Security Incident Tier 3 Team Leader (SVP)
New York, NY
Citi's SIRT Incident Management Team is a global team that manages all information security incidents for Citigroup and its affiliates with team members located globally. As a Team Leader of the Security Incident Management (SIM) Team, you will participate in overseeing the Tier 3 Team technical review of all SIRTs submitted globally, providing oversight of emergency response to security incidents to quickly identify, respond, and mitigate the risk from Security incidents that could impact Citi.
In order to achieve the above results, this position will be responsible for the below functions:
The Tier 3 Team Leader will have oversight of the Tier 3 Teams technical review of all SIRTs submitted globally
Ensuring the team reviews and analyzes all Security Incidents to identify those that pose a significant risk to the Citi franchise and its affiliates, and escalating those Security Incidents in accordance with Citi policy and procedures.
Ensuring the team reviews and verifies the initial accuracy of the reported severity level of Security Incidents.
Ensuring the team work with internal and external constituents to minimize risks associated with Security Incidents, including convening appropriate Subject Matter Experts to assist investigations and ensuring that all relevant facts related to the IS Incident are properly communicated.
Ensuring the team assists with tracking and follow-up documentation related to an IS Incident, including Root Cause Analyses (RCAs), Lessons Learned and SIRT Remediation Plans throughout the incident lifecycle until closure.
Bachelors degree or equivalent work experience.
6+ years working in a Security Incident Response role with experience in examining suspicious/malicious network events, analyzing malicious code/exploits, and system/network forensics.
Extensive years working in IT/IT security, preferably a 24x7 operational environment, or educational equivalent.
Experience within security aspects of multiple platforms, operating systems, software, communications and network protocols or an equivalent combination of education and work experience.
Understanding of Networking Protocols and Infrastructure designs; including routing, firewall functionality, host and network intrusion detection/prevention systems, encryption, load balancing, and other network service and protocol considerations.
Experience with Reverse Engineering malicious code and Web/Network Penetration Testing is a plus.
Experience of OSINT gathering and knowledge of various technical and operational level Cyber programs such as CIC, VA, SOC and Insider Threat
Experience and / or knowledge of scripting or programming is a plus.
Experience administering and troubleshooting operating systems, including Solaris, Linux, and Microsoft Windows Server is a plus.
Knowledge of Critical Security Controls and how they relate to common frameworks and standards.
Experience of working with IS Audits along with a clear understanding of Cyber Risk as it pertains to the modern threat environment is considered a plus.
Excellent analytical ability, strong judgment and leadership skills, and the ability to work effectively with clients, IT management and staff.
Ability to communicate technical issues to both technical and non-technical business representatives.
Ability to understand strategic objectives and vision, and work towards those goals.
Dedicated and self-driven desire to research the current Cyber Security Threat landscape.
Non-technical skills required:
Strong customer and quality-focus is a must.
Sound problem resolution, judgment, and decision-making skills required.
Excellent organizational, interpersonal, and project management skills
Excellent communication skills both written and oral
Self-starter and ability to work in a team environment
Hard working and self-motivated.
Able to work effectively under pressure
Exceptional candidates who do not meet these criteria may be considered for the role provided they have the necessary skills and experience.
Grade :All Job Level - All Job FunctionsAll Job Level - All Job Functions - US
Time Type :Full time
Citi is an equal opportunity and affirmative action employer.
Minority/Female/Veteran/Individuals with Disabilities/Sexual Orientation/Gender Identity.
Citigroup Inc. and its subsidiaries ("Citi) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity CLICK HERE.