CrawlJobs Logo

Information Security Professional Lead Analyst

https://www.citi.com/ Logo

Citi

Location Icon

Location:
Philippines , City of Taguig

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

The Info Sec Prof Lead Analyst is an intermediate level position responsible for driving efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy.

Job Responsibility:

  • Design and implement a solution for performance measurements on effectiveness of controls and overall vulnerability assessment program
  • Analyze trends on assets security health posture and report using visualization tools for program review with management and stakeholders
  • Analyze and report aggregated data from multiple data sources
  • Develop data visualization mock-ups for monitoring program data trends and communicate using analytical tools
  • Develop reports for tracking program effectiveness and update power point deck for weekly, monthly and quarterly updates
  • Develop, optimize and provide continuous support for reports and ad-hoc queries from end user
  • Create dashboards with parameters and interactive drill down functionality
  • Analyze trends on assets security health posture and report using visualization tools for program review with management and stakeholders
  • Excellent Analytical Ability - Understand the systems and data flow at a high level to evaluate if appropriate controls are in place for the standards
  • Provide timely, accurate, and actionable reporting on application vulnerability activity, trends, service levels, and areas of concern to senior management
  • Streamline and automate report creation and distribution for weekly & monthly reporting
  • Work with the Metrics reporting team to enhance and refine the metrics and key performance indicators reported to senior management and external regulatory agencies
  • Develop User acceptance test plans for testing changes to system enhancements that impact governance and compliance
  • Document business requirements related to system enhancements and submit for reviews and approvals
  • Perform data analysis from multiple systems and assess completeness of data for reporting
  • Ensure data integrity and compliance by performing data audits and data validation
  • Performs root cause analysis on metric trends and provide insight to governance team for appropriate refinements to rules

Requirements:

  • At least 7+ years of strong data analysis and report development experience
  • 7+ years of experience in information security or related technology experience required
  • At least 7+ years’ experience with Business Intelligence Reporting tools like Cognos, Tableau
  • At least 7+ years’ experience with Databases like Oracle, SQL Server, Microsoft Access
  • Strong Business Intelligence Developer Skills
  • Strong understanding of application development life cycle, CI/CD and DevOps concepts
  • Excellent Excel data analysis and Access database skills
  • Excellent SQL Skills
  • Experience with issue resolution - ability to research, identify and communicate solutions
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills

Nice to have:

Master’s degree preferred

Additional Information:

Job Posted:
April 30, 2025

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Citi - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Information Security Professional Lead Analyst

Information Security Education Analyst

The Information Security team is growing, and we are looking for a creative, mot...
Location
Location
Canada , Toronto
Salary
Salary:
Not provided
take2games.com Logo
Take-Two Interactive Software, Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of professional experience in communications, creative design, and employee engagement, ideally within a corporate or enterprise environment
  • Proven ability to lead employee-facing communication campaigns, craft compelling messages, and design creative content that drives measurable engagement
  • Strong experience with writing and delivering messages to large and diverse audiences across multiple media channels (email, Slack, posters, intranet, social media, etc.)
  • Excellent written and verbal communication skills
  • Advanced experience with graphic design tools and a strong eye for impactful, brand-aligned design
  • Highly organized with strong project management skills and an ability to manage multiple tasks simultaneously
  • A proactive, self-starter mentality and the ability to thrive in a collaborative environment
  • Some background in cybersecurity awareness or a related area — strong interest in security concepts is essential, but deep technical expertise is not required
  • Ability to exercise sound judgment in communications and engagement approaches, escalating unusual or sensitive matters to senior staff when appropriate
  • Developing professional expertise in security awareness, with the ability to apply core communication principles while learning security-specific practices
Job Responsibility
Job Responsibility
  • Support the program Lead in developing and delivering the information security education program aimed at promoting positive security behaviors and reducing risky practices
  • Independently lead the planning, design, and delivery of security education campaigns, with a focus on creative storytelling, employee engagement, and communications strategy
  • Help manage and execute our security awareness campaigns, including planning, scheduling, and content delivery
  • Contribute to the design and creation of educational materials, such as presentations, infographics, posters, and email communications, ensuring they are visually appealing and easy to understand
  • Support the coordination and delivery of security trainings for various employee groups
  • Assist with the administration of our phishing simulation campaigns and help analyze the results to measure program effectiveness
  • Draft clear and concise security communications that simplify complex technical topics for a non-technical audience
  • Set objectives for your work area by creating measurable communication and engagement outcomes (e.g., campaign reach, employee participation, engagement rates) and recommend improvements based on results
  • Contribute communications-driven solutions to tactical security education issues and present recommendations to managers for implementation
  • Collaborate with the broader Information Security team to stay up-to-date on emerging threats and translate them into relevant awareness content
What we offer
What we offer
  • Medical, dental, vision, pension plan, employee stock purchase plan, commuter benefits, in-house wellness program, broad learning & development opportunities, a charitable giving platform with company match
  • Fitness allowance, employee discount programs, free games & events, stocked pantries
  • Fulltime
Read More
Arrow Right

