Citi Technology Infrastructure (CTI) provides the products and services that enable Citi's workforce, along with the majority of the financial solutions that Citi's customers rely on. We provide the critical technical foundation for Citi's operations through the infrastructure that runs business and general user computing services. We do this by working as one-team to deliver high quality, reliable and modern infrastructure technologies at the right cost. We drive to optimize the functionality and capability of the infrastructure technologies.
The Security Operations Center Information Security Analyst will be part of the SOC Team. This center monitors, analyses and responds to infrastructure threats and vulnerabilities on a 24x7 basis.
The analyst performs monitoring, research, assessment and analysis on Intrusion Detection and Prevention tools as well as Anomaly Detection systems, Firewalls, Antivirus systems, proxy devices (ArcSight, Arbor PeakFlow, SourceFire, Palo Alto Networks, etc.) which requires demonstrable security incident response experience.
* Follow pre-defined actions to handle BAU and High severity issues including escalating to other support groups.. Execute daily adhoc tasks or lead small projects as needed. * Create and maintain operational reports for Key Performance Indicators and weekly and Monthly Metrics. * Perform initial risk assessment on new threats and vulnerabilities, perform assessment phase of Vulnerability & Threat Management process. * Perform assessment as well as troubleshooting and help isolate issues with IDS/IPS sensors, Antivirus servers, Vulnerability scanners. * Participate in daily and ad-hoc conference calls as well as compliance & controls, self-assessment processes and documentation related tasks.
4+ years working in the security & operations fields
* Bachelor's Degree or higher preferred. * Excellent knowledge of Intrusion Detection (deep TCP/IP knowledge, and Cyber security), various operating systems (Windows/UNIX), and web technologies (focusing on Internet security). * Ability to read and understand packet level data. Intrusion detection and prevention and Network Security Products (IDS/IPS, firewalls, etc) Host Security Products (HIPS, AV, scanners, etc) * Knowledge of cutting edge threats and technologies effecting Web Application vulnerabilities and recent internet threats. * Exposure on Vulnerability assessment as well as penetration testing or forensic analysis fields are an advantage. * Certifications from EC-Council, GIAC, (ISC)² are preferred [CISSP, C|EH, GCIA, CCNA]. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
Citigroup is a company providing financial products and services.