Security Operations Center, SOC Cyber Fraud Analyst, Level 1-19009338
Who are we?
- Citi Technology Infrastructure (CTI) provides the products and services that enable Citi's workforce, along with the majority of the financial solutions that Citi's customers rely on. We provide the critical technical foundation for Citi's operations through the infrastructure that runs business and general user computing services. We do this by working as one-team to deliver high quality, reliable and modern infrastructure technologies at the right cost. We drive to optimize the functionality and capability of the infrastructure technologies.
- The Security Operations Center Cyber Fraud Analyst will be part of the SOC Team. The team monitors, analyzes and responds to cyber fraud threats on a 24x7 basis.
- The analyst performs monitoring, research, assessment and analysis of Digital Fraud Attacks leveraging various Security Event Monitoring platforms including Web Threat Detection, Real Time Fraud Risk Assessment, Big Data and Digital Application Monitoring tools (ArcSight, Splunk, SAS, Teradata, and enterprise real time fraud detection tools.). Previous experience in cyber security operations or incident response is required.
- Follow pre-defined actions to handle BAU and High severity issues including escalating to other support groups.
- Execute daily ad hoc tasks or lead small projects as needed.
- Create and maintain operational reports for Key Performance Indicators and weekly and monthly metrics.
- Perform assessment as well as troubleshooting to help isolate technical issues with the integration of fraud monitoring technologies
- Participate in daily and ad hoc conference calls to manage quality assurance and documentation related tasks.
- Identify areas for tuning use cases to enhance monitoring value.
- Engage with Fraud Policy, Operations, Strategy and other teams for early detection, prevention and mitigation of detected fraudulent activities.
- 4+ years working in the security & operations fields.
- Bachelor's Degree or higher preferred.
- Ability to communicate effectively both orally and in writing.
- Strong knowledge of current Cyber Fraud trends including common Account Takeover techniques and banking malware.
- Deep understanding of Intrusion Detection analysis (TCP/IP, packet level analysis) as well as Application Layer Protocols (HTTP). Advanced understanding of various operating systems (Windows/UNIX), and web technologies (focusing on Internet security).
- Knowledge of cutting-edge threats and technologies affecting Web Applications.
- Experience with Big Data Technologies, ETL Tools, Data Warehouse and Business Intelligence technologies is preferred.
- Experience with any scripting language (Python, Perl, VBScript) is a plus.
- Experience with vulnerability assessment as well as penetration testing or forensic analysis fields is a plus
- Certifications from EC-Council, GIAC, (ISC)² are preferred [CISSP, C|EH, GCIA, CCNA].
- We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.