Cyber Defense Analyst, Citi

Citi

Location:
Mexico, Ciudad De Mexico

Category:
IT - Administration

Contract Type:
Not provided

Salary:

Not provided

Save Job

Apply Position

Job Description:

The cyber defense analyst for Services within the Business, Functions and Technology (BFT) is responsible for maintaining a secure technology ecosystem free from high-risk vulnerabilities and rapidly respond to the changing threat landscape and business demand to mitigate cyber risk for the Services business.

Job Responsibility:

Ensure business and technology remain within appetite for all applicable CSRAs and sustain it with the consistent operating model
Enhance current VTM and GEM operating model in line with BFT Risk Governance organization with Path-to-appetite and reporting
Timely escalate to CISO LTs and Businesses and ensure VTM Risk Treatment responses are entered in a timely fashion
Support VO Organization to improve the quality and integrity of VTM/GEM reports
Continue supporting VTM and GEM Uplift Program activities and reduce risk while reducing stakeholders’ pain-points (data/reporting, false positives, processes)
Perform root cause analysis of VA Issues and identification of repeated offenders for high risk vulnerabilities
Identify areas of repeating SIRT incidents, related trending and work with technology team and ISO contacts in reducing repeat volume instances
Identify opportunities for improving SIRT workflow efficiencies and developing reporting which better reports on root causes for bringing down repeat instance volumes
Work with SIM and ISO community to facilitate the adherence of SIRT reporting timelines as per defined within SIRT standard, as well as identify deviations and its cause (Project Dixson)
Define and document escalation and response procedures between IR CFSC and Cyber Defense
Document/update a Cyber Response plan or guideline to complement Business or Country Crisis Management Plans and support Crisis Management Team training

Requirements:

6-10 years of relevant experience
Understanding of security frameworks, specifically the Cyber Risk Institute (CRI) Profile
Proficient in interpreting and applying policies, standards, and procedures
Extensive knowledge of information security specifically in application security as well as risk assessment methodologies, tools, and industry standards
Strong analytical, and problem-solving skills
Excellent communication and interpersonal skills
CRISC, CISA, CISM, CISSP preferred
At least intermediate-level proficiency in Microsoft Office tools

Additional Information:

Job Posted:
May 09, 2025

Employment Type:

Fulltime

Work Type:

On-site work

View All Jobs In This Company

Job Link Share:

Cyber Defense Analyst