CrawlJobs Logo

Advanced Cyber Defense Analyst

https://www.citi.com/ Logo

Citi

Location Icon

Location:
Hungary , Budapest

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

The Advanced Cyber Defense (ACD) team is a group inside the Citi Security Operations Center (SOC). The ACD is a full-time threat hunt team that focuses on advanced threat analysis, custom threat detection techniques, process improvement and evaluation of new security tools and technology. ACD team members are subject matter experts in multiple cyber security disciplines including threat hunting, content creation, network and end-point log analysis, malware analysis, Windows/Linux/Unix command line and scripting.

Job Responsibility:

  • Conduct research on new technology offerings and determine applicability in Citibank’s SOC
  • Evaluate and advise on the implementation and effectiveness of the cybersecurity safeguards to ensure that they provide the intended level of protection
  • Development of new tools, processes and procedures to enhance SOC monitoring and analysis capabilities
  • Perform risk assessments and threat modelling to identify gaps in SOC monitoring capabilities and devise strategies to minimize the risk
  • Conduct online research of the latest cyber threats and ensure those can be detected by existing in-house technologies
  • Identify redundant tasks and automate them to increase efficiency of the SOC team
  • Utilize SOAR to develop playbooks for automating complex use cases

Requirements:

  • 4-6 years working in the security & operations fields
  • Possessing strong fundamental knowledge of networks (TCP/IP) and operating systems (Windows/Linux)
  • Hands-on experience with cyber security solutions
  • SIEM, AV, NIDS, EDR etc.
  • Ability to investigate network traffic, read and interpret logs and packet captures, investigate email threats
  • Experience with cyber security incident response, web/shell programming as well as being familiar with malware and memory analysis techniques are advantageous
  • Fluency in English
  • Bachelor's Degree or higher preferred

Nice to have:

  • Critical thinking and analytical skills
  • Good written and oral communications skills
  • Team player with the ability to work independently
What we offer:
  • Cafeteria Program
  • Home Office Allowance (for colleagues working in hybrid work models)
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms at our offices
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
  • Flexible work arrangements to support you in managing work - life balance
  • Career progression opportunities across geographies and business lines
  • Socially active employee communities with diverse networking opportunities

Additional Information:

Job Posted:
March 22, 2025

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Citi - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Advanced Cyber Defense Analyst

Computer Network Defense Analyst

Hoplite Solutions is seeking experienced Computer Network Defense Analysts (CNDA...
Location
Location
United States
Salary
Salary:
Not provided
hoplitesolutions.com Logo
Hoplite Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active TS/SCI with polygraph clearance
  • STEM degree in Network Engineering, Systems Engineering, Information Technology, or related field (extended military cyber training courses may be counted toward degree requirement)
  • Relevant experience in computer or information systems design/development, programming, information/cyber/network security, vulnerability analysis, penetration testing, computer forensics, information assurance, and/or systems engineering
  • Demonstrative experience w/SIGINT and AMOD
  • Experience in network or system administration
  • Documented foreign language proficiency may count toward experience requirements
  • Specific labor category determined by years of experience + educational degrees and/or equivalencies
Job Responsibility
Job Responsibility
  • Use information collected from a variety sources to identify potential vulnerabilities, respond to cyber events, and defend against events that might occur
  • Help develop mitigations to strengthen network defenses and protect against attacks on network infrastructure devices or systems
  • Support a wide range of data transport possibilities
  • Advance your career as you develop increasing expertise in networking protocols and architectures, cloud security, Internet of Things protocols, and advanced network security
  • Be part of a team, working together with government, military, and contractor personnel to develop shared understandings of intelligence needs, mission relevance, and areas of expertise
  • Apply your innate curiosity and analytical talent to form hypotheses, critically assess and choose analysis techniques, then query, merge, enrich, evaluate, and pivot within data to attain and share insights
  • Distill, document, contextualize and share your findings--including any new tradecraft that you develop--with teammates, stakeholders, and intelligence consumers
What we offer
What we offer
  • Paid holidays and vacation
  • Fully covered healthcare
  • Short- and long-term disability
  • Up to 7% 401(k) matching
  • Referral bonuses
  • Tuition reimbursement
  • Fulltime
Read More
Arrow Right

