Citi Group Intelligence Senior Analyst - C12 DUBLIN 

United States, Indiana 

132610157

TheCiti Cyber Intelligence Center (CIC)

The Intelligence Senior Analyst is an intermediate level position responsible for leading efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy.

Responsibilities:

• Actively monitor and research cyber threats with a direct or indirect impact to Citi and examine associated tools, techniques, and procedures (TTP) to reconstruct attacker workflows.
• Produce quality, timely, and actionable alerts that drive decision making across the firm.
• Extensive knowledge of Indicators of Compromise (IOCs) and ability to conduct pivots via paid and open-source tooling.
• Map threats to the MITRE ATT&CK framework and communicate effective mitigation procedures where appropriate.
• Expand research and information scope using common enrichment platforms, including creating YARA rules for indicator pivoting and hunting.
• Produce actionable cyber threat intelligence products using a variety of internal and external sources that describe trends and shifts in the cyber threat landscape.
• Support CIC requests and investigations and interact with global Citi CIC and Citi Cyber Security Fusion Center staff members in a Follow-the-Sun model.
• Regularly provide intelligence briefs to technical, non-technical, and senior-level audiences.

Requirements:

• Has 1-3 years of experience working in a technical analysis function including but not limited to threat hunting, malware analysis, forensics, or incident response.
• Maintains technical proficiency in the use of tools, techniques, and countermeasures. Evaluates tools, services, and processes to enhance the team’s threat analysis capability.
• Ability to discern patterns of threat actor behavior at the technical level. Deep understanding of threat actor capabilities, motivations, and tool sets to assess risk.
• Experience with threat intelligence vendors and platforms
• Maintains an understanding of the threat intelligence lifecycle.
• Must possess strong writing, and critical thinking/analysis skills.
• Must be a self-starter, self-motivated and able to work independently with little oversight in a fast-paced, operationally focused environment.
• Bachelor’s degree/University degree or equivalent experience, preferably in one of the following areas: cybersecurity / information security / information technology / computer science

Preferred Qualifications:

• Has a minimum of 2+ years of experience working in a cyber threat intelligence related function (defense/law enforcement/private sector).
• Certifications, including CISSP, GIAC’s GREM, GCFA and/or GCTI.
• Graduate degree in one of the following areas: cybersecurity / information security / information technology / computer science.
• Previous work in financial industry.
• Basic knowledge of financial payment systems (example: SWIFT).

This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.

Time Type:

View the " " poster. View the .

View the .

View the