Whether you're at the start of your career or looking to discover your next adventure, your story begins here. At Citi, you'll have the opportunity to expand your skills and make a difference at one of the world's most global banks. We're fully committed to supporting your growth and development from the start with extensive on-the-job training and exposure to senior leaders, as well as more traditional learning. You'll also have the chance to give back and make a positive impact where we live and work through volunteerism.

Shape your Career with Citi

Citibank serves as a trusted advisor to our retail, mortgage, small business and wealth management clients at every stage of their financial journey. Through Citi's Access Account, Basic Banking, Citi Priority, Citigold and Citigold Private Client, we offer an array of products, services and digital capabilities to clients across the full spectrum of consumer banking needs worldwide.

We're currently looking for a high caliber professional to join our team as Senior SOC Cyber Threat Analyst based in Singapore. Being part of our team means that we'll provide you with the resources to meet your unique needs, empower you to make healthy decision and manage your financial well-being to help plan for your future. For instance:

We are seeking a highly skilled and experienced Senior SOC Cyber Threat Analyst to join our Cyber Threat team in the Security Operations Center (SOC). The Global SOC operates in a 24x7, follow the sun model and is the firm's first line of defense against evolving cyber threats, ensuring the safety and integrity of our digital assets. This role requires an individual with deep understanding of SOC processes, incident response, reviewing content/use case and security automation. As a senior analyst, the role would require coaching junior analysts in SOC and provide critical support to the management in handling cyber security incidents.

Responsibilities:

• Analyze security events to identify potential threats and intrusions. Events include but not limited to Intrusion Detection/Prevention tools, anomaly detection systems, Firewalls, Antivirus and EDR systems, proxy devices, cloud security solution and data leakage prevention system.
• Act as a Level 2 escalation point for incident triage, investigation, and response.
• Perform a holistic use cases review and tuning to enhance monitoring value and efficiency.
• Develop and maintain advanced security monitoring content such as detection rules, correlation use cases, and security alerts.
• Implement and optimize security automation to improve process efficiency and response times.
• Lead incident response activities including root cause analysis, containment and remediation efforts.
• Collaborate with security infrastructure teams to ensure effective integration of security technologies with operational processes.
• Create and maintain comprehensive documentation for SOC procedures.
• Participate in/support cyber drill, regulatory, audit requests.
• Provide mentorship for junior analysts within the SOC team.
• Stay updated with the latest cybersecurity trends, emerging threats and technologies.

Qualifications and desired qualities:

• Bachelor's degree or higher, major in Cybersecurity is a plus.
• Certifications: GCIA, GCIH, CISSP, CISM, GSEC or similar certification preferable.
• Strong investigative and analytical mindset with attention to details.
• A good team player, self driven and able to act as individual contributor.
• Consistently demonstrates clear and concise written and verbal communication.
• Manage work relationship with peers and partners.

Work Experience:

• 8+ years of relevant experience in Cybersecurity operations.
• Security Operations Center experience required.
• Understand the life cycle of network threats, web attacks, attack vectors, methods of exploitation and aware of the evolving of cyber threat landscape.
• Ability to conduct analysis utilizing various logs to identify unusual behavior that may indicate malicious activity.
• Good understanding of computer networks, email flow, and operating system logs.
• Experience with automation and scripting. Preferably in Powershell/Python.
• Experience in XSOAR platforms.

How You'll Succeed

Be conscientious and consistent in identifying security vulnerabilities and working with the respective engineering teams and stakeholders to provide sound guidance and remediations. Be a team player, and a keen learner.

Working at Citi is far more than just a job. A career with us means joining a family of more than 230,000 dedicated people from around the globe. At Citi, you'll have the opportunity to grow your career, give back to your community and make a real impact.

Take the next step in your career, apply for this role at Citi today

https://jobs.citi.com/dei