical skills.
• Attentive to detail and possess a strong investigative mindset.
• A good team player, self-driven and able to act as individual contributor.
• Consistently demonstrates clear and concise written and verbal communication.
• Relevant cybersecurity certification is a bonus.
• Regular weekly work shift will include one of the weekends (e.g., Saturday, Sunday).

• Bachelor’s degree/University degree or equivalent experience.

This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.

#LI-Hybrid

Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law.

If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View Citi’s EEO Policy Statement and the Know Your Rights poster.