SIRT Incident Specialist
Citi's SIRT Incident Management Team is a global team that manages all information security incidents for Citigroup and its affiliates with team members around the globe. As a SIRT Incident Handler, you will report into the SIRT Incident Management Team and work closely with other internal teams to provide oversight of emergency response to information security incidents to quickly identify, respond, and mitigate the risk from Information Security incidents that impact the firm. Key Responsibilities:
•Review and analyse IS Incidents to identify those that pose a significant risk to the Citigroup franchise and its affiliates, and escalating those IS Incidents in accordance with Citigroup policy and procedures.
•Review the details of all reported incidents to determine whether they constitute an IS Incident.
•Review and verifying the accuracy of the reported severity level of an incident.
•Provide technical subject matter expertise to mitigating risk to impacted parties throughout an incident.
•Work with internal and external constituents to minimize risks associated with IS Incidents, including convening appropriate Subject Matter Experts to assist investigations and ensuring that all relevant facts of the IS Incident are properly communicated and reflected in the SIM Application.
•Track follow-up documentation related to an IS Incident, including Root Cause Analyses (RCAs), Lessons Learned and SIRT Remediation Plans throughout the incident lifecycle till closure.
•Ensuring that SIRT metrics are available to senior management at the business and corporate level.
•Oversee the quality, availability, and integrity of the data in the Security Incident Management Application (SIM Application)
#LI-SG Qualifications and Competencies
• Bachelors degree or equivalent work experience.
• Working in an Incident Response role with experience in examining suspicious/malicious network events, analyzing malicious code/exploits, and system/network forensics.
• Extensive years working in IT/IT security, preferably a 24x7 operational environment, or educational equivalent.
• Experience in security aspects of multiple platforms, operating systems, software, communications and network protocols or an equivalent combination of education and work experience.
• Understanding of networking protocols and infrastructure designs; including routing, firewall functionality, host and network intrusion detection/prevention systems, encryption, load balancing, and other network protocols.
• Experience with Reverse Engineering malicious code and Web/Network Penetration Testing is a plus.
• Experience with Databases, SQL knowledge is a plus.
• Experience administering and troubleshooting operating systems; including Solaris, Linux, and Microsoft Windows Server is a plus.
• Certified Information Systems Security Professional (CISSP) certified/qualified or ability to actively work towards obtaining certification or equivalent industry leading security certification
• Certified GIAC Certified Incident Handler (GCIH) or demonstrated skills and ability to obtain certification.
• Excellent communication skills, analytical ability, strong judgment and leadership skills, and the ability to work effectively with stakeholders and management.
• Previous experience working within a Global Team a plus.
• Experience of mentoring junior team members desired.
• Ability to communicate technical issues to technical and non-technical business representatives.
• Ability to understand strategic objectives and vision, and work towards those goals.
• Dedicated and self-driven desire to research current Cyber security landscape APTs and Nation State Actors
Exceptional candidates who do not meet these criteria may be considered for the role provided they have the necessary skills and experience.
Grade :All Job Level - All Job FunctionsAll Job Level - All Job Functions - SG ------------------------------------------------------
Time Type :Full time ------------------------------------------------------
Citi is an equal opportunity and affirmative action employer.
Minority/Female/Veteran/Individuals with Disabilities/Sexual Orientation/Gender Identity.
Citigroup Inc. and its subsidiaries ("Citi") invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity CLICK HERE .
To view the "EEO is the Law" poster CLICK HERE . To view the EEO is the Law Supplement CLICK HERE .
To view the EEO Policy Statement CLICK HERE .
To view the Pay Transparency Posting CLICK HERE .