Citi SOC Advanced Cyber Defense Team Member in Irving, Texas
Primary Location: United States,Texas,Irving
Education: Bachelor's Degree
Job Function: Technology
Shift: Day Job
Employee Status: Regular
Travel Time: No
Job ID: 18001929
The Advanced Cyber Defense (ACD) team is a group inside the Citi Security Operations Center (SOC). The ACD team focuses on advanced threat analysis, custom threat detection techniques, SOC process improvement, and assisting in new security tools and technology evaluation. ACD team members need experience in multiple security disciplines including; IDS signature creation, log analysis, malware analysis, Linux/Unix command line and scripting. ACD team member duties include, but are not limited to developing new processes and procedures to enhance SOC monitoring, analysis and escalation procedures, research in new areas of risk and exposures where the SOC should focus, participate in major security events as a Subject Matter Expert (SME), and provide guidance to SOC Tier 1 and SOC Tier 2 analysts’ investigations and perform further analysis as needed.
• Enhance current deployment of commercial tools used by Security Operations Center.
• Develop new processes and procedures to enhance SOC monitoring, analysis and escalation procedures.
• Research and identify the new areas of risk and exposure where SOC should focus.
• Participate in major security events as subject matter expert.
• Participate in SOC internal projects such as SOC tools development, data analytics and SOC lab expansion.
• Provide guidance to SOC Tier 1 and SOC Tier 2 on investigations and further analysis as needed.
The candidate should have Security Operations Center / Technical Cyber Intelligence analyst background. He/she should be able to perform the SOC analyst Tier 2 duties in addition to following experience and advanced threat analysis skills:
• Overall understanding of network and application analysis
• Malware Analysis
• Network security monitoring and intrusion detection
• Application Security Monitoring
• Programming and debugging