Security Operations Center (SOC) Cyber Security Fraud Manager (VP)

This position requires strong leadership and prior experience in operating a full-featured Security Operations Center (SOC) using a wide variety of security tools for monitoring a large-scale enterprise environment.

This role requires a highly motivated manager who possesses a strong leadership background and the ability to manage a diverse team of SOC L1 Analysts in a 24x7x365 SOC, responsible for ensuring the security of a large-scale network. This individual must be able to manage all activities of the SOC Cyber Fraud L1 Team and must be able to ensure that the Team is performing all required tasks in accordance with defined policies, standards, and security best practices.

This role requires the manager to provide appropriate updates to his/her management regarding security event handling, trends, analysis, incident response resolutions and lessons learned. In order to be considered as a successful candidate this person must be able to demonstrate the proper knowledge and leadership skill to support the role.

Most importantly this individual must have very good communication skills, including the ability to write and verbally articulate industry terminology to successfully brief management staff. To best perform this role the candidate will be required to stay up to date with current vulnerabilities, attacks, online banking frauds and countermeasures, along with staying current with all security related news and developments.

The ideal candidate will be a technically experienced and innovative security professional who has the ability and experience to lead a team of security professionals and execute broad security goals within a global team. Candidates should be experience coaching team members at all levels (analyst, team lead, manager).

Responsibilities:

• The analyst performs monitoring, research, assessment and analysis of Digital Fraud Attacks leveraging various Security Event Monitoring platforms including Web Threat Detection, Real Time Fraud Risk Assessment, Big Data and Digital Application Monitoring tools (ArcSight, Splunk, SAS, Teradata, and enterprise real time fraud detection tools.). Previous experience in cyber security operations or incident response is required.

• Follow Pre-defined actions to handle BAU and High severity issues including escalating to other support groups.

• Execute daily ad-hoc tasks or lead small projects as needed.

• Create and maintain operational reports for Key Performance Indicators and weekly and monthly metrics.

• Perform assessment as well as troubleshooting to help isolate technical issues with the integration of fraud monitoring technologies

• Participate in daily and ad-hoc conference calls to manage quality assurance and documentation related tasks.

• Identify areas for tuning use cases to enhance monitoring value.

• Engage with Fraud Policy, Operations, Strategy and other teams for early detection, prevention and mitigation of detected fraudulent activities.

Job Skills/Qualifications:

• 6+ years of experience working in the security & operations fields.

• 2-4 years of Team Lead/Managerial Experience

• Ability to communicate effectively both orally and in writing.

• Strong knowledge of current Cyber Fraud trends including common Account Takeover techniques and banking malware.

• Deep understanding of Intrusion Detection analysis (TCP/IP, packet level analysis) as well as Application Layer Protocols (HTTP). Advanced understanding of various operating systems (Windows/UNIX), and web technologies (focusing on Internet security).

• Knowledge of cutting-edge threats and technologies affecting Web Applications.

• Experience with Big Data Technologies, ETL Tools, Data Warehouse and Business Intelligence technologies is preferred.

• Experience with any scripting language (Python, Perl, VBScript) is a plus.

• Experience with vulnerability assessment as well as penetration testing or forensic analysis fields is a plus

• Certifications from EC-Council, GIAC, (ISC)² are preferred [CISSP, C|EH, GCIA, CCNA].

Education:

• Bachelor’s degree/University degree or equivalent experience

-------------------------------------------------

Job Family Group:

Technology

-------------------------------------------------

Job Family:

Information Security

------------------------------------------------------

Time Type:

Full time

------------------------------------------------------

Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View the "EEO is the Law" poster. View the EEO is the Law Supplement.

View the EEO Policy Statement.

View the Pay Transparency Posting