Citi
Cloud Security Incident Remediation Lead, VP (C13)
Citi, Greendale, Wisconsin, United States, 53129
Cloud Security Incident Remediation Lead, VP (C13)
CitiCiti is a leading global bank for institutions with cross-border needs, a global provider in wealth management and a U.S. personal bank.Citi has approximately 200 million customer accounts and operates in more than 160 countries. We provide a broad range of financial products and services, including consumer banking, corporate and investment banking, and wealth management.As a bank with a brain and a soul, Citi creates economic value that is systemically responsible and in our clients’ best interests. Our Operations & Technology teams are charged with a mission that rivals any large tech company, providing the technical tools our workers need to be successful and ensuring our platforms deliver a first-class customer experience.Our commitment to diversity includes a workforce that represents the clients we serve from all walks of life. We foster an environment where the best people want to work and ensure opportunities for personal development are widely available.The Role:Citi's Cloud Incident Response (IR) Team is looking for a highly skilled and experienced cloud incident response practitioner to support efforts aimed at protecting Citi's public cloud infrastructure, assets, clients, and stakeholders. This role will be a technical subject matter expert and an ambassador for the Cloud Incident Response team. You will collaborate closely with cloud security specialists and incident responders to react urgently to security events.As an individual contributor, you will triage and investigate cybersecurity incidents in Citi's public cloud environments. This position will be technically challenging and rewarding while providing ample opportunity to establish partnerships and shape team culture.Responsibilities:Lead and support in-depth triage and investigations of urgent cyber incidents and remediation in Cloud.Facilitate Cloud focused investigations by analyzing logs relevant to the underlying cloud service provider (CSP).Utilize automation to gather forensic artifacts for in-depth analysis.Take ownership of Cloud incidents and drive them to conclusion.Conduct host-based analytical functions to uncover Indicators of Compromise (IOCs) and Tactics, Techniques and Procedures (TTPs).Document investigation analysis capturing the Who, What, When, Where, Why, and How related to the incident.Develop, document, and maintain operationally effective playbooks to deal with Cloud-based incidents.Build and nurture key stakeholder relationships essential to the IR team success.Stay current with the evolving landscape of threat activities and cybersecurity best practices.Qualifications:4+ years' professional experience in Cloud Security and/or Information Security.2+ years' hands-on experience in Cyber Incident Response and Investigations.Hands-on experience with Cloud environments and security-oriented services.Strong working knowledge of Networking Protocols and Cloud Infrastructure Designs.Must have flexibility to work outside of normal business hours when necessary.Education:Bachelor's degree in a technically rigorous domain such as Computer Science, Information Security, Engineering, etc.1 or more of the following Certifications is highly preferred:AWS Certified Solutions Architect - ProfessionalAWS Certified Security - SpecialtyGCP Professional ArchitectGCP Professional Cloud Security EngineerThis job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.Job Family Group:
TechnologyJob Family:
Information SecurityTime Type:
Full timePrimary Location:
Irving Texas United StatesSalary Range:
$125,760.00 - $188,640.00In addition to salary, Citi’s offerings may also include benefits such as medical, dental & vision coverage; 401(k); and wellness programs.Anticipated Posting Close Date:
Oct 17, 2024Citi is an equal opportunity and affirmative action employer. Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
#J-18808-Ljbffr
CitiCiti is a leading global bank for institutions with cross-border needs, a global provider in wealth management and a U.S. personal bank.Citi has approximately 200 million customer accounts and operates in more than 160 countries. We provide a broad range of financial products and services, including consumer banking, corporate and investment banking, and wealth management.As a bank with a brain and a soul, Citi creates economic value that is systemically responsible and in our clients’ best interests. Our Operations & Technology teams are charged with a mission that rivals any large tech company, providing the technical tools our workers need to be successful and ensuring our platforms deliver a first-class customer experience.Our commitment to diversity includes a workforce that represents the clients we serve from all walks of life. We foster an environment where the best people want to work and ensure opportunities for personal development are widely available.The Role:Citi's Cloud Incident Response (IR) Team is looking for a highly skilled and experienced cloud incident response practitioner to support efforts aimed at protecting Citi's public cloud infrastructure, assets, clients, and stakeholders. This role will be a technical subject matter expert and an ambassador for the Cloud Incident Response team. You will collaborate closely with cloud security specialists and incident responders to react urgently to security events.As an individual contributor, you will triage and investigate cybersecurity incidents in Citi's public cloud environments. This position will be technically challenging and rewarding while providing ample opportunity to establish partnerships and shape team culture.Responsibilities:Lead and support in-depth triage and investigations of urgent cyber incidents and remediation in Cloud.Facilitate Cloud focused investigations by analyzing logs relevant to the underlying cloud service provider (CSP).Utilize automation to gather forensic artifacts for in-depth analysis.Take ownership of Cloud incidents and drive them to conclusion.Conduct host-based analytical functions to uncover Indicators of Compromise (IOCs) and Tactics, Techniques and Procedures (TTPs).Document investigation analysis capturing the Who, What, When, Where, Why, and How related to the incident.Develop, document, and maintain operationally effective playbooks to deal with Cloud-based incidents.Build and nurture key stakeholder relationships essential to the IR team success.Stay current with the evolving landscape of threat activities and cybersecurity best practices.Qualifications:4+ years' professional experience in Cloud Security and/or Information Security.2+ years' hands-on experience in Cyber Incident Response and Investigations.Hands-on experience with Cloud environments and security-oriented services.Strong working knowledge of Networking Protocols and Cloud Infrastructure Designs.Must have flexibility to work outside of normal business hours when necessary.Education:Bachelor's degree in a technically rigorous domain such as Computer Science, Information Security, Engineering, etc.1 or more of the following Certifications is highly preferred:AWS Certified Solutions Architect - ProfessionalAWS Certified Security - SpecialtyGCP Professional ArchitectGCP Professional Cloud Security EngineerThis job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.Job Family Group:
TechnologyJob Family:
Information SecurityTime Type:
Full timePrimary Location:
Irving Texas United StatesSalary Range:
$125,760.00 - $188,640.00In addition to salary, Citi’s offerings may also include benefits such as medical, dental & vision coverage; 401(k); and wellness programs.Anticipated Posting Close Date:
Oct 17, 2024Citi is an equal opportunity and affirmative action employer. Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
#J-18808-Ljbffr