Information Security Education Analyst

The Information Security team is growing, and we are looking for a creative, mot...
Location
Location
United States , New York
Salary
Salary:
85700.00 - 126860.00 USD / Year
take2games.com Logo
Take-Two Interactive Software, Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of professional experience in communications, creative design, and employee engagement, ideally within a corporate or enterprise environment
  • Proven ability to lead employee-facing communication campaigns, craft compelling messages, and design creative content that drives measurable engagement
  • Strong experience with writing and delivering messages to large and diverse audiences across multiple media channels (email, Slack, posters, intranet, social media, etc.)
  • Excellent written and verbal communication skills
  • Advanced experience with graphic design tools and a strong eye for impactful, brand-aligned design
  • Highly organized with strong project management skills and an ability to manage multiple tasks simultaneously
  • A proactive, self-starter mentality and the ability to thrive in a collaborative environment
  • Some background in cybersecurity awareness or a related area — strong interest in security concepts is essential, but deep technical expertise is not required
  • Ability to exercise sound judgment in communications and engagement approaches, escalating unusual or sensitive matters to senior staff when appropriate
  • Developing professional expertise in security awareness, with the ability to apply core communication principles while learning security-specific practices
Job Responsibility
Job Responsibility
  • Support the program Lead in developing and delivering the information security education program aimed at promoting positive security behaviors and reducing risky practices
  • Independently lead the planning, design, and delivery of security education campaigns, with a focus on creative storytelling, employee engagement, and communications strategy
  • Help manage and execute our security awareness campaigns, including planning, scheduling, and content delivery
  • Contribute to the design and creation of educational materials, such as presentations, infographics, posters, and email communications, ensuring they are visually appealing and easy to understand
  • Support the coordination and delivery of security trainings for various employee groups
  • Assist with the administration of our phishing simulation campaigns and help analyze the results to measure program effectiveness
  • Draft clear and concise security communications that simplify complex technical topics for a non-technical audience
  • Set objectives for your work area by creating measurable communication and engagement outcomes (e.g., campaign reach, employee participation, engagement rates) and recommend improvements based on results
  • Contribute communications-driven solutions to tactical security education issues and present recommendations to managers for implementation
  • Collaborate with the broader Information Security team to stay up-to-date on emerging threats and translate them into relevant awareness content
What we offer
What we offer
  • Medical (HSA & FSA), dental, vision
  • 401(k) with company match
  • Employee stock purchase plan
  • Commuter benefits
  • In-house wellness program
  • Broad learning & development opportunities
  • A charitable giving platform with company match
  • Fitness allowance
  • Employee discount programs
  • Discounted games & events
  • Fulltime
Read More
Arrow Right

Security Incident Management Analyst

The Security Incident Management Analyst is an intermediate level position respo...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Relevant professional certifications issued by GIAC, AWS, etc., preferably GCCC, GCIH, CEH, ECSA
  • General Industry knowledge of reporting obligations pertaining to local and national laws and regulatory bodies such as OCC, SEC, ECB, MAS
  • Working knowledge of common security models (Defense-in-Depth) and frameworks (MITRE Attack, Cyber Kill Chain, STIX)
  • Working knowledge of VERIS taxonomy
  • Working knowledge of OSI model
  • Working knowledge of security and/or incident response in cloud environments
  • Working knowledge of software development best practices, including agile methods
  • Familiar with Atlassian tools
  • Previous experience working in highly regulated environment
  • Previous experience in a fusion center and/or exposure to large scale incident response
Job Responsibility
Job Responsibility
  • Work as part of a best in class ‘follow the sun’ security incident response team
  • Lead and manage incident response activities to ensure that requisite triage, containment, and eradication are completed within targeted timeframes
  • Ensure that the security incident record is complete, accurate and fit for purpose
  • Collect and analyze evidence including investigative findings and prepare to coordinate with internal and external compliance and audit personnel
  • Execute incident response meetings and communicate complex security topics
  • exhibit good judgment and discretion when initiating escalations to all levels of the organization
  • Ensure that controls are utilized daily and that non-compliance remediation is addressed by appropriate selection
  • Provide IS consulting services, including interpreting and/or clarifying information security policy, procedures, standards or concepts
  • Assist with defining and implementing information security standards to align procedures and practices in pursuit of compliance with Citigroup standards
  • Validate compliance with information security policies, practices, and procedures, and resolve a variety of information security related issues in coordination with the relevant business(es)
  • Fulltime
Read More
Arrow Right

