Chief Cyber ​​Threat Intelligence Analyst, VP (C13) at Citi – 388 GREENWICH STREET – TOWER

About Citi:

Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi offers consumers, corporations, governments and institutions a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services and asset management.

As a bank with a brain and a soul, Citi creates economic value that is systemically responsible and in the best interests of our customers. As a financial institution that touches every region of the world and every sector that shapes your daily lives, our Enterprise Operations & Technology teams are charged with a mission that rivals any major technology company. Our technology solutions are at the heart of everything we do, from keeping the bank safe, managing global resources and providing the technical tools our employees need to succeed, to architecting our digital architecture and ensuring our platforms deliver a world-class customer experience. We are reimagining customer and partner experiences to deliver excellence through secure, reliable and efficient services.

Our commitment to diversity includes a workforce that represents the clients we serve from all walks of life, backgrounds and origins. We foster an environment where the best people want to work. We value and demand respect for others, promote individuals based on merit and ensure that opportunities for personal development are available to all. Ideal candidates are innovators with diverse backgrounds who bring their authentic selves to work and proudly complement our culture of delivering results. If you are a problem solver who seeks passion in your work, join us. Together, we enable growth and progress.

The role:

The Citi Cyber ​​Intelligence Center (CIC) is part of the Chief Information Security Office (CISO) and is responsible for analyzing cyber threat intelligence designed to increase Citi’s cyber threat awareness and defense levels by providing awareness, indications, alerts and operational readiness. The CIC protects the Citi brand, global operations, technology infrastructure and client trust from cyber threats worldwide. In support of this mission, the CIC Analysis Team is responsible for delivering a variety of cyber threat alerts, reports, briefings and other products and services to Citi stakeholders.

The team:

The CIC Technology Team focuses on all phases of the Threat Intelligence landscape, both operational and technical. This includes initial triage of paid and open source intelligence sources, enrichment of reporting to add more value to the intelligence communicated to our clients, and establishing technical rules (e.g. YARA) as a means to identify new and emerging threats. The team focuses on three main areas of intelligence: SOC (primarily IOC driven and technical understanding of actors, TTPs and malware), Third Party Compromise (primarily client and vendor driven with the potential impact to Citi of these compromises) and Vulnerability Assessments (discovery of new/emerging vulnerabilities and tracking of reported vulnerabilities for Proof-of-Concepts and in-the-wild exploitation).

Responsibilities

  • Actively monitor and investigate cyber threats that have a direct or indirect impact on Citi and examine associated tools, techniques and procedures (TTP) to reconstruct attacker workflows
  • Produce timely, high-quality, actionable alerts that drive decision-making across the enterprise
  • Analyze Indicators of Compromise (IOCs) and perform pivots via paid and open-source tools
  • Map threats to the MITRE ATT&CK framework and communicate effective mitigation procedures as needed
  • Expand the scope of research and information using common enrichment platforms, including establishing YARA rules for indicator rotation and hunting
  • Produce actionable cyber threat intelligence products using a variety of internal and external sources that describe trends and shifts in the cyber threat landscape
  • Evaluates tools, services and processes to improve the team’s threat analysis capabilities
  • Support Cyber ​​Intelligence Center (CIC) requests, investigations, and collaboration with global Citi CIC, Citi Fusion Center, SOC, and VA staff in a Follow-the-Sun model
  • Provide regular information letters to technical, non-technical and executive stakeholders

Qualifications

  • Minimum 5 years of experience in Cyber ​​Threat Intelligence is required
  • Hands-on experience and advanced knowledge of the Threat Intelligence Lifecycle, the MITRE ATT&CK framework, and Cyber ​​Threat Actor capabilities, motivations, and toolsets to assess risk
  • Ability to discern patterns in the behavior of threatening actors at a technical level
  • 3+ years of experience performing technical analysis including but not limited to threat hunting, malware analysis, forensics or incident response preferred
  • Strong technical proficiency in the use of tools, techniques and countermeasures
  • Experience analyzing information from threat intelligence vendors and platforms
  • Must possess strong written and oral communication skills
  • Ability to work independently with little supervision in a large, fast-paced, operationally focused environment
  • Previous experience in the financial sector is a plus
  • Basic knowledge of financial payment systems (e.g. SWIFT) is a plus

Education

  • Bachelor’s/university degree or equivalent experience, preferably in one of the following fields: cybersecurity, information security, information technology, computer science, etc.
  • One of these certifications is preferred: CISSP, GIAC’s GREM, GCFA and/or GCTI

This job description provides a high-level overview of the types of work performed. Other duties related to the position may be assigned as needed.

—————————– —-

Functional family group:

Technology

—————————– —-

Function family:

Information security

—————————– —-

Time type:

Full-time

—————————– —-

Primary location:

New York New York United States

—————————– —-

Salary range for a full-time position in the primary location:

$142,320.00 – $213,480.00

In addition to salary, Citi’s offerings may also include discretionary and formulaic incentive and retention awards for eligible employees. Citi offers competitive employee benefits, including: medical, dental and vision coverage; 401(k); life, accident and disability insurance; and wellness programs. Citi also offers paid time off packages, including scheduled leave (vacation), unscheduled leave (sick leave) and paid holidays. For more information about Citi employee benefits, visit citibenefits.com. Available offerings may vary by jurisdiction, job level and date of hire.

—————————– —-

Expected closing date for placement:

September 11, 2024

—————————– —-

Citi is an equal opportunity and affirmative action employer.

Qualified applicants will be considered without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries (“Citi”) invite all qualified interested candidates to apply for career opportunities. If you are an individual with a disability and require a reasonable accommodation to use our search tools and/or apply for a career opportunity, please review Accessibility at Citi.

View the poster “EEO is the Law”. View the supplement EEO is the Law.

View the EEO Policy Statement.

View the Pay Transparency Posting

You May Also Like

More From Author