Cyber Fusion Center Program Manager

Citigroup Inc. New York , NY 10007

Posted 2 months ago

Opportunity

Citi's Global Cyber Investigations Team seeks ahighly skilled program manager to support critical efforts aimed at protecting Citi infrastructure, assets, clients and stakeholders. This is a demanding role with global exposure and responsibility. You will serve both as asubject matter expertand as an ambassador for the global investigations team. You will be assigned to Citi's Cyber Security Fusion Center, and will collaborate closely with a talented cadre of security specialists and cyber investigators as they react aggressively to urgent security events. Your observations and recommendations will impact security decisions across the organization, and play an important part in maturing the fusion center's team-of-teams operation.

Responsibilities

As aProgram Manager for the Cyber Fusion Investigations Team your primary responsibility is to provide global governance for all regional fusion center investigators as they triage and examine criticalsecurity events.Related activities include but are not limited to:

  • Define, document and champion best practices for cyber investigative standards and procedures

  • Define and deliver global program support

  • Evolve the tech stack with focus on standardization and automation

  • Improve methods for defining, monitoring and reporting key performance indicators

  • Improve knowledge management and reporting

  • Influence decision makers across the organization to address inadequate security controls and to mitigate risks

  • Provide guidance and leadership to a cohort of regional fusion center investigators

  • Generate and present material for a broad audience, including technical, executive and regulatory groups

Qualifications

You should be all of the following:

1.A competent manager and goal oriented contributor. Success will depend on your ability to:

  • Practice service based leadership

  • Lead and motivate a team of individual contributors

  • Stay current with the evolving landscape of threat activities and cybersecurity best practices

  • Work independently with minimal oversight

  • Adapt to changing requirements in a fast paced environment

  • Multitask and meet deadlines despite competing priorities

  • Navigate operational impediments in order to complete time sensitive tasks

  • Identify and document any opportunities for process improvement

2.A reliable team player. Success will depend on your ability to:

  • Practice mutual respect at all times

  • Establish trust and build strong partnerships

  • Resolve conflict in a constructive manner and use as an opportunity to develop team unity

  • Prioritize collective success ahead of individual ambition

3.A great communicator. Success will depend on your ability to:

  • Establish clear narratives todescribe observations, ideas and recommendations

  • Motivate colleagues and partners to cooperate and support as needed

  • Exert influence, both verbally and in writing, through all levels of the organization

Minimum Requirements

  • Education and Experience

  • Bachelor's degree in Computer Science, Computer Engineering, Information Security, Digital Forensics Sciences, or other IT related field

  • 10+ years of professional experience in cybersecurity and/or information security, or demonstrated equivalent capability

  • 5+ years managing a professional staff, cyber program or resources

  • Previous experience governing global programs

  • Previous experience in policy development, implementation, and training

  • Previous experience in establishing new procedure(s)

  • Previous experience with cyber investigations and/or incident response

  • Previous experience working in highly regulated environments

  • Previous experience in building and leading teams

  • Previous experience in digital forensic analysis

  • Knowledge and Skills

  • Working knowledge of how computer applications, systems, and networks are managed and secured

  • Working knowledge of common security threats and vulnerabilities, attack vectors, and adversary tactics, techniques and procedures (TTP's)

  • Working knowledge of cyber forensic and eDiscovery procedures to collect, handle, examine, and analyze evidentiary artifacts while preserving integrity and maintaining a strict chain of custody

  • Working knowledge of any DFIR toolset (e.g. EnCase, FTK, Sleuth Kit)

  • Working knowledge of some of the following tools: Splunk, Tanium, Nuix, Relativity, Metasploit, Plaso, Powergrep,Security Onion, SIFT Workstation, Volatility, Wireshark, Yara

  • Other

  • Must have flexibility to work outside of normal business hours when necessary

Preferred Requirements

  • Education and Experience

  • Graduate degree in Computer Science, Computer Engineering, Information Security, Digital Forensics Sciences, or other IT related field

  • Previous experience in a fusion center and/or exposure to large scale incident response

  • Prior success leading forensic investigations and/or managing individual contributors

  • Prior experience with information technology and/or information security in the financial services industry

  • Prior experience with cloud environments (e.g. AWS, GCP, Azure) and DevOps technologies (e.g. Docker, Kubernetes, Jenkins, Git)

  • Knowledge and Skills

  • Any professional certifications issued by GIAC, AWS, etc.

  • Working knowledge of common security models (Defense-in-Depth), standards (NIST 800-53, CIS 20 Controls) and frameworks (MITRE Attack, Cyber Kill Chain, STIX)

  • Working knowledge of OSI model

  • Working knowledge of security and/or incident response in cloud environments

  • Working knowledge of software development best practices, including agile methods

  • Familiar with Atlassian tools

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Csis Cyber Fusion Center Program Coordinator

Citigroup Inc.

