Citi Security Operations Center (SOC) Analyst in Irving, Texas
Primary Location: United States,Texas,Irving
Education: Bachelor's Degree
Job Function: Technology
Shift: Day Job
Employee Status: Regular
Travel Time: No
Job ID: 16012939
The Security Operations Center Information Security Analyst will be part of the SOC Team. This center monitors, analyses and responds to infrastructure threats and vulnerabilities. SOC Analysts will be responsible for performing the day-to-day monitoring of Citi's environment, analyzing, responding to events as necessary and providing technical support.
These operations are critical since they provide Citi's first line of defense against infrastructure attacks.
•Analyst performs monitoring, research, assessment and analysis on Intrusion Detection and Prevention tools as well as Anomaly Detection systems, Firewalls, Antivirus systems, proxy devices which requires demonstrable security incident response experience.
•Follow pre-defined actions to handle BAU and High severity issues including escalating to other support groups. Execute daily adhoc tasks or lead small projects as needed.
•Create and maintain operational reports for Key Performance Indicators and weekly and Monthly Metrics.
•4+ years working in the security & operations fields.
•Bachelor's Degree or higher preferred.
•Excellent knowledge of Intrusion Detection (deep TCP/IP knowledge, and Cyber security), various operating systems (Windows/UNIX), and web technologies (focusing on Internet security).
•Experience in web development and programming languages i.e. Java, XML, Perl and HTML.
•Ability to read and understand packet level data.
•Intrusion detection and prevention and Network Security Products (IDS/IPS, firewalls, etc) Host Security Products (HIPS, AV, scanners, etc)
•Knowledge of cutting edge threats and technologies effecting Web Application vulnerabilities and recent internet threats.
•Exposure on Vulnerability assessment as well as penetration testing or forensic analysis fields are an advantage.
•A good understanding of security, web-based and infrastructure vulnerabilities is required.
•Certifications from EC-Council, GIAC, (ISC)² are preferred [CISSP, C|EH, GCIA, CCNA].