Cyber Security Fusion Center Incident Lead Analyst

Are you looking for a career move that will put you at the heart of a global financial institution? Then bring your skills in analysis, problem solving and communication to Citi bank. By Joining Citi, you will become part of a global organisation whose mission is to serve as a trusted partner to our clients by responsibly providing financial services that enable growth and economic progress.

The Cyber Security Fusion Center (CSFC) Incident Lead Analyst is responsible for driving firm-wide effort to prepare, respond and recover from potential cyber threats and attacks. This role ensures the firm is globally prepared to respond to cyber incidents (resulting from a cyber or technology nexus). This is accomplished through proactive monitoring of emerging incidents, development and execution of cyber incident exercises, and review and maintenance of procedures and runbooks necessary to ensure an orderly response and recovery from cyber events. The CSFC Incident Analyst operates a virtual war room and incident management function during events to ensure coordination, mitigation, and recovery from events in a timely manner. This role also provides a single source of consolidated information, and subsequent incident communication/notifications.

We are looking for proactive and curious individuals to join our team to run exercises and activities to put our most senior leaders to tests with the mission to keep Citi and Citi’s customers safe.

**Responsibilities**:

- Executes under crisis conditions regardless of the seniority of the audience, with a sense of urgency and mission
- Monitor information sources, including, but not limited to - SIRTS, intelligence updates, major incident channels (ServiceNow), and external news sources - to triage and assess events that may impact Citi, our clients or 3rd parties.
- Facilitate the coordination, communication and escalation response of major cyber incidents impacting our businesses, 3rd parties, vendors and clients
- Serve as a liaison between the CISO, Business and 3rd Party oversight teams, promoting rapid escalation of cyber events and translating cyber technical details into laymen’s terms
- Leads design, planning, coordination and execution of global cyber incident exercises
- Engages country leadership, global business leaders and internal functional teams to assess requirements and identify opportunities to incorporate innovation and improve exercise scope
- Analyzes and presents team outcomes to senior leadership, regulatory bodies and internal business stakeholders

**Qualifications**:

- Extensive relevant experience. Senior stakeholder engagement experience desired
- Incident/Crisis management experience including: Ownership, Assessment and initial support, Escalation/Notification, Business Impact Analysis, Resolution Tracking, Senior escalations
- Experience in exercise design, planning and execution.
- Excellent written and verbal communication skills required to influence and negotiate with senior leaders across functions (including experience in communications with external parties)
- Understanding of Project Management Standards and Stakeholder Management
- Desired professional qualifications: ISC2 Certified in Cybersecurity, Comptia Security+

**Education**:

- Bachelor’s degree/University degree or equivalent experience
- **Job Family Group**:
Technology
- **Job Family**:
Information Security
- **Time Type**:
Full time
- Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

View the "**EEO is the Law**" poster. View the **EEO is the Law Supplement**.

View the **EEO Policy Statement**.

View the **Pay Transparency Posting