Citi Group Lead Fraud SIEM Content Developer SVP C14 

United States, Florida, Tampa 

797976446

Lead Fraud SIEM Lead Content Developeris a senior lead level position critical to driving our proactive defense against fraud-related information/data breaches and cyber-attacks. This role is responsible for leading a team of Splunk ES content developers focused on building and maintaining a robust and effective fraud detection capability within our Security Operations Center (SOC).

Responsibilities

• Lead and mentor a team of Splunk ES developers, fostering a collaborative and high-performing environment
• Define and maintain the overall architecture and roadmap for Splunk ES content related to fraud detection, ensuring alignment with the SOC's strategic objectives
• Stay abreast of emerging fraud trends, attack vectors, and industry best practices to continuously enhance the team's detection capabilities
• Oversee the design, development, testing, and implementation of high-fidelity Splunk ES alerts and dashboards specifically tailored for fraud detection use cases
• Ensure content is well-documented, easily maintainable, and adheres to established coding standards and best practices
• Collaborate closely with SOC analysts to understand their operational workflows and tailor content to meet their investigative needs
• Partner with various internal teams (e.g., Applications Development, Threat Intelligence, and Incident Response) to integrate fraud detection capabilities into existing security processes
• Communicate effectively with both technical and non-technical stakeholders across different levels of the organization, providing regular updates on the team's progress and addressing any concerns
• Continuously evaluate and recommend new and emerging technologies that can enhance the team's ability to detect and respond to sophisticated fraud attempts

Qualifications

• 8+ years' experience performing Security Event monitoring and analysis specifically around Fraud incidents and events monitoring
• Strong understanding of fraud detection methodologies, techniques, and tools, with a focus on leveraging Splunk ES to its full potential
• Experience working in a financial services large-scale or enterprise environment
• Proven experience as a Security Architect or Application Architect with deep knowledge of security principles and best practices
• Extensive experience with Splunk ES, including content development, dashboarding, and alert creation
• Strong scripting skills (e.g., Python, PowerShell) for automating tasks and integrating with other security tools
• Demonstrated ability to lead and motivate technical teams, providing guidance, mentorship, and support
• Excellent communication skills, both written and verbal, with the ability to effectively convey complex technical information to diverse, technical and non-technical audiences
• Advanced analytical and problem-solving skills, with a proven ability to identify and troubleshoot complex technical issues
• Strong attention to detail and commitment to delivering high-quality work

Education

• Bachelor's degree/University degree in Computer Science, Information Security, or a related field, or equivalent experience.
• Relevant industry certifications (e.g., Splunk Certified Architect, CISSP, CISM) are highly preferred or willingness to obtain certification within first 12-18 months of employment

This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.

Anticipated Posting Close Date: