Expoint - all jobs in one place

Finding the best job has never been easier

Limitless High-tech career opportunities - Expoint

Citi Group Senior SOC Cyber Threat Analyst VP / Hybrid 
Singapore, Singapore 
396546647

22.11.2024

We are seeking a highly skilled and experienced Senior SOC Analyst to join our Cyber Threat team in the Security Operations Center (SOC). The Global SOC operates in a 24x7, follow the sun model and is the firm's first line of defense against evolving cyber threats, ensuring the safety and integrity of our digital assets. This role requires an individual with deep understanding of SOC processes, incident response, reviewing content/use case and security automation. As a senior analyst, the role would require coaching junior analysts in SOC and provide critical support to the management in handling cyber security incidents.Responsibilities:

  • Analyze security events to identify potential threats and intrusions. Events include but not limited to Intrusion Detection/Prevention tools, anomaly detection systems, Firewalls, Antivirus and EDR systems, proxy devices, cloud security solution and data leakage prevention system.

  • Act as a Level 2 escalation point for incident triage, investigation, and response.

  • Perform a holistic use cases review and tuning to enhance monitoring value and efficiency.

  • Develop and maintain advanced security monitoring content such as detection rules, correlation use cases, and security alerts.

  • Implement and optimize security automation to improve process efficiency and response times.

  • Lead incident response activities including root cause analysis, containment and remediation efforts.

  • Collaborate with security infrastructure teams to ensure effective integration of security technologies with operational processes.

  • Create and maintain comprehensive documentation for SOC procedures.

  • Participate in/support cyber drill, regulatory, audit requests.

  • Provide mentorship for junior analysts within the SOC team.

  • Stay updated with the latest cybersecurity trends, emerging threats and technologies.

The above serves as a basis for understanding the type of work performed. Ad-hoc duties may be assigned as required.

Qualifications and desired qualities:

  • Bachelor’s degree or higher, major in Cybersecurity is a plus.

  • Certifications: GCIA, GCIH, CISSP, CISM, GSEC or similar certification preferable.

  • Strong investigative and analytical mindset with attention to details.

  • A good team player, self driven and able to act as individual contributor.

  • Consistently demonstrates clear and concise written and verbal communication.

  • Manage work relationship with peers and partners.


Work Experience:

  • 8+ years of relevant experience in Cybersecurity operations.

  • Security Operations Center experience required.

  • Understand the life cycle of network threats, web attacks, attack vectors, methods of exploitation and aware of the evolving of cyber threat landscape.

  • Ability to conduct analysis utilizing various logs to identify unusual behavior that may indicate malicious activity.

  • Good understanding of computer networks, email flow, and operating system logs.

  • Experience with automation and scripting. Preferably in Powershell/Python.

  • Experience in XSOAR platforms.

Information Security


Time Type:

Full time

View the " " poster. View the .

View the .

View the