Cyber Security Fusion Center Incident Lead Analyst
The Cyber Security Fusion Center (CSFC) Incident Lead Analyst is responsible for driving firm-wide effort to prepare, respond and recover from potential cyber threats and attacks. This role ensures the firm is globally prepared to respond to cyber incidents (resulting from a cyber or technology nexus). This is accomplished through proactive monitoring of emerging incidents, development and execution of cyber incident exercises, and review and maintenance of procedures and runbooks necessary to ensure an orderly response and recovery from cyber events. The CSFC Incident Analyst operates a virtual war room and incident management function during events to ensure coordination, mitigation, and recovery from events in a timely manner. This role also provides a single source of consolidated information, and subsequent incident communication/notifications.
We are looking for proactive and curious individuals to join our team to run exercises and activities to put our most senior leaders to tests with the mission to keep Citi and Citi’s customers safe.
Responsibilities:
- Executes under crisis conditions regardless of the seniority of the audience, with a sense of urgency and mission
- Monitor information sources, including, but not limited to – SIRTS, intelligence updates, major incident channels (ServiceNow), and external news sources – to triage and assess events that may impact Citi, our clients or 3rd parties.
- Facilitate the coordination, communication and escalation response of major cyber incidents impacting our businesses, 3rd parties, vendors and clients
- Serve as a liaison between the CISO, Business and 3rd Party oversight teams, promoting rapid escalation of cyber events and translating cyber technical details into laymen’s terms
- Leads design, planning, coordination and execution of global cyber incident exercises
- Engages country leadership, global business leaders and internal functional teams to assess requirements and identify opportunities to incorporate innovation and improve exercise scope
- Analyzes and presents team outcomes to senior leadership, regulatory bodies and internal business stakeholders
- Supports external exercising activities and client exercise/simulation engagement
Qualifications:
- 6-10 years of relevant experience. Senior stakeholder engagement experience desired
- Incident/Crisis management experience including: Ownership, Assessment and initial support, Escalation/Notification, Business Impact Analysis, Resolution Tracking, Senior escalations
- Experience in exercise design, planning and execution.
- Excellent written and verbal communication skills required to influence and negotiate with senior leaders across functions (including experience in communications with external parties)
- Understanding of Project Management Standards and Stakeholder Management
- Desired professional qualifications: ISC2 Certified in Cybersecurity, Comptia Security+
Education:
- Bachelor’s degree/University degree or equivalent experience
This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.
-------------------------------------------------
Job Family Group:
Technology-------------------------------------------------
Job Family:
Information Security------------------------------------------------------
Time Type:
Full time------------------------------------------------------
Citi is an equal opportunity and affirmative action employer.
Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.
View the "EEO is the Law" poster. View the EEO is the Law Supplement.
View the EEO Policy Statement.
View the Pay Transparency Posting