Advanced Cyber Defense Analyst

The Advanced Cyber Defense (ACD) team is a group inside the Citi Security Operations Center (SOC). The ACD is a full-time threat hunt team that focuses on advanced threat analysis, custom threat detection techniques, process improvement, and evaluation of new security tools and technology. ACD team members are subject matter experts in multiple cybersecurity disciplines including threat hunting, content creation, network and end-point log analysis, malware analysis, and command line and scripting in Windows/Linux/Unix. Duties include the development of new SOC processes and procedures to enhance operations, research in emerging cyber security threats, participation and contribution as a Subject Matter Expert (SME) in major security events, and providing guidance to SOC Tier 1 and Tier 2 analysts. Principal Responsibilities: Proactively hunt for potential malicious activities in the bank’s environment Research and identify emerging cyber security threats Enhance current deployment of commercial tools used by the Security Operations Center Participate in major security events as a subject matter expert Develop new tools, processes, and procedures to enhance SOC monitoring and analysis capabilities Evaluate new technologies against SOC requirements in proof of concepts Provide guidance to SOC Tier 1 and Tier 2 analysts Requirements: Security Operations Center / Threat Hunt / Incident Response experience 8+ years working in the security & operations fields Bachelor's Degree or higher preferred Strong fundamental knowledge of network (TCP/IP) and operating systems (Windows/Linux) Hands-on experience with cyber security solutions; SIEM, AV, NIDS, EDR, etc. Ability to investigate network traffic, read and interpret logs and packet captures Ability to investigate email threats; Email sample analysis, handling phishing campaigns, etc. Experience in web/shell programming and debugging codes Experience in cloud computing and security controls Familiarity with malware and memory analysis techniques Critical thinking and analytical skills Good written and oral communication skills Team player with the ability to work independently Experience in malware analysis and/or reverse engineering is a plus Job Family Group: Technology Job Family: Information Security Time Type: Full time #J-18808-Ljbffr