The Advanced Cyber Defense (ACD) team is a tactical team inside the Citi Security Operations Center (SOC).The ACD team focuses on advanced threat analysis, custom threat detection techniques, SOC process improvement, and assisting in new security tools and technology evaluation.
This position requires strong leadership, technical knowledge and prior management / team lead experience in a SOC using a wide variety of security tools for monitoring a large-scale enterprise environment.
This role requires a highly motivated manager who possesses a strong leadership background and the ability to manage a diverse team of Security Analysts and interact with other teams regularly. This individual must be able to engage as required (including holidays and weekends) to assemble his / her team to act as a tactical team at time of major incident.
This role requires the manager to provide appropriate updates to his/her management regarding security event handling, trends, analysis, incident response resolutions and lessons learned. In order to be considered as a successful candidate this person must be able to demonstrate the proper knowledge and leadership skills to support the role.
Most importantly this individual must have very good communication skills, including the ability to write and verbally articulate industry terminology to successfully brief management staff. To best perform this role, the candidate must be up to date on current vulnerabilities, attacks, and countermeasures, along with all security related news and developments.
The ideal candidate will be a technically experienced and innovative security professional who has the ability and experience to lead a team of security professionals and execute broad security goals within a global team.
High level responsibilities:
* Experience with the selection, implementation, and management of enterprise security technologies, including SIEM, anti-virus, EDR, DLP, IDS/ IPS, vulnerability scanners, configuration management, and encryption * Oversee implementation of new technologies within SOC and lead automation of monitoring administrative tools * Experience with leading the development, implementation, and management of processes that ensure security countermeasures and monitoring are effective and sustained on all applicable systems. * Experience with leading the development, implementation, and management of incident response plans and response activities. * Work closely with Security Leadership to identify implement process changes, improvements and efficiencies and ensure solid security practices. * Candidate must be able to work quickly and accurately with minimal supervision. * Lead the team by providing direction and guidance to team members in handling issues
* Candidate must be able to engage at any time to respond to an incident.
* Bachelor's degree or equivalent program in Computer Science, Computer Engineering, Electrical Engineering, Network Security, Information Security, Information Technology, or Mathematics (or equivalent work experience). * 8+ years of experience of network/security architecture or operations experience. * Certifications: CISSP, CISM, GCIA, GWAPT, GCIH, GSEC, OSCP, OSCE, OSCP, or similar certification preferable * Security Operations Center experience required * Experience working with log management, security monitoring, vulnerability management and security incident/event management tools * Proven leadership, communication, issue resolution and performance management skills * Travel requirements ~25% that would include team offsite meetings, training and presentations * Candidate should have strong communication skills and exhibit a professional demeanor. * Ability and willingness to think outside of the box to find creative and innovative solutions to reduce costs with a minimal impact on reliability. * Excellent project management skills, ability to work in a fast-paced and hectic work environment, ability to prioritize tasks effectively; and an ability to work seamlessly across organizational boundaries. * Must be flexible in outlook and have positive attitude under pressure / stress. * Excellent presentation skills and ability to present to senior management. * Excellent planning/time management skills. * Excellent client-facing skills. * Very good understanding of the compromises between reliability, efficiency and cost. * Candidate should possess the following soft skills: Management, Leadership, Communications, Professionalism, Creativity, and Drive.
Citigroup is a company providing financial products and services.