Cyber Security Analytics Content Developer

The primary responsibility of the Cyber Security Analytics Content Developer will be on the content development based on business requirements from Citi’s internal Security domains. This includes, but not limited to, design and develop content to be deployed in Splunk and/or ArcSight (deploy dashboards, reports, create alerts and product integration). This person must understand the high level principles around software development lifecycle and must be able to capture and articulate requirements and progress clearly. This is technical position that requires deep knowledge of security/network tools, insider threat and Big Data tools.

Experience Required:

• Must have strong and proven ArcSight and Splunk development skills

• Must understand Linux to be able to troubleshoot and support our internal applications

• Scripting on Bash and Python are a plus.

• Be able to write and troubleshoot complex Regular Expressions (Regex).

• Experience building Splunk applications General Knowledge on SIEM solutions/applications (ArcSight, Splunk ES)

• Splunk development certification is required

• CISSP certification is a plus

• Must be a self-starter and be able to manage their time against deliverables

• Proficient with Microsoft Office products including Visio, Word and Excel Advanced written and verbal communication skills

Job Summary: The candidate will be responsible to design, develop and support solutions that better align to Security Operations Center, Fusion Center, Intelligence Center, etc. The candidate primary focus will be content development for the applications in scope of the domain. This is a technical role that requires knowledge on network protocols, Operating Systems (Linux), scripting (SPL), big data platforms, UI visualizations.

Job Description: The candidate's primary responsibility will be on the content development based on business requirements from Citi’s internal Security domains. This includes, but not limited to, design and develop content to be deployed in Splunk and/or ArcSight (deploy dashboards, reports, create alerts and product integration). This person must understand the high level principles around software development lifecycle and must be able to capture and articulate requirements and progress clearly. This is technical position that requires deep knowledge of security/network tools, insider threat and Big Data tools.

Job Skills/Qualifications:

• Must have strong and proven ArcSight and Splunk development skills
• Must understand Linux to be able to troubleshoot and support our internal applications
• Scripting on Bash and Python are a plus.
• Be able to write and troubleshoot complex Regular Expressions (Regex).
• Experience building Splunk applications General Knowledge on SIEM solutions/applications (ArcSight, Splunk ES)
• Splunk development certification is required
• CISSP certification is a plus
• Must be a self-starter and be able to manage their time against deliverables
• Proficient with Microsoft Office products including Visio, Word and Excel Advanced written and verbal communication skills

-------------------------------------------------

Job Family Group:

Technology

-------------------------------------------------

Job Family:

Information Security

------------------------------------------------------

Time Type:

Full time

------------------------------------------------------

Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View the "EEO is the Law" poster. View the EEO is the Law Supplement.

View the EEO Policy Statement.

View the Pay Transparency Posting