Posted 2 months ago

VIEW JOBS 9/29/2020 12:00:00 AM 2020-12-28T00:00 Opportunity Citi's Global Cyber Investigations Team seeks ahighly skilled program coordinator to support critical efforts aimed at protecting Citi infrastructure, assets, clients and stakeholders. This is a demanding role with global exposure and responsibility. You will serve both as asubject matter expertand as an ambassador for the global investigations team. You will be assigned to Citi's Cyber Security Fusion Center, and will collaborate closely with a talented cadre of security specialists and cyber investigators as they react aggressively to urgent security events. Your observations and recommendations will impact security decisions across the organization, and play an important part in maturing the fusion center's team-of-teams operation. Responsibilities As aProgram Coordinator for the Cyber Fusion Investigations Team yourprimary responsibility is to help drive all governance and process improvement efforts in support of cyber investigators and incident responders as they triage and examine critical security events. Related activities include but are not limited to: * Define, document and champion best practices for cyber investigative standards and procedures * Define and deliver global program support * Evolve the tech stack with focus on standardization and automation * Improve methods for defining, monitoring and reporting key performance indicators * Improve knowledge management and reporting * Influence decision makers across the organization to address inadequate security controls and to mitigate risks * Provide guidance and leadership to a cohort of regional fusion center investigators * Generate and present material for a broad audience, including technical, executive and regulatory groups Qualifications You should be all of the following: A goal oriented individual contributor. Success will depend on your ability to: * Stay current with the evolving landscape of threat activities and cybersecurity best practices * Work independently with minimal oversight * Adapt to changing requirements in a fast paced environment * Multitask and meet deadlines despite competing priorities * Navigate operational impediments in order to complete time sensitive tasks * Identify and document any opportunities for process improvement A reliable team player. Success will depend on your ability to: * Practice mutual respect at all times * Establish trust and build strong partnerships * Resolve conflict in a constructive manner and use as an opportunity to develop team unity * Prioritize collective success ahead of individual ambition A great communicator. Success will depend on your ability to: * Establish clear narratives to describe observations, ideas and recommendations * Motivate colleagues and partners to cooperate and support as needed * Exert influence, both verbally and in writing, through all levels of the organization Minimum Requirements * Education and Experience * Bachelor's degree in Computer Science, Computer Engineering, Information Security, Digital Forensics Sciences, or other IT related field * 5+ years of professional experience in cybersecurity and/or information security, or demonstrated equivalent capability * Previous experience in policy development, implementation, and training * Previous experience in establishing new procedure(s) * Previous experience with cyber investigations and/or incident response * Previous experience working in highly regulated environments * Previous experience in digital forensic analysis * Knowledge and Skills * Working knowledge of how computer applications, systems, and networks are managed and secured * Working knowledge of common security threats and vulnerabilities, attack vectors, and adversary tactics, techniques and procedures (TTP's) * Working knowledge of cyber forensic and eDiscovery procedures to collect, handle, examine, and analyze evidentiary artifacts while preserving integrity and maintaining a strict chain of custody * Working knowledge of any DFIR toolset (e.g. EnCase, FTK, Sleuth Kit) * Working knowledge of some of the following tools: Splunk, Tanium, Nuix, Relativity, Metasploit, Plaso, Powergrep,Security Onion, SIFT Workstation, Volatility, Wireshark, Yara * Other * Must have flexibility to work outside of normal business hours when necessary Preferred Requirements * Education and Experience * Graduate degree in Computer Science, Computer Engineering, Information Security, Digital Forensics Sciences, or other IT related field * Minimum 7 years of professional experience in cybersecurity and/or information security * Previous experience in a fusion center and/or exposure to large scale incident response * Prior success leading forensic investigations and/or managing individual contributors * Prior experience with information technology and/or information security in the financial services industry * Prior experience with cloud environments (e.g. AWS, GCP, Azure) and DevOps technologies (e.g. Docker, Kubernetes, Jenkins, Git) * Knowledge and Skills * Any professional certifications issued by GIAC, AWS, etc. * Working knowledge of common security models (Defense-in-Depth), standards (NIST 800-53, CIS 20 Controls) and frameworks (MITRE Attack, Cyber Kill Chain, STIX) * Working knowledge of OSI model * Working knowledge of security and/or incident response in cloud environments * Working knowledge of software development best practices, including agile methods * Familiar with Atlassian tools * ------------------------------------------------ Job Family Group: Corporate Services * ------------------------------------------------ Job Family: Investigations * ----------------------------------------------------- Time Type: * ----------------------------------------------------- Citi is an equal opportunity and affirmative action employer. Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Citigroup Inc. and its subsidiaries ("Citi") invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi. View the "EEO is the Law" poster. View the EEO is the Law Supplement. View the EEO Policy Statement. View the Pay Transparency Posting Citigroup Inc. New York NY

Cyber Fusion Center Program Manager

Citigroup Inc.