Senior Acquisition Intelligence Support contractor

MAINSAIL Group is looking for an experienced Intelligence & Cyber Analyst to joi...
Location
Location
United States , Hanscom AFB
Salary
Salary:
Not provided
mainsailgroupinc.com Logo
MAINSAIL Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Top Secret/SCI Clearance and U.S. Citizenship required for all applicants
  • Bachelor’s degree and 15 years of experience in intelligence support to acquisition programs
  • Advanced knowledge of DoD, USAF, AFLCMC and private-sector acquisition principles, guidance, Executive Orders, regulations and procedures relevant to intelligence support to major Defense acquisition efforts
  • Knowledge of cyber threats and intelligence tracking and assessments of such threats, as they may impact SAOC mission areas
  • Experience supporting a range of DoD acquisition activities through various stages of the Defense Acquisition cycle
  • Possess the knowledge and mindset to play a key “forward leaning” support role as a senior contractor
  • The ability to effectively communicate in both written and verbal forms on highly technical topics
Job Responsibility
Job Responsibility
  • Contribute to and address specific SAOC program intelligence requirements while assessing the impact of technically advanced threat and security support issues to reduce program and operational risks
  • Work with SAOC Cyber team to assess cyber threats to SAOC mission areas and assist in developing solutions to such threats
  • Team with program offices, product centers, and the Intelligence Community (IC) to provide system engineering and technical analysis level inputs in support of major acquisition decisions
  • Provide acquisition intelligence technical and analytical support as outlined in annual Intel Support Taskings from AFLCMC/IN and external PEO customers
  • Review, tailor and analyze Threat Assessments relevant to the SAOC mission areas
  • Review, tailor and analyze System Threat Analysis Reports (STAR) and Validated On-Line Life-Cycle Threats (VOLTS) to the SAOC mission areas
  • Review, tailor and analyze ISR dependencies and Requirements that will support the SAOC mission areas
  • Review, tailor and analyze cross-program analyses, including external programs that impact SAOC subsystems and capabilities
  • Support technical Adversary Cyber Threat Assessments (ACTA) relevant to the SAOC mission areas
  • Support technical Intelligence supportability analyses for the SAOC mission areas
  • Fulltime
Read More
Arrow Right

Cyber Intelligence Operations Analyst

Amentum has an opportunity for a highly qualified Cyber Intelligence Operations ...
Location
Location
United States , Wahiawa
Salary
Salary:
165000.00 - 185000.00 USD / Year
amentum.com Logo
Amentum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in computer science, Information Security, Cybersecurity, Intelligence/International Studies, or related field
  • Minimum of 4 years of experience in intelligence analysis with a focus on cyber threats or operations
  • Proficiency in intelligence analysis tools and techniques, such as data visualization, link analysis, and threat modeling
  • Familiarity with Intelligence inputs to MDMP, JPP, and the Joint Targeting Cycle
  • Active Top-Secret Clearance with SCI eligibility and current CI Polygraph
  • US Citizenship is required to obtain a Top-Secret Clearance
Job Responsibility
Job Responsibility
  • Conduct in-depth analysis of cyber threat intelligence, including emerging malware, vulnerabilities, and attack vectors
  • Collect, evaluate, and fuse intelligence from diverse sources, including open-source intelligence (OSINT), signals intelligence (SIGINT), human intelligence (HUMINT), and technical intelligence (TECHINT). Identify correlations and patterns to enhance situational awareness and predictive analysis
  • Assess the potential impact of cyber threats on network infrastructure and operations. Collaborate with cyber defense teams to develop and implement mitigation strategies and countermeasures
  • Provide intelligence support during cyber incident response activities, including analysis of indicators of compromise (IOCs), attribution of cyber-attacks, and identification of adversary tactics, techniques, and procedures (TTPs)
  • Prepare and deliver clear and concise intelligence products, including reports, briefings, and presentations, for a diverse audience, including senior leadership, operational stakeholders, and technical teams
  • Foster collaboration and information sharing with internal and external stakeholders, including other intelligence agencies, law enforcement, industry partners, and allied nations, to enhance cyber threat awareness and response capabilities
  • Stay abreast of emerging cyber threats, technologies, and methodologies through continuous research and professional development. Contribute to the development of new analytical techniques, tools, and processes to improve intelligence analysis and cyber defense capabilities
  • Conduct target system analysis to support entity of interest for offensive cyberspace operations, coordinate for intelligence production and analysis to support advance technical development for offensive operations
  • Execute collection management drawing subordinate unit intelligence requirements and overseeing their progress through the various means of collection to resolve intelligence gaps
  • Develop Targets through Advanced Target development to achieve vetted and validated COCOM level targets for mission package execution
What we offer
What we offer
  • Health, dental, and vision insurance
  • Paid time off and holidays
  • Retirement benefits (including 401(k) matching)
  • Educational reimbursement
  • Parental leave
  • Employee stock purchase plan
  • Tax-saving options
  • Disability and life insurance
  • Pet insurance
  • Fulltime
Read More
Arrow Right

