* Primary Location: United States,New York,New York
* Education: Bachelor's Degree
* Job Function: Technology
* Schedule: Full-time
* Shift: Day Job
* Employee Status: Regular
* Travel Time: Yes, 10 % of the Time
* Job ID: 19031517
Citi's Cyber Intelligence Center is seeking an Operational Intelligence Analyst for its New York City office.
Operational Intelligence Analysts place individual cyber events into an adversary context - with the goal of bringing other operational teams to the right problems with the right details to influence adversary traversal of the kill chain. Analysts achieve this by:
1. Becoming subject matter experts on one or more of Citi's serious known adversaries, tracking them on a day-by-day basis, and escalating concerning developments as necessary.
2. Triaging tactical reporting to focus on serious threats and/or those likely to be perceived as such
3. Producing near-term assessments that add important context and detail to serious threats
This is a senior position, and the successful candidate will demonstrate the ability to triage cyber threats, exercise sound judgement in tight timeframes, and mentor junior analysts.
The Citi Cyber Intelligence Center (CIC) is part of the Global Information Security organization and is responsible for analyzing cyber threat information designed to increase Citi's cyber threat awareness and protection levels. By providing awareness, indications, warnings and operational readiness, the CIC protects the Citi brand, global business operations, technology infrastructure and client trust against cyber threats worldwide.
Ops Analysts are required to make sound decisions, to communicate them clearly and openly, and to produce quick-turnaround written analysis that is aware of the information limitations often seen at tempo, and sets out a strategy to pursue important missing details. Individual analysts will be tasked as both a 'subject matter expert' (SME) on an adversary of advanced concern, and with ad-hoc taskings determined by developing events.
Analysts are assessed for:
1. The rigor and self-sufficiency with which they track and escalate out of their SME area.
2. Their capacity to reliably deliver on short-suspend tasks in a way that:
a. Adheres to template, and more generally to intelligence community standards; and
b. Are appropriately caveated and/or aware of existing knowledge gaps; and
c. Expand knowledge on the threat in a way that is actionable by Citi teams; and
d. Are joined by a strategy to work through any important knowledge gaps.
3. The influence their work has on our operational partners, adjacent intel phases and leadership.
4. Their contribution to the expansion of coverage and process maturity for the team.
Key outputs may include:
* Written assessments and verbal briefings on emerging and constantly shifting cyber issues
* Development and tracking of SME adversaries, including baseline documentation, collections plans, and verbal briefings and operational assessments as required by events.
* Support for incident response internally, and at clients.
* Process documentation
* Bachelor's Degree (Information Security or Information Technology related field), or equivalent work experience.
* 5+ years of relative work experience.
* Direct experience in related discipline desirable, e.g. intelligence officer or security researcher.
* Technical certificates desirable (e.g. CISSP, SANS)
* Russian, Ukrainian or Chinese-language skills desirable, but not required.
* Experience with high-tempo operational environments. Experience in roles requiring high standards of written and verbal communication. Team player. Flexible.
* Understands major cyber threat adversaries likely to impact banks. Understands following concepts: confidence intervals, MITRE, kill chain, C2, passive DNS, traffic light protocol, MD5, collections bias, spear phishing, watering hole.
* Must be a self-starter, self-motivated and able to work independently with little oversight.
* Strong written and verbal communication and presentation skills.
* Ability to work within cross-functional and cross-business teams.
* Strong organizational skills.
* Strong analytical skills.
* Enjoys challenges and learning new, necessary information to better understand and identify threats.
* Ability to communicate effectively with all levels of senior management and peer team members
Citigroup is a company providing financial products and services.