As a bank with a brain and a soul, Citi creates economic value that is systemically responsible and, in our clients’ best interests. As a financial institution that touches every region of the world and every sector that shapes your daily life, our Enterprise Operations & Technology teams are charged with a mission that rivals any large tech company. Our technology solutions are the foundations of everything we do. We keep the bank safe and provide the technical tools our workers need to be successful. We design our digital architecture and ensure our platforms provide a first-class customer experience. Our operations teams manage risk, resources, and program management. We focus on enterprise resiliency and business continuity. We develop, coordinate, and execute strategic operational plans. Essentially, Enterprise Operations & Technology re-engineers client and partner processes to deliver excellence through secure, reliable, and controlled services.
Trust is part of our DNA at Citi. As such, we take safeguarding our customer data very seriously. The Chief Information Security Office (CISO) is made up of deeply dedicated and talented colleagues who work together to ensure the safety of Citi’s and our clients’ assets and information. We manage information security as an end-to-end program – one with a clear mandate and accountability. Our mission is to continually execute and enhance a global security program that is fully anchored to modern control and security frameworks, fully aligned with the technology of the firm, threat-focused and data-driven, and deeply integrated across all Citi businesses globally.
Being talent-driven, we are focused on attracting, developing, and retaining diverse and inclusive talent with a high technical skill level. As a member of our team, we will provide you with career development opportunities at all stages of your career. Our employees model a passion for protecting Citi and our clients and believe in treating others with dignity and respect.
Citi's Security Incident Record (SIRT) Incident Management Team is a global team that manages all information security incidents for Citigroup and its affiliates with team members located globally. As a member of the Security Incident Management (SIM) Team, you will participate in overseeing the SIRT documentation process, providing oversight of incident response to information security incidents. This will enable your colleagues to quickly identify, respond, and mitigate the risk from Information Security incidents that impact the firm.
Citi's SIRT Incident Management (SIM) Team Metrics and Reporting (M&R) Team seeks a highly skilled information security professional with information security, project management and data analytics skills for driving efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy. This is a demanding role with global exposure and responsibility.
Responsibilities:
As a Metrics & Reporting (M&R) Analyst on the SIM Team, your primary responsibility is to provide global support for SIM’s efforts to collect, track, monitor, and report on trends in our security environment, ensuring we paint an accurate picture of Citi’s security posture, the effectiveness of our risk and control environment, and our progress in making the bank safer. M&R analysts empower a wide range of stakeholders from security professionals, to operational decision makers, to strategically focused executives, to federal regulators, helping them understand the reality of bank security and arming them with the data and analysis they need to make informed and effective decisions. You will serve as a data collector and analyst, technical troubleshooter, process automation expert, and data-visualization professional. In telling the story of Citi’s security posture, you will also have opportunities for direct stakeholder engagement, governance and process development, documentation production and product professionalization. Your actions will impact security decisions across the organization and play an important part in maturing the incident response program.
Related activities include but are not limited to:
* Collect and interpret metrics based on data in the SIRT record
* Develop, troubleshoot, and enhance reports based on security metrics in response to stakeholder requests
* Develop and promote automation of metrics and reporting process
* Improve product standardization and data visualization efforts
* Consult with leadership to improve program governance
* Engage with stakeholders to collect and document requirements, manage expectations, and build rapport
* Strengthen Information Security compliance by seeking opportunities to enhance the efficiency of SIRT standards and processes and procedures and supporting ongoing audits.
* Pursue information centralization to support subsequent the SIM Team's standardization and automation efforts.
* Demonstrate strong understanding of the SIRT process. Provide SIRT oversight and increasing processing efficiency with well-documented regionally consistent and repeatable SIRT processes, targeted metrics, updated training materials and SIRT Deep Dive and Peer Review discussions.
* Operationalize strategic security programs by making them efficient, scalable, and reliable. Identify program risks and drive the implementation of recommended mitigations.
* Ensure Incident Response Plan documentation is current, manage internal reviews and approvals by governance.
* Manage project deadlines, deliverables, progression and project planning for SIM Team efforts and projects that require collaboration between multiple teams. Lead team through projects by defining scope/success criteria, setting expectations, establish timelines, implementing solutions and measuring success and lessons learned.
* Drive internal productivity, standardization, and process re-engineering, identify opportunities to simplify both operational and strategic environment and reduce risk.
* Utilize existing approved communication tools to facilitate real-time communication and knowledge management within SIM and manage SIM Team Knowledge Base Wikis.
This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.
Qualifications:
A skilled and creative Team player. Success will depend on your ability to:
* Strong organization and project management skills
* Stay current with the evolving landscape of relevant applications, tools, and information best practices
* Write clean, efficient, well documented processes, documentation, or queries
* Be independent, results oriented, and thorough in examination and analysis.
A goal oriented individual contributor. Success will depend on your ability to:
* Stay motivated and work independently with minimal oversight
* Adapt to changing requirements in a fast-paced environment
* Multitask and meet deadlines despite competing priorities
* Navigate operational impediments to complete time sensitive tasks
* Identify and document any opportunities for process improvement
A reliable team player. Success will depend on your ability to:
* Practice mutual respect always
* Establish trust and build strong partnerships
* Resolve conflict in a constructive manner and use as an opportunity to develop team unity
* Prioritize collective success ahead of individual ambition
A great communicator. Success will depend on your ability to:
* Establish clear narratives to describe any observations and recommendations
* Clearly and concisely articulate goals and expectations to your teammates
* Motivate colleagues and partners to cooperate and support as needed
* Exert influence both verbally and in writing
Requirements:
Education:
* Bachelor’s degree/University degree or equivalent experience
* Master’s degree preferred.
Knowledge and Skills:
* Significant years of relevant experience
* Additional technical certifications are preferred
* Demonstrated ability to research and apply current information regarding the IS field
* Proven analytical skills
* Sound problem resolution, judgment, and decision-making skills required.
* Able to work effectively under pressure.
* Working knowledge of relational database systems and concepts (SQL Server)
* Proficient in an object-oriented programming language (e.g., Visual Basic)
* Proficient in query language (e.g. SQL). Advanced knowledge of Microsoft Excel functions/formulas, pivot tables, dashboards
* Visual Reporting Studio, SSIS, SSRS, VBScripts and other analytic tools
* Knowledge of Alteryx, Tableau, Python, and ServiceNow administration a plus.
* Working knowledge of agile knowledge management tools (e.g., Jira, Confluence)
* Basic knowledge of common security threats and vulnerabilities, attack vectors, and adversary tactics, techniques, and procedures (TTP's)
* Certified Information Systems Security Professional (CISSP) certified/qualified or ability to actively work towards obtaining certification a plus.
* Any professional certifications issued by SANS, GIAC, AWS, etc a plus.
* Working knowledge of security and/or incident response a plus
* Working knowledge of common security models (Defense-in-Depth), standards (NIST 800-53, CIS 20 Controls) and frameworks (MITRE Attack, Cyber Kill Chain, STIX) a plus.
About Citi:
Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments, and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management.
Citi is an equal opportunity and affirmative action employer.
Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.
#J-18808-Ljbffr