Jobs
City logoCity

Digital Forensic Investigator (Hybrid)

The CSIS Lead Investigator is a strategic professional who stays abreast of developments within own field and contributes to directional strategy by considering their application in own job and the business. Recognized technical authority for an area within the business. Requires basic commercial awareness. There are typically multiple people within the business that provide the same level of subject matter expertise. Developed communication and diplomacy skills are required in order to guide, influence and convince others, in particular colleagues in other areas and occasional external customers. Significant impact on the area through complex deliverables. Provides advice and counsel related to the technology or operations of the business. Work impacts an entire area, which eventually affects the overall performance and effectiveness of the sub-function/job family.Responsibilities:

  • An Investigator will be responsible for the coordination and investigation of high level fraud matters and/or network security incidents.
  • Conduct digital computer forensic investigations of Information and Network Security Incidents raised by cyber security units within the firm.
  • Conduct detailed analysis of incidents utilizing various digital forensic tools on computers, servers, and networks.
  • Conduct code analysis and knowledge of the software development lifecycle.
  • Collect and analyze digital forensic artifacts.
  • This role will utilize sophisticated expertise in investigative interviewing, fraud identification, loss prevention, network security, cyber enabled fraud, to identify fraud activities, schemes, trends and organized rings that create a risk to our firm, its employees, shareholders, systems, assets and clients.
  • Conduct proactive, complex, variable and high profile/sensitive investigations with the goal of developing cases to a successful conclusion and providing timely fraud preventive intelligence to business and functional partners.
  • Actively engage partners and management to ensure they are kept apprised of any significant changes during the progress of an investigation
  • Responsible for the recovery of losses through court ordered restitution, property or direct payment by suspects
  • Build external relationships with members of law enforcement, industry peers and other sources of support
  • Engage with internal and external suspects, witnesses and third parties through interview and interrogation, evidence collection and forensic examination
  • Represent Citi in criminal and civil court matters and have the ability to show knowledge and provide accurate and supportive testimony
  • Mentor and train junior staff members
  • Brief others on an ongoing investigations/investigative projects
  • Has the ability to operate with a limited level of direct supervision.
  • Can exercise independence of judgement and autonomy.
  • Acts as SME to senior stakeholders and /or other team members.
  • Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.

Qualifications:

  • 6-10 years of experience
  • Knowledge of Network Forensic tools (Encase, FTK, etc.) and investigation techniques.
  • Strong background and understanding of Computer Science, Computer / Network Security, Information Security.
  • Strong understanding of Windows/Linux (server/desktop) operating systems, network components such as switches, routers, firewalls.
  • In-depth experience with digital artifact analysis, registry, event logs, and other log files.
  • In-depth knowledge of file systems.
  • Ability to conduct investigative interviews and recording techniques that tie the facts and evidence together.
  • Experience investigating complex and variable case(s) that has substantial impact.
  • Understanding of forensic and eDiscovery processes and procedures to include the collection, examination, and analysis of data while preserving integrity and maintaining a strict chain of custody.
  • Experience representing/testifying in criminal and civil court matters
  • Conveys mastery of investigative concepts
  • Demonstrated report writing that would present the case and evidences gathered in a cohesive and comprehensive manner
  • Knowledge of financial products, frauds and trends
  • Previous US Intelligence, military, law enforcement, law firm or government service background
  • Experience working in an in-house investigations team
  • Cybersecurity or IT certifications ( (GIAC, CISSP, CEH, CCNA, etc)
  • Proficiency in Microsoft Office products - Word, Excel, Outlook, PowerPoint, & SharePoint for compiling written reports and spreadsheets on an investigation
  • Flexibility to work on call off hours/weekends during critical project phases, if necessary

Education:

  • Bachelors degree, potentially Masters degree

This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.

Experience Preferred

  • Graduate degree (US only)
  • Cybersecurity or IT certifications (GIAC, CISSP, CEH, CCNA, etc).
  • 7 Years experience as a Cyber Investigator for a local, state, or federal law enforcement, military, or intelligence agency and/or 5 – 7 years of experience as a Cyber Investigator with any major global firm.
  • Experience with Virtualization and cloud concepts.
  • Memory collection and analysis from various platforms.
  • Hands-on experience with a DFIR toolset and related scripting.
  • Hands-on work experience with Security Operations Center tools (SIEM, SOAR, EDR tools etc.), methods, and procedures.
  • Scripting/programming (Python, PowerShell etc.) knowledge.
  • Familiarity with Large Networks, including but not limited to IDS, Proxy, and DNS logs.
  • Proficiency in Microsoft Office products - Word, Excel, Outlook, PowerPoint, & SharePoint for compiling written reports and spreadsheets on an investigation
  • Experience representing/testifying in criminal and civil court matters.

-------------------------------------------------

Job Family Group:

Corporate Services

-------------------------------------------------

Job Family:

Investigations

------------------------------------------------------

Time Type:

Full time

------------------------------------------------------

Primary Location:

New York New York United States

------------------------------------------------------

Primary Location Salary Range:

$125,540.00 - $188,310.00

------------------------------------------------------

Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View the "EEO is the Law" poster. View the EEO is the Law Supplement.

View the EEO Policy Statement.

View the Pay Transparency Posting

Cyber Security Jobs by Category

Full Time jobsForensic jobsWindows jobs

Cyber Security Salaries

Full Time SalaryForensic SalaryWindows Salary