Working at Citi is far more than just a job. A career with us means joining a team of more than 230,000 dedicated people from around the globe. At Citi, you’ll have the opportunity to grow your career, give back to your community and make a real impact.
Job OverviewThe Insider Threat Cyber Ops (ITCO) team sits in the SOC actively monitoring Citi's network against malicious attempts to harm the organization utilizing cybersecurity tools and trend analysis.
The SOC Insider Threat Hunter Operations Analyst is an intermediate level position responsible for leading efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy.
Responsibilities:
Monitor and analyze logs and alerts on a variety of different technologies across multiple platforms to identify security incidentsProactively hunt for insider threat utilizing large datasets, tools, and detectionsContinually assess and refine insider threat detectionsExecute analysis of email-based threats to include understanding of email communications, platforms, headers, transactions, and identification of malicious tactics, techniques, and proceduresUtilize a variety of security tools and technologies to analyze potential threats to determine impact, scope, and recovery.Leverage network security tools and capabilities to support Cyber Threat Monitoring activitiesAssist Security Incident Response Teams with incident investigations and aid in technical risk assessmentsIdentify and develop new and improved technical procedures and process control manualsIdentify significant IS threats and vulnerabilitiesPerform regular assessments based on changes in the threat landscape as neededAppropriately assess and prioritize riskDemonstrate appropriate consideration for the firm's reputation and safeguarding Citigroup, its clients, and assets by driving compliance with applicable laws, regulations, and Citi PolicyMost have a strong analytical and problem-solving skills to detect and respond to insider threats effectively.Proficiency in cybersecurity tools and technologies, as well as knowledge of data loss prevention (DLP) and user behavior analytics (UBA) tools.Maintaining a strong code of ethics and respecting privacy while investigating insider Threat related incidents is essential.Requirements:
3+ years' hands-on relevant experienceCybersecurity experience is an absolute requirementExperience working with DLP tools, UEBA, and SIEM technologies (i.e., Splunk, CrowdStrike)Strong proficiency with threat analysis toolsConsistently demonstrates clear and concise written and verbal communicationStrong working knowledge of Threat Monitoring ProceduresKnowledge and exposure in creating use cases.Direct experience working with large datasets.Direct experience in threat hunting in a corporate environmentAbility to work cohesively in a team setting with minimal supervisionProven analytical skillsAdditional/Preferred Skills:
Knowledge and exposure to SOAR technologyScripting/coding is a plusPrevious experience as an insider threat analyst and/or threat hunter.Certifications: CISA, CISSP, ITPM (Insider Threat Program Manager), SANsWhat we can offer you:
By joining Citi Hungary, you will not only be part of a business casual workplace with a hybrid working model (up to 2 days working at home per week), but also receive a competitive compensation package and enjoy a whole host of additional benefits that support you (and your family) to be well, live well and save well:
Cafeteria ProgramHome Office Allowance (for colleagues working in hybrid work models)Paid Parental Leave Program (maternity and paternity leave)Private Medical Care Program and onsite medical rooms at our officesPension Plan Contribution to voluntary pension fundGroup Life InsuranceEmployee Assistance ProgramAccess to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and DegreedFlexible work arrangements to support you in managing work - life balanceCareer progression opportunities across geographies and business linesSocially active employee communities with diverse networking opportunitiesAlongside these benefits Citi is committed to ensuring our workplace is where everyone feels comfortable coming to work as their whole self every day. We want the best talent around the world to be energized to join us, motivated to stay, and empowered to thrive.
Sounds like Citi has everything you need?
Then apply to discover the true extent of your capabilities.
------------------------------------------------------
Job Family Group:
Technology------------------------------------------------------
Job Family:
Information Security------------------------------------------------------
Time Type:
Full time------------------------------------------------------
Most Relevant Skills
Please see the requirements listed above.------------------------------------------------------
Other Relevant Skills
For complementary skills, please see above and/or contact the recruiter.------------------------------------------------------
Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law.
If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.
View Citi’s EEO Policy Statement and the Know Your Rights poster.