We are seeking a highly skilled and experienced Senior SOC Analyst to join our Cyber Threat team in the Security Operations Center (SOC). The Global SOC operates in a 24x7, follow the sun model and is the firm's first line of defense against evolving cyber threats, ensuring the safety and integrity of our digital assets. This role requires an individual with deep understanding of SOC processes, incident response, reviewing content/use case and security automation. As a senior analyst, the role would require coaching junior analysts in SOC and provide critical support to the management in handling cyber security incidents.
Responsibilities:
Analyze security events to identify potential threats and intrusions. Events include but not limited to Intrusion Detection/Prevention tools, anomaly detection systems, Firewalls, Antivirus and EDR systems, proxy devices, cloud security solution and data leakage prevention system.
Act as a Level 2 escalation point for incident triage, investigation, and response.
Perform a holistic use cases review and tuning to enhance monitoring value and efficiency.
Develop and maintain advanced security monitoring content such as detection rules, correlation use cases, and security alerts.
Implement and optimize security automation to improve process efficiency and response times.
Lead incident response activities including root cause analysis, containment and remediation efforts.
Collaborate with security infrastructure teams to ensure effective integration of security technologies with operational processes.
Create and maintain comprehensive documentation for SOC procedures.
Participate in/support cyber drill, regulatory, audit requests.
Provide mentorship for junior analysts within the SOC team.
Stay updated with the latest cybersecurity trends, emerging threats and technologies.
The above serves as a basis for understanding the type of work performed. Ad-hoc duties may be assigned as required.
Qualifications and desired qualities:
Bachelor’s degree or higher, major in Cybersecurity is a plus.
Certifications: GCIA, GCIH, CISSP, CISM, GSEC or similar certification preferable.
Strong investigative and analytical mindset with attention to details.
A good team player, self driven and able to act as individual contributor.
Consistently demonstrates clear and concise written and verbal communication.
Manage work relationship with peers and partners.
Work Experience:
8+ years of relevant experience in Cybersecurity operations.
Security Operations Center experience required.
Understand the life cycle of network threats, web attacks, attack vectors, methods of exploitation and aware of the evolving of cyber threat landscape.
Ability to conduct analysis utilizing various logs to identify unusual behavior that may indicate malicious activity.
Good understanding of computer networks, email flow, and operating system logs.
Experience with automation and scripting. Preferably in Powershell/Python.
Experience in XSOAR platforms.
------------------------------------------------------
Job Family Group:
Technology------------------------------------------------------
Job Family:
Information Security------------------------------------------------------
Time Type:
Full time------------------------------------------------------
Most Relevant Skills
Please see the requirements listed above.------------------------------------------------------
Other Relevant Skills
For complementary skills, please see above and/or contact the recruiter.------------------------------------------------------
Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law.
If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.
View Citi’s EEO Policy Statement and the Know Your Rights poster.
Citi Compensation & Benefits Highlights
The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about Citi and has not been reviewed or approved by Citi.
-
Healthcare Strength — Benefits coverage is positioned as comprehensive, including health, dental, and vision insurance plus on-site clinics, prescription drug support, and disability coverage. Family-building support such as fertility assistance is described as a notable differentiator within the overall package.
-
Retirement Support — Retirement benefits are framed as strong, highlighted by a 401(k) with matching and additional plan options like a Roth 401(k). Financial support is reinforced through discounts and broader financial guidance resources tied to the benefits ecosystem.
-
Wellbeing & Lifestyle Benefits — Wellbeing support extends beyond insurance through programs like an Employee Assistance Program, counseling/legal resources, and gym or wellness reimbursement. These offerings increase the perceived total rewards value even when cash compensation sentiment varies by role.
Citi Insights
Similar Jobs
What We Do
Citi's mission is to serve as a trusted partner to our clients by responsibly providing financial services that enable growth and economic progress. Our core activities are safeguarding assets, lending money, making payments and accessing the capital markets on behalf of our clients. We have 200 years of experience helping our clients meet the world's toughest challenges and embrace its greatest opportunities. We are Citi, the global bank – an institution connecting millions of people across hundreds of countries and cities.