Forensic Analyst

Join the international Cyber Security Operations Center (SOC) as a Forensic Anal...
Location
Location
Canada , Montréal
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proficiency with Windows, Macintosh, Linux/UNIX, and DOS operating systems
  • Strong understanding of information systems security, network architecture, and general database concepts
  • Experience with forensic tools (e.g., EnCase, FTK, Magnet Axiom), security assessments, penetration testing, and ethical hacking
  • Ability to conduct exams on compromised computers and servers, and perform live network analysis
  • Excellent written and oral communication skills
  • Ability to manage multiple projects, work under pressure, and maintain confidentiality
  • Experience managing client relationships, forensic cases, and corporate incidents
  • Relevant cybersecurity certifications (GCFA, CIH, GCFE, GCIA) are required
  • Professional proficiency in English (oral and written)
Job Responsibility
Job Responsibility
  • Lead and execute incident response missions to determine the cause and extent of security incidents
  • Conduct forensic investigations and electronic discovery for the cyber security group and legal department, using advanced forensic tools and proprietary methodologies
  • Manage and participate in forensic incident response missions (networks, systems, malware analysis, etc.)
  • Support the DFIR manager by communicating assignment progress and issues
  • Participate in Cyber Defense Center collaboration, projects, and compliance efforts related to CERT matters
  • Maintain a computer forensic lab and support SOC incident investigation activities
  • Contribute to advanced threat hunting and the enhancement of cybersecurity detection and response maturity
What we offer
What we offer
  • Competitive salary and annual performance bonus
  • Comprehensive benefits package: life insurance, long-term disability, health care, dental, vision, and a health spending account to support your well-being (Sopra Steria covers 100% of premiums)
  • Paid time off: sick leave, personal days, and 3 weeks of vacation
  • Monthly transportation allowance
  • Excellent training, development, and career advancement opportunities, with active support to strengthen your skills in a caring, collaborative, and inclusive company culture
  • Hybrid work environment
  • Provided equipment to ensure optimal productivity
  • Fulltime
Read More
Arrow Right

