Tier 3 Security Incident Management
Citi's SIRT Incident Management Team is a global team that manages all information security incidents for Citigroup and its affiliates with team members located globally. As a member of the Security Incident Management (SIM) Team, you will participate in overseeing the technical review of all SIRTs submitted globally, providing oversight of emergency response to security incidents to quickly identify, respond, and mitigate the risk from Security incidents that impact could Citi.
This position will be responsible for the below functions:
- Review and analyze Security Incidents to identify those that pose a significant risk to the Citi franchise and its affiliates, and escalating those Security Incidents in accordance with Citi policy and procedures.
- Review and verifying the accuracy of the reported severity level of Security Incidents.
- Provide technical subject matter expertise, mitigating risk to impacted parties throughout an incident.
- Work with internal and external constituents to minimize risks associated with Security Incidents, including convening appropriate Subject Matter Experts to assist investigations and ensuring that all relevant facts related to the IS Incident are properly communicated.
- Assist with tracking and follow-up documentation related to an IS Incident, including Root Cause Analyses (RCAs), Lessons Learned and SIRT Remediation Plans throughout the incident lifecycle until closure.
- Ensure Audit, Compliance and Risk requests related to SIRT Incidents along with Cyber Risks are evaluated and actioned appropriately
- Bachelor's degree or equivalent work experience.
- 3+ years working in a Security Incident Response role with experience in examining suspicious/malicious network events, analyzing malicious code/exploits, and system/network forensics.
- Extensive years working in IT/IT security, preferably a 24x7 operational environment, or educational equivalent.
- Experience within security aspects of multiple platforms, operating systems, software, communications and network protocols or an equivalent combination of education and work experience.
- Understanding of Networking Protocols and Infrastructure designs; including routing, firewall functionality, host and network intrusion detection/prevention systems, encryption, load balancing, and other network service and protocol considerations.
- Experience with Reverse Engineering malicious code and Web/Network Penetration Testing is a plus.
- Experience of OSINT gathering and knowledge of various technical and operational level Cyber programs such as CIC, VA, SOC and Insider Threat
- Experience and / or knowledge of scripting or programming is a plus.
- Experience administering and troubleshooting operating systems, including Solaris, Linux, and Microsoft Windows Server is a plus.
- Knowledge of Critical Security Controls and how they relate to common frameworks and standards.
- Experience of working with IS Audits along with a clear understanding of Cyber Risk as it pertains to the modern threat environment is considered a plus.
NON-TECHNICAL SKILLS REQUIRED:
- Excellent analytical ability, strong judgment and leadership skills, and the ability to work effectively with clients, IT management and staff.
- Ability to communicate technical issues to both technical and non-technical business representatives.
- Ability to understand strategic objectives and vision, and work towards those goals.
- Dedicated and self-driven desire to research the current Cyber Security Threat landscape.
- Strong customer and quality-focus is a must.
- Sound problem resolution, judgment, and decision-making skills required.
- Excellent organizational, interpersonal, and project management skills
- Excellent communication skills both written and oral
- Self-starter and ability to work in a team environment
- Hard working and self-motivated.
- Able to work effectively under pressure
Exceptional candidates who do not meet these criteria may be considered for the role provided they have the necessary skills and experience.
Grade :All Job Level - All Job FunctionsAll Job Level - All Job Functions - SG ------------------------------------------------------
Time Type :Full time ------------------------------------------------------
Citi is an equal opportunity and affirmative action employer.
Minority/Female/Veteran/Individuals with Disabilities/Sexual Orientation/Gender Identity.
Citigroup Inc. and its subsidiaries ("Citi") invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity CLICK HERE .
To view the "EEO is the Law" poster CLICK HERE . To view the EEO is the Law Supplement CLICK HERE .
To view the EEO Policy Statement CLICK HERE .
To view the Pay Transparency Posting CLICK HERE .