Citi Group AVP - Cyber Threat Senior Analyst Hybrid 

Singapore, Singapore 

981749521

The Security Operations Center (SOC) Cyber Threat Analyst will be part of the Global SOC Team. This center operates 24x7, follow-the-sun model to monitor, analyze and respond to cyber attacks and information/data breaches. SOC Analysts are the critical first line of defense, in charge of monitoring Citi’s environment globally through state-of-the-art security detections tools, responding to security events and escalating security incidents that have potential impact to Citi.Responsibilities:

• Perform security monitoring, assessment and analysis on events generated by Intrusion Detection/Prevention tools, anomaly detection systems, antivirus and EDR systems, email security gateway, proxy devices, cloud security solution, data leakage prevention system via SIEM which requires demonstrable security incident response experience

• Assess and investigate potential security threats sourced from other channel leveraging variety of data and tools

• Drive a continuous effort to improve SOC process. Execute adhoc tasks or small projects as needed.

• Undertakes root cause analysis of events, perform risk assessment on threat or vulnerability and make recommendations to improve detection capability

• Drive a continuous effort to review and fine tune detection rule/use case/signature to reduce unnecessary noise and increase alert fidelity

• Handle threat incidents calls like DDOS incidents, adhoc high severity cases including collaboration and escalation to other support groups

• Participate in daily and adhoc conference calls, self-assessment processes and documentation related tasks

Qualifications:

• 4-8 years of relevant experience in Cyber

• Consistently demonstrates clear and concise written and verbal communication

• Proven influencing and relationship management skills

• Understand the life cycle of network threats, web attacks, attack vectors, and methods of exploitation.

• Ability to conduct analysis utilizing network traffic(packet capture), web logs, endpoint logs and others to identify unusual behavior that may indicate malicious activity.

• Proven and strong analytical skills

• Attentive to detail and possess a strong investigative mindset

• A good team player, self driven and able to act as individual contributor

• Consistently demonstrates clear and concise written and verbal communication

• Relevant cyber security certification is a bonus

Education:

• Bachelor’s degree/University degree or equivalent experience

This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.

Regular weekly work shift will include one of the weekends (e,g, Saturday, Sunday)

Time Type:

View the " " poster. View the .

View the .

View the