Senior Cybersecurity Specialist

Seeking a Senior Cybersecurity Specialist that is able to work with a dynamic te...
Location
Location
United States , Boston
Salary
Salary:
Not provided
mcdean.com Logo
M.C. Dean, Inc
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Top Secret clearance with the ability to obtain
  • U.S. Citizenship
  • Bachelor’s Degree in Computer Science, Engineering, Information Technology, or Cybersecurity Discipline preferred
  • 12+ years of demonstrated experience in Information Security
  • Good working knowledge of both DoD and Federal Government Cybersecurity/Information Assurance Security policies and procedures
  • 9+ years of applicable experience with a Master's Degree
  • 15+ years of applicable experience with an Associate's Degree
  • Demonstrated experience leading Cybersecurity Teams
  • Demonstrated experience with combined Risk Management Framework (RMF) and/or other system authorization and accreditation processes and NIST 800-53 controls
  • Demonstrated experience accrediting systems using Enterprise Mission Assurance Support Service (eMASS)/Xacta or similar, McAfee Host Based Security System (HBSS) or similar, and Nessus
Job Responsibility
Job Responsibility
  • Manage a team of engineers, analysts, and cybersecurity specialists
  • Be the contract Subject Matter Expert (SME) all matters related to Cybersecurity and the Risk Management Framework (RMF), and cyber compliance/tools (e.g., eMASS/XACTA, Nessus, HBSS, Splunk, etc.)
  • Drive team awareness of newly emerging Department of Defense cyber requirements
  • Bring forward suggestions on potential new cybersecurity related tools that will drive automation of team processes
  • Ensure Risk Assessments, Exemption/Exception requests and RMF Packages meet compliance
  • Ensure team is monitoring, reporting, and assessing Cyber compliance for all Operations and Infrastructure on schedule and in accordance with government policies
  • Ensure team maintenance, monitoring, reporting, and assessment of Cyber compliance on all security tools and technology
  • Ensure team is monitoring, reporting, and assessment of Cyber internal and external policy compliance
  • Work to mitigate risk across security system’s infrastructure
  • Interface daily with program management, operations, and engineers leads
What we offer
What we offer
  • Medical, dental, vision, life, and disability insurance
  • Paid time off
  • Tuition reimbursement
  • 401k Retirement Plan
  • Military Reserve pay offset
  • Paid maternity leave
  • Professional and technical training programs
  • Leadership training
  • Fulltime
Read More
Arrow Right

Expert Incident Response Cybersecurity Analyst

Expert Incident Response Cybersecurity Analyst. This role has been designed as ‘...
Location
Location
Ireland , Galway
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field or equivalent experience desired
  • 6+ years of experience in cybersecurity, with a focus on incident response and threat analysis desired
  • Proven experience in security tools and technologies, including SIEM, EDR, and Incident ticketing technology
  • Strong knowledge & understanding of common attack vectors and threat actor tactics, techniques, and procedures
  • Expertise in Security Information and Event Management (SIEM) tools and related security platforms
  • Demonstrates exceptional proficiency in performing log analysis across common environments (Windows, Linux, AWS, Azure, GCP)
  • In-depth knowledge of common security threats, vulnerabilities, and attack methodologies – including advanced persistent threats (APTs) and zero-day exploits
  • Extensive experience with performing in-depth incident investigation, documenting findings, and developing actionable remediation plans
  • Strong communication skills
  • Ability to work independently and on high-impact projects in fast-paced environments
Job Responsibility
Job Responsibility
  • Monitor and analyze network traffic, logs, and alerts to identify and respond to security incidents
  • Conduct in-depth investigations of security incidents, including root cause analysis and impact assessment
  • Develop and maintain security tools and processes to improve the efficiency and effectiveness of the Cyber Defense Center
  • Collaborate with other teams, including IT, Legal, and Communications, to ensure a coordinated response to security incidents
  • Provide expert advice and guidance to other teams on cyber security best practices and risk management
  • Combines deep industry expertise with a thorough understanding of information and security technology to effectively analyze associated logs and respond to high severity incidents
  • Contributes to the company's security response methods, suggesting automation opportunities which can enhance IR
  • Mentor and provide technical guidance to less experienced cybersecurity professionals
  • Stay at the forefront of cybersecurity trends, threats, and technologies, driving innovation within the organization's threat detection and response capabilities
  • Foster a culture of continuous improvement and innovation, encouraging the adoption of new technologies and methodologies within the team
What we offer
What we offer
  • Health & Wellbeing benefits
  • Personal & Professional Development programs
  • Unconditional Inclusion environment
  • Fulltime
Read More
Arrow Right
New

