Cyber Fraud SOC Analyst, AVP

About the position

The Cyber Fraud SOC Analyst, AVP is an intermediate level position responsible for leading efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy. The analyst performs monitoring, research, assessment and analysis of Digital Fraud Attacks leveraging various Security Event Monitoring platforms including Web Threat Detection, Real Time Fraud Risk Assessment, Big Data and Digital Application Monitoring tools (ArcSight, Splunk, SAS, Teradata, and enterprise real time fraud detection tools.). Previous experience in cyber security operations or incident response is required.

Responsibilities

• Assist Security Incident Response Teams with incident investigations and aid in technical risk assessments
• Coordinate with system development and infrastructure units to identify Information Security (IS) risks and the appropriate controls for development, day-to-day operation, and emerging technologies
• Perform regular assessments based on changes in the threat landscape
• Monitor vulnerability assessments and ethical hacks, ensuring that issues are addressed for the applications that they support
• Provide information security support with related activities during systems development (e.g. authentication, encryption)
• Identify and develop new and improved technical procedures and process control manuals
• Identify significant IS threats and vulnerabilities
• Assume informal/formal mentorship role within teams and assist with the coaching and training of new team members
• Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets
• Follow Pre-defined actions to handle BAU and High severity issues including escalating to other support groups
• Execute daily ad-hoc tasks or lead small projects as needed
• Create and maintain operational reports for Key Performance Indicators and weekly and monthly metrics
• Perform assessment as well as troubleshooting to help isolate technical issues with the integration of fraud monitoring technologies
• Participate in daily and ad-hoc conference calls to manage quality assurance and documentation related tasks
• Identify areas for tuning use cases to enhance monitoring value
• Engage with Fraud Policy, Operations, Strategy and other teams for early detection, prevention and mitigation of detected fraudulent activities

Requirements

• 5-8 years of relevant experience
• Bachelor’s degree/University degree or equivalent experience
• Proven influencing and relationship management skills
• Proven analytical skills
• Strong knowledge of current Cyber Fraud trends including common Account Takeover techniques and banking malware
• Deep understanding of Intrusion Detection analysis (TCP/IP, packet level analysis) as well as Application Layer Protocols (HTTP)
• Advanced understanding of various operating systems (Windows/UNIX), and web technologies (focusing on Internet security)
• Knowledge of cutting-edge threats and technologies affecting Web Applications
• Experience with Big Data Technologies, ETL Tools, Data Warehouse and Business Intelligence technologies is preferred
• Experience with any scripting language (Python, Perl, VBScript) is a plus
• Experience with vulnerability assessment as well as penetration testing or forensic analysis fields is a plus
• Certifications from EC-Council, GIAC, (ISC)² are preferred [CISSP, C|EH, GCIA, CCNA]

Nice-to-haves

• Intimate knowledge of how Content Delivering Networks (CDN) work
• Experience in designing, managing, supporting Web Application Firewalls (WAFs) specifically Akamai

Benefits

• medical, dental & vision coverage
• 401(k)
• life, accident, and disability insurance
• wellness programs
• paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays