Advanced Cyber Defense Specialist

The Advanced Cyber Defense (ACD) team is a group inside the Citi Security Operations Center (SOC).  The ACD is a full-time threat hunt team that focuses on advanced threat analysis, custom threat detection techniques, process improvement and evaluation of new security tools and technology.  ACD team members are subject matter experts in multiple cyber security disciplines including threat hunting, content creation, network and end-point log analysis, malware analysis, Windows/Linux/Unix command line and scripting. 

ACD team member duties include but not limited to development of new SOC processes and procedures to enhance operations, research in emerging cyber security threats, participation, and contribution as a Subject Matter Expert (SME) in major security events and provide guidance to SOC Tier 1 and SOC Tier 2 analysts. Qualified candidates should have strong analytical skills, a proven network security background with knowledge of associated tools, and the ability to conduct analysis against samples of malicious files in a lab environment.

Principle Responsibilities:

Projects:

• Conduct research on new technology offerings and determine applicability in Citibank’s SOC.
• Evaluate and advise on the implementation and effectiveness of the cybersecurity safeguards to ensure that they provide the intended level of protection.
• Development of new tools, processes and procedures to enhance SOC monitoring and analysis capabilities

Process Improvement:

• Perform risk assessments and threat modelling to identify gaps in SOC monitoring capabilities and devise strategies to minimize the risk
• Conduct online research of the latest cyber threats and ensure those can be detected by existing in-house technologies

Automation:

• Identify redundant tasks and automate them to increase efficiency of the SOC team
• Utilize SOAR to develop playbooks for automating complex use cases

Requirements:

The ideal candidate should have Security Operations Center / Threat Hunt / Incident Response experience.

They should be able to perform the SOC analyst Tier 3 duties in addition to following experience and advanced threat analysis skills:

• 8+ years working in the security & operations fields
• Bachelor's Degree or higher preferred
• Possess strong fundamental knowledge of network (TCP/IP) and operating system (Windows/Linux)
• Hands-on experience with cyber security solutions; SIEM, AV, NIDS, EDR etc
• Ability to investigate network traffic, read and interpret logs and packet captures
• Ability to investigate email threats; Email sample analysis, handling phishing campaigns
• Experience in web/shell programming and debugging codes
• Experience in cloud computing and security controls
• Familiar with malware and memory analysis techniques
• Critical thinking and analytical skills
• Good written and oral communications skills
• Leadership skills that support self-engagement, individual development and uphold the team’s mission

Benefits

• Competitive compensation package with added benefits:
  • Private Medical Care Program and onsite medical rooms in our building
  • Company laptop
  • Pension Plan Contribution to Voluntary Pension Fund
  • Group Life Insurance
  • Parental Leave Program
• Flexible work arrangements in an organization that acknowledges life - work balance
• Career management and mentoring by senior colleagues and leaders
• Inclusive and friendly corporate culture where gender diversity and equality are widely recognized
• A socially active team and communities with diverse networking opportunities

Your journey at Citi begins here – apply now!

-------------------------------------------------

Job Family Group:

Technology

-------------------------------------------------

Job Family:

Information Security

------------------------------------------------------

Time Type:

Full time

------------------------------------------------------

Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View the "EEO is the Law" poster. View the EEO is the Law Supplement.

View the EEO Policy Statement.

View the Pay Transparency Posting