Advanced Cyber Defense Analyst

Engineer the future of global finance. At Citi, our Tech team doesn't just support finance – we are helping to redefine it. Every day, $5 trillion crosses through our network. We do business in 180+ countries operating at a scale few can match. From deploying advanced AI to helping shape global markets, we build systems that matter. Look to join a team where your work helps influence economies, your ideas can drive innovation and outcomes, and your growth is backed by mentorship, continuous learning and flexibility with potential hybrid work opportunities. Help solve real-world challenges that touch millions and get the opportunity to build the future of finance with Citi Tech.

The Advanced Cyber Defense (ACD) team is a group within Citi's Security Operations Center (SOC).  ACD is a full-time Threat Hunt team focusing on advanced threat analysis, custom threat detection techniques, process improvement and evaluation of new security tools and technology.  ACD team members are subject matter experts in multiple cyber security disciplines including threat hunting, content creation, network and end-point log analysis, malware analysis, using Windows/Linux/Unix command line and script development.  ACD team member duties include but not limited to development of new SOC processes and procedures to enhance operations, performing research of emerging cyber security threats, participation and contribution as a Subject Matter Expert (SME) in major security events and providing guidance to SOC Tier 1 and SOC Tier 2 analysts. Qualified candidates should have strong analytical skills, a proven network security background with knowledge of associated tools, and the ability to conduct analysis of samples of malicious files in a lab environment.

Principle Responsibilities:

• Projects:
  • Conduct research on new technology offerings and determine applicability in Citibank's SOC.
  • Evaluate and advise on the implementation and effectiveness of the cybersecurity safeguards to ensure that they provide the intended level of protection.
  • Development of new tools, processes, and procedures to enhance SOC monitoring and analysis capabilities
• Process Improvement:
  • Perform risk assessments and threat modelling to identify gaps in SOC monitoring capabilities and devise strategies to minimize the risk
  • Conduct online research of the latest cyber threats and ensure those can be detected by existing in-house technologies
• Automation:
  • Identify redundant tasks and automate them to increase efficiency of the SOC team
  • Utilize SOAR to develop playbooks for automating complex use cases

Requirements:

The candidate should ideally have relevant Cyber Security background, particuclarly in Security Operations Center, Threat Hunting or Incident Response related roles. Our potential new team member is soon expected to to be able to perform threat hunting duties and therefore should have some specific experience and skills, including:

• 1-5 years working in the security & operations fields
• Possessing fundamental knowledge of networks (TCP/IP) and operating systems (Windows/Linux)
• Hands-on experience with cyber security solutions; SIEM, AV, NIDS, EDR and/or big data solutions
• Ability to investigate network traffic, read and interpret logs and packet captures, investigate email threats
• Experience with advanced threat analysis, cyber security incident response, web/shell programming as well as being familiar with malware and memory analysis techniques are advantageous
• Bachelor's Degree or higher preferred

Desired Personal skills:

• Critical thinking and analytical skills
• Good written and oral communications skills
• Team player with the ability to work independently

What we can offer you:

By joining Citi Hungary, you will not only be part of a business casual workplace with a hybrid working model (up to 2 days working at home per week), but also receive a competitive compensation package and enjoy a whole host of additional benefits that support you (and your family) to be well, live well and save well:

• Cafeteria Program
• Home Office Allowance (for colleagues working in hybrid work models)
• Paid Parental Leave Program (maternity and paternity leave)
• Private Medical Care Program and onsite medical rooms at our offices
• Pension Plan Contribution to voluntary pension fund
• Group Life Insurance
• Employee Assistance Program
• Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
• Flexible work arrangements to support you in managing work - life balance
• Career progression opportunities across geographies and business lines
• Socially active employee communities with diverse networking opportunities

Alongside these benefits Citi is committed to ensuring our workplace is where everyone feels comfortable coming to work as their whole self every day.  We want the best talent around the world to be energized to join us, motivated to stay, and empowered to thrive. 

Sounds like Citi has everything you need?

Then apply to discover the true extent of your capabilities. 

#LI-AE1

Job Family Group:

Technology

Job Family:

Information Security

Time Type:

Full time

Most Relevant Skills

Please see the requirements listed above.

Other Relevant Skills

For complementary skills, please see above and/or contact the recruiter.

Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law.

If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View Citi's EEO Policy Statement and the Know Your Rights poster.

---