Citi Group Senior SOC Analyst – Level VP C13 

United States, Texas, Irving 

498392730

The Role:

Theis responsible for leading efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy. This role is part of the SOC Team responsible for peer reviewing Level 1 work and escalating cyber threats to other SOC Teams on abasis.

Responsibilities

• Identify significant IS threats and vulnerabilities
• Follow Pre-defined actions to handle BAU and High severity issues including escalating to other support groups
• Execute daily ad-hoc tasks or lead small projects as needed
• Create and maintain operational reports for Key Performance Indicators and weekly and monthly metrics
• Perform assessments and provide troubleshooting to help isolate technical issues based on a dynamic threat landscape
• Participate in ad-hoc conference calls as needed to manage quality assurance and documentation related tasks
• Identify areas for tuning use cases to enhance monitoring value
• Engage with Fraud Policy, Operations, Strategy and other teams for early detection, prevention and mitigation of detected fraudulent activities
• Function as part of the Security Incident Response Team with incident investigations and aid in technical risk assessments
• Coordinate with system development and infrastructure units to identify Information Security (IS) risks and the appropriate controls for development, day-to-day operation, and emerging technologies
• Monitor vulnerability assessments and ethical hacks, ensuring that issues are addressed for the applications that they support
• Identify and develop new and improved technical procedures and process control manuals

Qualifications

• 6+ years' hands-on experience working in a SOC environment as it relates to the technologies and functions provided below
• Experience with SIEM tools like LogRythm, ArcSight, SumoLogic, Splunk, etc.
• Experience with EDR tools like SentinelOne, CrowdStrike, Microsoft Defender for Endpoint, etc.
• Experience working with Email Threat Protection tools such as Proofpoint, Ironscales, Darktrace, etc.
• Experience with Sandbox analysis tools (e.g., Datadog or comparable tools)
• Experience with PCAP analysis tools to determine malicious traffic
• Deep understanding of Intrusion Detection analysis (TCP/IP, packet level analysis) and Application Layer Protocols (HTTP)
• Advanced understanding of various operating systems (Windows/UNIX), and web technologies focused on Internet security
• Knowledge of current Cyber Fraud trends including common Account Takeover techniques and banking malware
• Knowledge of cutting-edge threats and technologies effecting Web Applications
• Knowledge of how Content Delivering Networks (CDN) work is a plus
• Understanding of or exposure to vulnerability assessment, penetration testing, or forensic analysis is a big plus
• Consistently demonstrates clear and concise written and verbal communication
• Proven influencing and relationship management skills
• Proven analytical skills

Education

• Bachelor’s degree/University degree or equivalent experience
• Certifications from EC-Council, GIAC, (ISC)² are preferred (e.g., CISSP, GCIA, CCNA)

This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.

Anticipated Posting Close Date:

View the " " poster. View the .

View the .

View the