Overview of the Role:

Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments, and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management.

As a bank with a brain and a soul, Citi creates economic value that is systemically responsible and in our clients’ best interests. As a financial institution that touches every region of the world and every sector that shapes your daily life, our Enterprise Operations & Technology teams are charged with a mission that rivals any large tech company. Our technology solutions are the foundations of everything we do from keeping the bank safe, managing global resources, and providing the technical tools our workers need to be successful to designing our digital architecture and ensuring our platforms provide a first-class customer experience. We reimagine client and partner experiences to deliver excellence through secure, reliable, and efficient services.

Our commitment to diversity includes a workforce that represents the clients we serve from all walks of life, backgrounds, and origins. We foster an environment where the best people want to work. We value and demand respect for others, promote individuals based on merit, and ensure opportunities for personal development are widely available to all. Ideal candidates are innovators with well-rounded backgrounds who bring their authentic selves to work and complement our culture of delivering results with pride. If you are a problem solver who seeks passion in your work, come join us. We’ll enable growth and progress together.

The cyber defense analyst for Services within the Business, Functions and Technology (BFT) is responsible for maintaining a secure technology ecosystem free from high-risk vulnerabilities and rapidly respond to the changing threat landscape and business demand to mitigate cyber risk for the Services business.

Key responsibilities:

• Vulnerability Operations
  • Ensure business and technology remain within risk tolerance for all applicable Cybersecurity risk appetites and sustain it with the consistent operating model.
  • Enhance current vulnerability management (VTM) operating model in line with BFT Risk Governance organization with Path-to-appetite and reporting.
  • Timely escalate to CISO Leadership and Businesses and ensure VTM risk treatment responses are entered in a timely fashion
  • Support Vulnerability Organization to improve the quality and integrity of VTM/GEM reports
  • Continue supporting vulnerability management Uplift Program activities and reduce risk while reducing stakeholders’ pain-points (data/reporting, false positives, processes).
  • Perform root cause analysis of VA Issues and identification of repeated offenders for high risk vulnerabilities

• Security Assessments
  • Conduct security reviews to check for security compliance to Bank’s requirements
• Security Incident Response
• Identify areas of repeating SIRT incidents, related trending and work with technology team and ISO contacts in reducing repeat volume instances.
• Identify opportunities for improving SIRT workflow efficiencies and developing reporting which better reports on root causes for bringing down repeat instance volumes
• Work with SIM and  ISO community to facilitate the adherence of SIRT reporting timelines as per defined within SIRT standard, as well as identify deviations and its cause
• Define and document escalation and response procedures between IR CFSC and Cyber Defense.
• Document/update a Cyber Response plan or guideline to complement Business or Country Crisis Management Plans and support Crisis Management Team training. 

Requirements:

• 5+ years of relevant experience
•  Possesses deep and broad technical expertise across multiple security domains and security controls (e.g., threat intelligence, forensics, vulnerability management, security architecture, application security). Proficient in advanced analytical techniques.

This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.