AVP - Cyber Threat Senior Analyst (Hybrid)3 CHANGI BUSINESS PARK CRESCENT CHANGI BUSINESS PARK SINGAPORECiti is a leading global bank for institutions with cross-border needs, a global provider in wealth management and a U.S. personal bank.
The Security Operations Center (SOC) Cyber Threat Analyst will be part of the Global SOC Team. This center operates 24x7, follow-the-sun model to monitor, analyze and respond to cyber attacks and information/data breaches. SOC Analysts are the critical first line of defense, in charge of monitoring Citi's environment globally through state-of-the-art security detections tools, responding to security events and escalating security incidents that have potential impact to Citi.
Responsibilities:Analyze security events to identify potential threats and intrusions. Events include but are not limited to Intrusion Detection/Prevention tools, anomaly detection systems, Firewalls, Antivirus and EDR systems, proxy devices, cloud security solutions and data leakage prevention systems.Assess and investigate potential security threats sourced from other channels leveraging a variety of data and tools.Drive a continuous effort to improve SOC processes. Execute ad-hoc tasks or small projects as needed.Undertake root cause analysis of events, perform risk assessment on threats or vulnerabilities and make recommendations to improve detection capability.Drive a continuous effort to review and fine-tune detection rules/use cases/signatures to reduce unnecessary noise and increase alert fidelity.Handle threat incident calls like DDoS incidents, ad-hoc high severity cases including collaboration and escalation to other support groups.Participate in daily and ad-hoc conference calls, self-assessment processes and documentation related tasks.Stay updated with the latest cybersecurity trends, emerging threats and technologies. Qualifications:4-8 years of relevant experience in Cyber.Consistently demonstrates clear and concise written and verbal communication.Proven influencing and relationship management skills.Understand the life cycle of network threats, web attacks, attack vectors, and methods of exploitation.Ability to conduct analysis utilizing network traffic (packet capture), web logs, endpoint logs and others to identify unusual behavior that may indicate malicious activity.Proven and strong analytical skills.Attentive to detail and possess a strong investigative mindset.A good team player, self-driven and able to act as an individual contributor.Relevant cybersecurity certification is a bonus. Education:Bachelor's degree/University degree or equivalent experience.This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.
Regular weekly work shift will include one of the weekends (e.g., Saturday, Sunday).
Job Family Group: Technology
Job Family: Information Security
Time Type: Full time
Citi is an equal opportunity and affirmative action employer. Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
#J-18808-Ljbffr