Job Description

The Security Operations Center (SOC) Cyber Threat Analyst will be part of the Global SOC Team. This center operates 24x7, follow-the-sun model to monitor, analyze and respond to cyber attacks and information/data breaches. SOC Analysts are the critical first line of defense, in charge of monitoring Citi\xe2\x80\x99s environment globally through state-of-the-art security detections tools, responding to security events and escalating security incidents that have potential impact to Citi.Responsibilities:Perform security monitoring, assessment and analysis on events generated by Intrusion Detection/Prevention tools, anomaly detection systems, antivirus and EDR systems, email security gateway, proxy devices, cloud security solution, data leakage prevention system via SIEM which requires demonstrable security incident response experienceAssess and investigate potential security threats sourced from other channel leveraging variety of data and toolsDrive a continuous effort to improve SOC process. Execute adhoc tasks or small projects as needed.Undertakes root cause analysis of events, perform risk assessment on threat or vulnerability and make recommendations to improve detection capabilityDrive a continuous effort to review and fine tune detection rule/use case/signature to reduce unnecessary noise and increase alert fidelityHandle threat incidents calls like DDOS incidents, adhoc high severity cases including collaboration and escalation to other support groupsParticipate in daily and adhoc conference calls, self-assessment processes and documentation related tasksQualifications:4-8 years of relevant experience in CyberConsistently demonstrates clear and concise written and verbal communicationProven influencing and relationship management skillsUnderstand the life cycle of network threats, web attacks, attack vectors, and methods of exploitation.Ability to conduct analysis utilizing network traffic(packet capture), web logs, endpoint logs and others to identify unusual behavior that may indicate malicious activity.Proven and strong analytical skillsAttentive to detail and possess a strong investigative mindsetA good team player, self driven and able to act as individual contributorConsistently demonstrates clear and concise written and verbal communicationRelevant cyber security certification is a bonusEducation:Bachelor\xe2\x80\x99s degree/University degree or equivalent experienceThis job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.#LI-HybridRegular weekly work shift will include one of the weekends (e,g, Saturday, Sunday)Job Family Group: TechnologyJob Family: Information SecurityTime Type: Full timeCiti is an equal opportunity and affirmative action employer.Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.Citigroup Inc. and its subsidiaries ("Citi\xe2\x80\x9d) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review .View the " " poster. View the .View the .View the

Citigroup