- Permanent, Full time
- Citibank NA
(WiT18) Cyber Security Analyst
(WiT18) Cyber Security Analyst
- Primary Location: Singapore,Singapore,Singapore
- Education: Bachelor's Degree
- Job Function: Technology
- Schedule: Full-time
- Shift: Day Job
- Employee Status: Regular
- Travel Time: No
- Job ID: 18069494
As cybercriminals grow more sophisticated and news of major breaches reach headlines nearly daily, cybersecurity professionals are in high demand.
Continued advances in technology ensure that the clients and communities we support are now more connected than ever before. But with these new advances come more sophisticated cyber criminals and attacks against the public and private sector.
Citi's Cyber Security rises to the challenge of our threat landscape by implementing effective situational awareness and improved communication, coordination and collaboration across our global footprint supported by forensic and knowledge management tools that capitalize on our understanding of the current threat landscape.
Diversity is a key business imperative and a source of strength at Citi. We serve clients from every walk of life, every background and every origin. Our goal is to have our workforce reflect this same diversity at all levels. Citi has made it a priority to foster a culture where the best people want to work, where individuals are promoted based on merit, where we value and demand respect for others and where opportunities to develop to are widely available to all.
A Team of Teams - Citi Cyber Security team is comprised of 11 teams that work collaboratively on a daily basis: the Cyber Intelligence Center (CIC), Security Operations Center (SOC), Cyber Security & Investigative Services (CSIS), Global Intelligence Analysis (GIA), Vulnerability Assessment (VA), Security Incident Management (SIM), Advanced Adversary Interdiction (ADV2), Fraud, Third Party Information Security Assessment Process (TPISA), Office of Emergency Management (OEM), and Core Team. The combined analytic effort from these teams provides senior leaders with a more accurate picture of the cyber threat landscape
Cybersecurity jobs span a number of different roles with a variety of job functions.
- In-demand roles include penetration testers, who go into a system or network, find vulnerabilities, and either report them to the organization or patch them themselves
- Computer forensics experts conduct security incident investigations, accessing and analyzing evidence from computers, networks, and data storage devices. Security consultants act as advisors, designing and implementing the strongest possible security solutions based on the needs and threats facing an individual company.
- Responsible to monitors, analyses and responds to infrastructure threats and vulnerabilities on a 24x7 basis
- Focuses on advanced threat analysis, custom threat detection techniques, SOC process improvement, and assisting in new security tools and technology evaluation
- Tests various platforms, performs threat modeling, source code review, and application/infrastructure penetration testing in general
- Provides deep-dive application vulnerability assessment services to Citi businesses globally through a comprehensive testing process, as well as identifying weaknesses and vulnerabilities within the system and proposing/implementing countermeasures
- Supports plan, build and operate functions of various cyber security tools. Performs daily administration, management, configuration, testing, and integration tasks including capacity planning, change management, version/patch management, and lifecycle upgrade management
- Service Development to understand the capabilities and functionalities of different services
- Ensure proper documentation, escalation, tracking, and follow up of all provisioning related issues
- Define/ Enhance service performance goals and metrics, and drive capacity management for required asset
The skills required to work in Citi's Cyber Security team vary depending position.
Some of the key certifications good to have:
- GPEN - GIAC Certified Penetration Tester
- GXPN - GIAC Exploit Researcher and Advanced Penetration Tester
- OSCP - Offensive Security Certified Professional
- CEH - Certified Ethical Hacker
- GWAPT - GIAC Web application Penetration Tester
- GMOB - GIAC Mobile Device Security Analyst
- CICP - Core Impact Certified Professional
- GSSP- Java - GIAC Secure software Programmer Java
- GCIH - GIAC Certified Incident Handler
- GREM - GIAC Reverse Engineering Malware
- CHFI - Computer Hacking Forensic Investigator-
- ArcSight Certified Security Analyst
- ArcSight Certified Content Developer
- Splunk for Analytics and Data Science
- Check Point Certified Security Administrator (CCSA)
- Check Point Certified Security Expert (CCSE)
- Juniper Networks Certified Associate Junos (JNCIA-Junos)
- Juniper Networks Certified Specialist Security (JNCIS-SEC)
- Juniper Networks Certified Expert Security (JNCIE-SEC)
- Palo Alto Networks Certified Network Security Engineer (PCNSE)
- Blue Coat Certified Proxy Administrator (BCCPA)
- Splunk Enterprise System Administration
- Splunk Enterprise Data Administration
- Splunk Fundamentals 1/2
- Symantec Data Loss Prevention Administration
- McAfee Product Specialist-ePO
- Red Hat Certified System Administrator (RHCSA)