Svp - Advanced Cyber Defense Team Lead (Apac)

The Advanced Cyber Defense (ACD) team is a tactical team inside the Citi Security Operations Center (SOC). The ACD team focuses on advanced threat analysis, custom threat detection techniques, SOC process improvement, and assisting in new security tools and technology evaluation._ **Responsibilities**: This position requires strong leadership, technical knowledge and prior management / team lead experience in a SOC using a wide variety of security tools for monitoring a large-scale enterprise environment. This role requires a highly motivated manager who possesses a strong leadership background and the ability to manage a diverse team of Security Analysts and interact with other teams regularly. This individual must be able to engage as required (including holidays and weekends) to assemble his / her team to act as a tactical team at time of major incident. - Experience with the selection, implementation, and management of enterprise security technologies, including SIEM, anti-virus, EDR, DLP, IDS/ IPS, vulnerability scanners, configuration management, and encryption - Oversee implementation of new technologies within SOC and lead automation of monitoring administrative tools - Experience with leading the development, implementation, and management of processes that ensure security countermeasures and monitoring are effective and sustained on all applicable systems. - Experience with leading the development, implementation, and management of incident response plans and response activities. - Work closely with Security Leadership to identify implement process changes, improvements and efficiencies and ensure solid security practices. - Lead the team by providing direction and guidance to team members in handling issues **Qualifications**: - Bachelor’s degree or equivalent program in Computer Science, Computer Engineering, Electrical Engineering, Network Security, Information Security, Information Technology, or Mathematics (or equivalent work experience). - 10+ years of experience of network/security architecture or operations experience. - Certifications: CISSP, CISM, GCIA, GWAPT, GCIH, GSEC, OSCP, OSCE, OSCP, or similar certification preferable - Security Operations Center experience required - Experience with threat hunting and incident investigation - Familiar with offensive tools, tactics, and techniques - Experience with Firewalls, Intrusion Detection/Prevention Systems, custom signature development skills. - Knowledge of various Operating Systems (Windows, Unix, Mac, etc) - Good understanding of computer networks and OSI model. - Experience working with log management, security monitoring, vulnerability management and security incident/event management tools - Proven leadership, communication, issue resolution and performance management skills - Ability and willingness to think outside of the box to find creative and innovative solutions to reduce costs with a mínimal impact on reliability. - Excellent project management skills, ability to work in a fast-paced and hectic work environment, ability to prioritize tasks effectively; and an ability to work seamlessly across organizational boundaries. - Must be flexible in outlook and have positive attitude under pressure / stress. - Excellent presentation skills and ability to present to senior management. - Excellent planning/time management skills. - Excellent client-facing skills. - Very good understanding of the compromises between reliability, efficiency and cost. **Education**: - Bachelor’s degree/University degree or equivalent experience - Master’s degree preferred This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required. **About Citi** Citi is a preeminent banking partner for institutions with cross-border needs, a global leader in wealth management and a valued personal bank in its home market of the United States. Citi does business in more than 160 countries and jurisdictions, providing corporations, governments, investors, institutions and individuals with a broad range of financial products and services. - **Job Family Group**: Technology - **Job Family**: Information Security - **Time Type**: Full time - Citi is an equal opportunity and affirmative action employer. Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. View the "**EEO is the Law**" poster. View the **EEO is the Law Supplement**. View the **EEO Policy Statement**. View the **Pay Transparency Posting