* Primary Location: United States,Texas,Irving
* Education: Bachelor's Degree
* Job Function: Technology
* Schedule: Full-time
* Shift: Day Job
* Employee Status: Regular
* Travel Time: No
* Job ID: 19017019
Who are we?
Citi Technology Infrastructure (CTI) provides the products and services that enable Citi's workforce, along with the majority of the financial solutions that Citi's customers rely on. We provide the critical technical foundation for Citi's operations through the infrastructure that runs business and general user computing services. We do this by working as one-team to deliver high quality, reliable and modern infrastructure technologies at the right cost. We drive to optimize the functionality and capability of the infrastructure technologies.
The Advanced Cyber Defense (ACD) team is a group inside the Citi Security Operations Center (SOC).The ACD team focuses on advanced threat analysis, custom threat detection techniques, SOC process improvement, and assisting in new security tools and technology evaluation.ACD team members need experience in multiple security disciplines including; IDS signature creation, log analysis, malware analysis, Linux/Unix command line and scripting.ACD team member duties include, but are not limited to developing new processes and procedures to enhance SOC monitoring, analysis and escalation procedures, research in new areas of risk and exposures where the SOC should focus, participate in major security events as a Subject Matter Expert (SME), and provide guidance to SOC Tier 1 and SOC Tier 2 analysts' investigations and perform further analysis as needed.
* Enhance current deployment of commercial tools used by Security Operations Center.
* Develop new processes and procedures to enhance SOC monitoring, analysis and escalation procedures.
* Research and identify the new areas of risk and exposure where SOC should focus.
* Participate in major security events as subject matter expert.
* Participate in SOC internal projects such as SOC tools development, data analytics and SOC lab expansion.
* Provide guidance to SOC Tier 1 and SOC Tier 2 on investigations and further analysis as needed.
The candidate should have Security Operations Center / Technical Cyber Intelligence analyst background. He/she should be able to perform the SOC analyst Tier 2 duties in addition to following experience and advanced threat analysis skills:
* Overall understanding of network and application analysis
* Malware Analysis
* Network security monitoring and intrusion detection
* Application Security Monitoring
* Programming and debuggingWe are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
Citigroup is a company providing financial products and services.