Primary Location: United States,New York,New York
Education: Bachelor's Degree
Job Function: Technology
Shift: Day Job
Employee Status: Regular
Travel Time: No
Job ID: 19008055
We are currently hiring a Third Party Cyber Risk Analyst, to be a liaison to Citi Fusion Center and The Citi Cyber Intelligence Team. The person will be responsible for monitoring, analyzing, documenting and responding to security events, and performing incident response.
Responsible for analyzing, documenting and responding to security events, and performing incident response.
Identify cyber security threats and perform analysis of reported anomalies. Clearly identify those threat vectors that are specifically threatening to Citi, and contribute to remediation.
Serve as subject matter expert in incident response and digital forensics.
Use all available tools and data sources to verify accuracy, consolidate/translate data into actionable intelligence, analyze and understand security posture, understand top threats, and provide intelligence reports to stakeholders.
Document findings, communicate the findings with the 3rd Party entities and follow up on remediation.
Monitor threat intelligence reports.
To manage escalation and investigation risk related to third party in coordination with Fusion Center and CIC
Act as liaison to the Citi Cyber Security Fusion Center for TPISA Operations and Third party Continuous Monitoring.
Provide update on the Fusion Center weekly briefing to include information regarding TPAQs and TPCM escalations.
o Updating the CSFC dashboard on a weekly basis.
o Sending the brief slides to counterparts in ASPAC.
Participate in the wall-walk about the TPCM/TPISA dashboard when clients visit the CSFC.
Annually submitting inputs for the CSFC Annual Report.
Responsible for improving relevant knowledge, skills, and abilities through research, training, and other professional development activities.
Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management. Our core activities are safeguarding assets, lending money, making payments and accessing the capital markets on behalf of our clients.
Citi's Mission and Value Proposition explains what we do and Citi Leadership Standards explain how we do it. Our mission is to serve as a trusted partner to our clients by responsibly providing financial services that enable growth and economic progress. We strive to earn and maintain our clients' and the public's trust by constantly adhering to the highest ethical standards and making a positive impact on the communities we serve. Our Leadership Standards is a common set of skills and expected behaviors that illustrate how our employees should work every day to be successful and strengthens our ability to execute against our strategic priorities.
Diversity is a key business imperative and a source of strength at Citi. We serve clients from every walk of life, every background and every origin. Our goal is to have our workforce reflect this same diversity at all levels. Citi has made it a priority to foster a culture where the best people want to work, where individuals are promoted based on merit, where we value and demand respect for others and where opportunities to develop to are widely available to all.
Bachelor's Degree in IT or Computer Science (Master's preferred), or equivalent work experience
Strong Information Security (IS) and Third Party Information Risk background is a REQUIREMENT for this position.
Strong capability intelligence analysis in the area of Cyber Security, Computer Intrusion Analysis, Technology Transfer/Protection, Emerging Technologies, Systems and Vulnerabilities.
Familiarity with internet/networking technologies including protocols (TCP/IP, RIP, BGP, ARP, etc.), routers/switches, domain name system, regional internet registries, autonomous systems, etc.
Working knowledge of computer networks, firewalls, routers, and intrusion detection systems and types of log/security produced by these devices is highly desired
5+ years of experience researching threat actors and threat groups within the cybercrime ecosystem
5+ years of experience of Identify cyber security threats and perform analysis of reported anomalies. Clearly identify those threat vectors that are specifically threatening to Allison Transmission, and contribute to remediation. Advanced familiarity/proficiency in Computer Intrusion Analysis, Technology Transfer, Systems & Vulnerabilities and Information Operations.
5+ years of experience utilizing threat and vulnerabilities tools, methods and software (LookingGlass ScoutPrime, Risk Recon etc.)
Demonstrated ability to use computer tools and software in analyzing numerical and written material to develop logical conclusions and to produce technical assessments for use in finished
Excellent written, verbal communication skills and strong organizational skills.
Superior use of MS Productivity Software such as MS Access, MS Word, VISIO, PowerPoint, Excel, and Access.
Ability to work independently and with minor supervision, as well as in a team environment
Ethical, accountable, and customer focused.