Insider Threat Cyber Senior Analyst

The Insider Threat Cyber Senior Analyst is responsible for driving efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy.

Responsibilities:

• The Insider Threat Cyber Operations Team (ITCO) team is a group inside the Citi Security Operations Center (SOC).  The ITCO team focuses on insider threat detection and mitigation, advanced threat analysis, custom insider threat detection techniques, SOC process improvement, and assisting in the evaluation of new security tools and technology. 

• The analyst will perform monitoring, research, assessment and analysis on alerts from various security tools, including IDPS tools, SIEM, anomaly detection systems, firewalls, antivirus systems, user behavior analytics tools, endpoint inspection, and proxy devices(ArcSight, Arbor PeakFlow, Palo Alto Networks, etc.) which requires demonstrable security incident response and/or insider threat experience.

• Design queries, visualizations, use cases and reports leveraging Splunk.

• Recommend and review new use cases for insider threat monitoring.

• Support the development and enhancement of SOC incident response capabilities.

• Follow pre-defined actions to investigate possible security incidents or perform incident response actions, including escalating to other support groups.

• Execute daily ad hoc tasks or lead projects as needed.

• Participate in or lead daily and ad-hoc conference calls; Create, update or provide process documentation, or provide requested evidence for compliance & controls requests.

Qualifications:

• 6-10 years of relevant experience

• Bachelor’s degree or higher (Computer Science or Cyber security preferred) or equivalent work experience.

• Fluency in English

• Significant experience using Splunk Enterprise to create queries, visualizations, and other reporting functions to identify anomalous activity.

• Excellent knowledge and previous experience with insider threat investigations, network security, TCP/IP, various operating systems (Windows/UNIX), and web technologies (focusing on Internet security).

• Ability to read and understand packet level data;  Experience with intrusion detection and prevention systems, network security products (IDS/IPS, firewalls, etc)  and host security products (HIPS, AV, EDR, etc).

• Advanced proficiency with Microsoft Office tools and software

• Very good analytical skills

What we can offer you:

By joining Citi Hungary, you will not only be part of a business casual workplace with a hybrid working model (up to 2 days working at home per week), but also receive a competitive compensation package and enjoy a whole host of additional benefits that support you (and your family) to be well, live well and save well:

• Cafeteria Program

• Home Office Allowance (for colleagues working in hybrid work models)

• Paid Parental Leave Program (maternity and paternity leave)

• Private Medical Care Program and onsite medical rooms at our offices

• Pension Plan Contribution to voluntary pension fund

• Group Life Insurance

• Employee Assistance Program

• Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed

• Flexible work arrangements to support you in managing work - life balance

• Career progression opportunities across geographies and business lines

• Socially active employee communities with diverse networking opportunities

Alongside these benefits Citi is committed to ensuring our workplace is where everyone feels comfortable coming to work as their whole self every day.  We want the best talent around the world to be energized to join us, motivated to stay, and empowered to thrive. 

Sounds like Citi has everything you need? Then apply to discover the true extent of your capabilities.

#LI -OD1

------------------------------------------------------

Job Family Group:

------------------------------------------------------

Job Family:

------------------------------------------------------

Time Type:

------------------------------------------------------

Most Relevant Skills

------------------------------------------------------

Other Relevant Skills

------------------------------------------------------

Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law.

If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View Citi’s EEO Policy Statement and the Know Your Rights poster.