This position is for an Operational Intelligence Analyst (Ops Analyst) member working for the CIC in APAC. Operational Intelligence Analysts place individual cyber events into an adversary context - with the goal of bringing other operational teams to the right problems with the right details to influence positive network security outcomes. Ops Analysts achieve this by:
Becoming subject matter experts (SMEs) on one or more assigned subjects, tracking them on a day-by-day basis, and escalating concerning developments as necessary.
Triaging tactical reporting to focus on serious threats
Producing near-term assessments that add important context and detail to serious threats
The Citi Cyber Intelligence Center (CIC) is part of the Global Information Security organization and is responsible for analyzing cyber threat information designed to increase Citi's cyber threat awareness and protection levels. By providing awareness, indications, warnings and operational readiness, the CIC protects the Citi brand, global business operations, technology infrastructure and client trust against cyber threats worldwide.
Ops Analysts are required to make sound decisions, to communicate them clearly and openly, and to produce quick-turnaround written analysis that is aware of the information limitations often seen at tempo, and sets out a strategy to pursue important missing details.
Individual analysts will be involved in both their SME subjects and ad-hoc taskings determined by developing events. Key
outputs may include:
Baseline Documentation on the analyst's SME subjects, including collections plans, issue overviews for peers and senior leaders, kill chain summaries when applicable, and acting as a knowledge repository on SME subjects.
Daily monitoring of SME subjects, including building upon the work of triaging analysts, maintaining a knowledge repository, bi-weekly updates on SME subjects, and ad-hoc situation reports - tasked by regional and operations leads.
Additionally, Ops Analysts are required to:
Maintain good general situational awareness of the cyber threat environment
Perform threat intelligence review and follow-up
Analyze cyber threat data and correlate with existing understanding of cyber threats impacting Citi
Actively monitor and research cyber threats with a direct or indirect impact to the Citi brand, business operations, infrastructure and client trust.
Triage tactical, technical reporting in real time to determine its accuracy and identify threats of potential interest and impact to Citi and its clients.
Complete written and verbal (daily) briefings - as needed
Deliver concise written assessments that add context and detail to threats, and enable other information security and cyber security teams to meaningfully respond to them
Regularly support, involve and liaise with all the CIC Threat Intelligence teams
Provide real-time and local intelligence support to other (non-CIC) operational teams in the Global Information Security environment
Represent the CIC and support other representation and awareness activities - as required
Coordinate and support the BAU processes and ad-hoc deliverables of the CIC ASPAC Analysis team - as needed
Cross train and be able to substitute/surge for other CIC Threat Intelligence teams as needed
Ability to improve written and verbal communication and presentations skills with all levels of staff, including senior management.
Ability to work within cross-functional and cross-business teams and gain overview of the CIC and Global Information Security functions.
Developing analytical, coordination and leadership skills.
Gaining understanding in various "cyber threat handling" and "crisis management" functions and processes.
Experience working in operational environments where multiple competing items must be prioritized and delivered.
Experience in roles requiring excellent standards of written and verbal communication.
Preferably 3+ years in an intelligence (defense / civilian / law enforcement) or information security related role.
People / project management experience in a constantly evolving environment - preferably at a multinational company.
Understanding of the following concepts: Cyber Kill Chain, Advanced Persistent Threat, Third Party Risks, Cybercrime, Hacktivism, Various Cyber Attack Types, Fraud, Malware and Ransomware, Mobile Threats, Social Engineering, Insider Threats, SOC function, Incident Management, Networks, Encryption, Defense in Depth, OSI.
Russian / Ukrainian / Chinese language skill desired, but not required.
Ability to actively track and prioritize issues and inquiries.
Possesses the ability to review information to determine its significance, validate its accuracy and assess its reliability.
University degree in one of the following areas: information security / information technology / (cyber) defense / military / intelligence
Any relevant certificate desired, but not required (CISM, SANS, CSX, etc.).
Must be a self-starter, self-motivated and able to work independently with little oversight.
Strong written and verbal communication and presentation skills.
Ability to work within cross-functional and cross-business teams.
Strong organizational skills.
Strong analytical skills.
Enjoys challenges and learning new, necessary information to better understand and identify threats.
Ability to communicate effectively with all levels of senior management and peer team members
Internal Number: 5854420
About Citibank NA
eFinancialCareers is a career site specializing in financial services.
BACK TO TOP
MORS Career Center is Just One of the Benefits.
Discover what else MORS has to offer!
The job you are trying to reach from was originally posted at MORS Career Center.