About Citi:

Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments, and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management.

As a bank with a brain and a soul, Citi creates economic value that is systemically responsible and in our clients’ best interests. As a financial institution that touches every region of the world and every sector that shapes your daily life, our Enterprise Operations & Technology teams are charged with a mission that rivals any large tech company. Our technology solutions are the foundations of everything we do from keeping the bank safe, managing global resources, and providing the technical tools our workers need to be successful to designing our digital architecture and ensuring our platforms provide a first-class customer experience. We reimagine client and partner experiences to deliver excellence through secure, reliable, and efficient services.

Our commitment to diversity includes a workforce that represents the clients we serve from all walks of life, backgrounds, and origins. We foster an environment where the best people want to work. We value and demand respect for others, promote individuals based on merit, and ensure opportunities for personal development are widely available to all. Ideal candidates are innovators with well-rounded backgrounds who bring their authentic selves to work and complement our culture of delivering results with pride. If you are a problem solver who seeks passion in your work, come join us. We’ll enable growth and progress together.

The Role:

The Citi Cyber Intelligence Center (CIC) is part of the Chief Information Security Office (CISO) and is responsible for analyzing cyber threat information designed to increase Citi's cyber threat awareness and protection levels by providing awareness, indications, warnings, and operational readiness. The CIC protects the Citi brand, global business operations, technology infrastructure, and client trust against cyber threats worldwide. In support to this mission, the CIC Analysis Team is responsible for providing various cyber threat alerts, reports, briefings, and other products and services for Citi stakeholders.

The Team:

The CIC Technology Team focuses on all phases of the Threat Intelligence landscape both operationally and technically. This includes initial triage of paid and open source intelligence sources, enrichment of reporting to further add value to the intelligence communicated to our customers and establishing technical rules (e.g., YARA) as a means to identify new and emerging threats. The team is focused on three main areas of intelligence: SOC (mainly IOC driven and technical understanding of actors, TTPs and malware), Third Party Compromise (mainly client and supplier driven with the potential impact to Citi from these compromises) and Vulnerability Assessments (discovery of new/emerging vulnerabilities and the tracking of reported vulnerabilities for Proof-of-Concepts and in-the-wild exploitation).

Responsibilities

• Actively monitor and research cyber threats with a direct or indirect impact to Citi and examine associated tools, techniques, and procedures (TTP) to reconstruct attacker workflows

• Produce high quality, timely, and actionable alerts that drive decision making across the firm

• Analyze Indicators of Compromise (IOCs) and conduct pivots via paid and open-source tooling

• Map threats to the MITRE ATT&CK framework and communicate effective mitigation procedures where appropriate

• Expand research and information scope using common enrichment platforms including creating YARA rules for indicator pivoting and hunting

• Produce actionable cyber threat intelligence products using a variety of internal and external sources that describe trends and shifts in the cyber threat landscape

• Evaluates tools, services, and processes to enhance the team’s threat analysis capability

• Support Cyber Intelligence Center (CIC) requests, investigations, and collaboration with global Citi CIC, Citi Fusion Center, SOC, and VA staff members in a Follow-the-Sun model

• Regularly provide intelligence briefs to technical, non-technical, and executive-level stakeholders

Qualifications

• 5+ years' experience working in Cyber Threat Intelligence is required

• Hands-on experience with and advanced knowledge of the Threat Intelligence Lifecycle, the MITRE ATT&CK framework, and Cyber Threat Actor capabilities, motivations, and tool sets to assess risk

• Ability to discern patterns of threat actor behavior at the technical level

• 3+ years' experience performing technical analysis including but not limited to threat hunting, malware analysis, forensics, or incident response is highly preferred

• Strong technical proficiency in the use of tools, techniques, and countermeasures

• Experience analyzing information derived from threat intelligence vendors and platforms

• Must have strong written and verbal communication

• Ability to work independently with little oversight in a large, fast-paced and operationally focused environment

• Prior experience in the financial industry is a plus

• Basic knowledge of financial payment systems (e.g., SWIFT) is a plus

Education

• Bachelor’s/University degree or equivalent experience preferably in one of the following areas: Cybersecurity, Information Security, Information Technology, Computer Science, etc.

• Any of these Certifications are highly preferred: CISSP, GIAC’s GREM, GCFA, and/or GCTI

This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.

Job Family Group:

Technology

Job Family:

Information Security

Time Type:

Full time

Primary Location:

New York New York United States

Primary Location Full Time Salary Range:

$142,320.00 - $213,480.00

In addition to salary, Citi’s offerings may also include, for eligible employees, discretionary and formulaic incentive and retention awards. Citi offers competitive employee benefits, including: medical, dental & vision coverage; 401(k); life, accident, and disability insurance; and wellness programs. Citi also offers paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays. For additional information regarding Citi employee benefits, please visit citibenefits.com. Available offerings may vary by jurisdiction, job level, and date of hire.

Anticipated Posting Close Date:

Sep 11, 2024

Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi (https://www.citigroup.com/citi/accessibility/application-accessibility.htm) .

View the "EEO is the Law (https://www.dol.gov/sites/dolgov/files/ofccp/regs/compliance/posters/pdf/eeopost.pdf) " poster. View the EEO is the Law Supplement (https://www.dol.gov/sites/dolgov/files/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf) .

View the EEO Policy Statement (http://citi.com/citi/diversity/assets/pdf/eeo_aa_policy.pdf) .

View the Pay Transparency Posting (https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf)

Citi is an equal opportunity and affirmative action employer.

Minority/Female/Veteran/Individuals with Disabilities/Sexual Orientation/Gender Identity.