Information Security Engineering Manager - DLP & WES Team

Wells Fargo is seeking a Information Security Engineering Manager for their Cybe...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.wellsfargo.com/ Logo
Wells Fargo
Expiration Date
January 29, 2026
Flip Icon
Requirements
Requirements
  • 4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
  • 2+ years of Leadership experience
  • Bachelor’s or Master’s in Technology, Engineering, or equivalent experience
  • 4 years of progressive experience in information security, with a strong focus on data protection and risk management in large, regulated environments
  • At least 4 years in leadership roles, demonstrating the ability to build, mentor, and manage high-performing teams of security engineers and analysts
  • Demonstrated ability to assess and manage risks related to data exfiltration, analyze emerging threats, and incorporate innovative technologies and methodologies into enterprise data loss prevention and monitoring
  • Demonstrated expertise in engineering and refining DLP policies for web, email, and cloud channels, including SaaS application risk management
  • Advanced knowledge of Security Information and Event Management (SIEM) platforms and industry standard data protection solutions
  • Exceptional leadership, stakeholder engagement, and program management skills, with a track record of driving operational excellence and fostering a culture of collaboration and continuous learning
  • Ability to communicate complex security concepts to senior leadership and cross-functional teams
Job Responsibility
Job Responsibility
  • Manage a team of engineers that design, document, test, maintain and provide issue resolution recommendations for highly complex security solutions related to networking, cryptography, cloud, authentication or directory services, email, internet, applications or endpoint security
  • Manage security consulting on large projects for internal clients to ensure conformity with corporate information security policy, and standards
  • Possess subject matter expertise at a mastery level in current and emerging security solutions and best practices
  • Review and correlate security logs
  • Manage computer security incident response activities for highly complex events
  • Conduct technical investigation of security-related incidents, and conduct post-incident digital forensics to identify causes and recommend future mitigation strategies
  • Manage implementation of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity
  • Work with more experienced technologists and team
  • Interface with more experienced management
  • Manage allocation of people and financial resources for Information Security Architecture
  • Fulltime
Read More
Arrow Right
New

Senior Managed Services Information Security Analyst

The Senior Managed Services Information Security Analyst is an advanced subject ...
Location
Location
Australia , Melbourne
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree or relevant qualification in Information Technology or Computing or a related field
  • Security certifications such as (but not limited to) AZ-500, SC-200, Security+, CEH, CISSP, CISM or similar
  • Certification in different networking technologies such as CCNA, JNCIA, ACCA, PCNSA, CCSA is advantageous
  • Advanced experience in SOC Analysis Operations
  • Advanced experience in SIEM usage for investigations
  • Advanced experience in Security technologies such as (but not limited to) Firewall, IPS, IDS, Proxy
  • Advanced experience in dealing with technical support to clients
  • Advanced experience in handling security incidents end to end
  • Advanced experience in configuring/managing security controls, such as SIEM, Firewall, IDS/IPS, EDR, NDR, UTM, Proxy, SOAR, Honeypots and other security tools
  • Advanced experience in Security Analysis or Engineering preferably gained within a global services organization
Job Responsibility
Job Responsibility
  • Works as part of a global Cyber Defense Centre (CDC) team that works 24/7 on rotational shifts
  • Works with client stakeholders and relevant internal teams to tune the MSSP platform and client SIEM to enable more efficient detection, analysis and reporting
  • Monitors security tools to review and analyze security logs from client environments
  • Generates continuous improvement ideas for supported security tools/technologies, to enable improvements to the company services, employee experience and client experience
  • Adheres to SOPs, customer Run Books and standard processes to ensure a globally consistent delivery whilst also proposing changes and improvements to these standards
  • Utilizes and documents best practices and amend existing documentation as required
  • Identifies opportunities to make automations which will help the clients and security delivery teams
  • Performs security incident handling and response from several vectors including End Point Protection and Enterprise Detection and response tools, attack analysis, malware analysis, network forensics, computer forensics
  • Utilizes a broad range of skills in LAN technologies, Windows and Linux O/S’s, and general security infrastructure
  • Ensures usage of knowledge articles in incident diagnosis and resolution and assists with updating as and when required
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy