Citi Group Insider Threat Lead Analyst Hybrid 

United States, Florida, Jacksonville 

441168502

• I enjoy working in a creative and high-paced environment where no two days are the same
• I am self-aware and use this ability to stay flexible and direct my behavior positively
• I enjoy being part of a diverse, multicultural, and globally dispersed team
• I communicate openly with others, share my ideas constructively, and listen actively
• I value being surrounded by talented, committed, and supportive colleagues
• I want my work to be meaningful and impactful
• I like to solve problems collaboratively, to be challenged intellectually, and want to take charge of my own career
• I embrace change with agility and a positive attitude
  

• Collect Insider Threat intelligence from various sources relevant to the firm and the industry to conduct risk assessments.
• Analyze the insider risks and potential impact of an incident and make recommendations on controls and mitigation.
• Develop and lead training engagements based on identified internal and external Insider Threat trends, activities and methodologies.
• Brief findings from Insider Threat cases to improve behavioral baselines, update network analysis, and improve indicators to identify future threats.
• Assist with consultation engagements across CSIS investigations.
• Develop leads through engagements with global and regional partners.
• Update workflows and process to ensure alignment with CSIS investigation programs.
• Gather both technical and non-technical data, analyze information and draw conclusions supported by facts, and develop written reports of findings.
• Identify and incorporate technologies able to facilitate incident management and referrals.
• Create presentations and brief senior managers.
• Liaison with a broad network of partners and peer institution levels to develop best practices.
• Knowledge of a second language is plus.
• Create, develop, and update charter, runbooks, playbooks, workflows, processes, procedures, and other documentation as needed.
• Help track and manage metrics (KPIs/KRIs) to ensure the advancement of the program.
• Other duties as assigned.

• Minimum of 7 years of combined experience in Insider Threat, Counterintelligence, or Intelligence.
• Experience in analyzing and investigating insider threat incidents, identifying risks, and recommending controls.
• Familiarity of corporate insider threat tactics, techniques, and procedures.
• Familiarity with the Intelligence cycle.
• Proven track record of a taking a mitigation approach to detect and identify, assess, and manage an insider threat program or similar activity.
• Broad knowledge of business processes including business operations, information technology, security, fraud and misconduct investigations, and intelligence production.
• Experience in creating standard operating procedures, guidelines, processes, and intelligence product lines.
• Experience coordinating several projects simultaneously and oversee the execution of daily duties with minimal supervision.
• Strong organizational and facilitation skills.
• Experience in policy development, implementation, and training.
• Experience with enterprise level software tools to analyze large data sets and system logs.
• Experience with host-based insider threat detection tools and advanced analytic methodologies.
• Experience in advising senior management.
• Experience in working with Insider Threat regulations and information security reports.
• Proven track record of strategic thinking and finding business focused compliance solutions.
• Experience with enterprise level software tools to analyze large data sets and system logs (i.e. Splunk Microsoft Purview).
• Experience with host-based insider threat detection tools and advanced analytic methodologies (i.e. DTEX, Symantec DLP).

• Minimum BA, preferred, post graduate degrees welcomed
• Demonstrated self-starter and resourceful individual, with experience of operating in fast paced and dynamic operational settings.
• Broad professional experience, including prior international work experience/travel or experience working as part of a globally dispersed team an advantage.
• Excellent communication and presentation skills. Ability to effectively communicate, both orally and in writing, through all levels of the organization.
• Self-motivated with the ability and maturity to make decisions in the absence of detailed instructions.
• Ability to identify risk, notify stakeholders, and inform leadership of the risk posed along with courses of action.
• Ability to maintain client relationships to exceed client satisfaction related to CSIS Insider Threat services and products.
• Process oriented and able to develop and describe process to a broad audience of varied backgrounds.

• Insider Threat Program Manager certificate a plus.
• Some corporate experience a plus.

Anticipated Posting Close Date:

View the " " poster. View the .

View the .

View the