Citi Group SOC Analyst - Level C12 

United States, Texas, Irving 

893169825

The Role:

The SOC Analyst - Level 1 is an intermediate level position responsible for leading efforts to prevent, monitor and respond to information/data breaches and cyber-attacks.The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy. The SOC Analyst - Level 1 is part of the SOC Team. The team monitors, analyzes and responds to cyber threats on a 24x7 basis.

Responsibilities

• Identify significant IS threats and vulnerabilities
• Follow Pre-defined actions to handle BAU and High severity issues including escalating to other support groups
• Execute daily ad-hoc tasks or lead small projects as needed
• Create and maintain operational reports for Key Performance Indicators and weekly and monthly metrics
• Perform assessments and provide troubleshooting to help isolate technical issues based on a dynamic threat landscape
• Participate in ad-hoc conference calls as needed to manage quality assurance and documentation related tasks
• Identify areas for tuning use cases to enhance monitoring value
• Engage with Fraud Policy, Operations, Strategy and other teams for early detection, prevention and mitigation of detected fraudulent activities
• Function as part of the Security Incident Response Team with incident investigations and aid in technical risk assessments
• Coordinate with system development and infrastructure units to identify Information Security (IS) risks and the appropriate controls for development, day-to-day operation, and emerging technologies
• Monitor vulnerability assessments and ethical hacks, ensuring that issues are addressed for the applications that they support
• Identify and develop new and improved technical procedures and process control manuals

Qualifications

• 3+ years' hands-on experience working in a SOC environment as it relates to the technologies and functions provided below
• Experience with SIEM tools like LogRythm, ArcSight, SumoLogic, Splunk, etc.
• Experience with EDR tools like SentinelOne, CrowdStrike, Microsoft Defender for Endpoint, etc.
• Experience working with Email Threat Protection tools such as Proofpoint, Ironscales, Darktrace, etc.
• Experience with Sandbox analysis tools (e.g., Datadog or comparable tools)
• Experience with PCAP analysis tools to determine malicious traffic
• Deep understanding of Intrusion Detection analysis (TCP/IP, packet level analysis) and Application Layer Protocols (HTTP)
• Advanced understanding of various operating systems (Windows/UNIX), and web technologies focused on Internet security
• Knowledge of current Cyber Fraud trends including common Account Takeover techniques and banking malware
• Knowledge of cutting-edge threats and technologies effecting Web Applications
• Knowledge of how Content Delivering Networks (CDN) work is a plus
• Understanding of or exposure to vulnerability assessment, penetration testing, or forensic analysis is a big plus
• Consistently demonstrates clear and concise written and verbal communication
• Proven influencing and relationship management skills
• Proven analytical skills

Education

• Bachelor’s degree/University degree or equivalent experience
• Certifications from EC-Council, GIAC, (ISC)² are preferred (e.g., CISSP, GCIA, CCNA)

This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.

Anticipated Posting Close Date:

View the " " poster. View the .

View the .

View the