Lead IT Threat Hunt Analyst

The Lead IT Threat Hunt Analyst proactively identifies and neutralizes cyber thr...
Location
Location
United States
Salary
Salary:
103700.00 - 134460.00 USD / Year
amtrak.com Logo
AMTRAK
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s Degree in Computer Science, Information Systems, or related field
  • Professional security‐related certifications (e.g. GIAC Certified Forensic Analyst (GCFA), Certified Information Systems Security Professional (CISSP), or equivalent)
  • Enterprise security experience in threat intelligence, investigative and hunt methodologies, detection engineering, security operations and/or incident response
  • Knowledge of Mitre ATT&CK matrices (Enterprise, ICS, Cloud) to map adversary tactics, techniques and procedures (TTPs) and inform structured hunts
  • Knowledge of OS triage artifact analysis and incident investigative methods
  • Strong analytical skills and proficiency with SIEM, EDR, CASB, IDS/IPS, AV, DLP UEBA, FW, and forensic investigative technologies
  • Ability to design and review multi-source correlation queries using Kusto, Kibana and/or Structured query languages, across endpoint, cloud, network, application and identity data
Job Responsibility
Job Responsibility
  • Conduct proactive, intelligence-driven threat hunts to identify adversary activity, cyber risks and anomalies, identifying and investigating potential threats to critical infrastructure and operations
  • Evaluate, analyze and synthesize large quantities of data to uncover anomalous activity capable of introducing risk to Amtrak environments
  • Search for potential vulnerability exploitation, post-compromise activity or security control gaps based on emerging and known adversary tactics, techniques and procedures (TTPs), user behavior, endpoint threat detection, network behavior analytics, machine learning-derived trends and external threat reports
  • Review EDR telemetry, Firewall, IDS/IPS logs, web content filtering logs, net flow device logs, antivirus logs
  • Work closely with other cybersecurity teams (detection engineering, threat intelligence, incident response and security operations) and operational technology service owners to escalate anomalous findings, contribute to detection logic improvements and verify security control implementations
  • Support and participate in formal reporting related to threat hunt findings, implementation of security controls and improvements to Cyber Security Operations processes
  • Capture hunt byproducts indicative of poor cyber hygiene practices, company policy violation or misuse
  • support incident investigations, as needed
  • Participate in the evaluation and recommendation of hardware and software systems that provide security functions
  • Respond and resolve problems, security incidents and forensic investigations, as needed
What we offer
What we offer
  • health, dental, and vision plans
  • health savings accounts
  • wellness programs
  • flexible spending accounts
  • 401K retirement plan with employer match
  • life insurance
  • short and long term disability insurance
  • paid time off
  • back-up care
  • adoption assistance
  • Fulltime
Read More
Arrow Right

Cybersecurity GRC Tool Analyst

Cybersecurity GRC Tool Analyst to analyse the technology requirements of the var...
Location
Location
Canada
Salary
Salary:
97600.00 - 181000.00 CAD / Year
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Information Security, Information Technology, Risk Management or a related field, or equivalent experience
  • CISSP, ISO 27001 Lead Implementer, or similar certification
  • GRC platform certifications (e.g., Archer Certified Professional, ServiceNow GRC, Drata Admin, OneTrust Certified)
  • ITIL Foundation (a plus)
  • 5-7 years of experience in Information Security, IT Governance, or Risk Management
  • 5+ years of experience working with GRC platforms (e.g., Archer, ServiceNow GRC, AuditBoard, Drata, OneTrust, or similar)
  • Expert at working with Governance Risk & Compliance platforms
  • Strong understanding of cybersecurity and compliance frameworks (e.g., NIST CSF, ISO 27001)
  • Experience with basic integrations and workflow configurations
  • Strong organizational skills and attention to detail
Job Responsibility
Job Responsibility
  • Administer and maintain the GRC platform, including configurations, workflows, and reporting dashboards
  • Support the integration of the GRC tool with key enterprise systems (e.g., asset inventory, ticketing systems, vulnerability management tools)
  • Collaborate with cybersecurity, policy, risk, compliance, and IT teams to capture business requirements and translate them into functional tool capabilities
  • Assist in onboarding and managing control frameworks (e.g., ISO 27001, SOC 2, NIST CSF, FedRAMP) within the platform
  • Monitor data quality, ensure accurate reporting, and maintain platform integrity
  • Support control owners and stakeholders in using the GRC platform for assessments, evidence collection, and tracking remediation activities
  • Maintain user roles and permissions, ensuring proper access management
  • Document processes, workflows, and platform configurations
  • Provide training and guidance to end users on tool functionality and best practices
  • Coordinate with tool vendors for issue resolution, upgrades, and enhancements
What we offer
What we offer
  • Health & Wellbeing benefits
  • Personal & Professional Development programs
  • Unconditional Inclusion environment
  • Comprehensive benefits suite supporting physical, financial and emotional wellbeing
  • Fulltime
Read More
Arrow Right

Senior Detection Engineer

This is a detection engineering role that leverages knowledge of monitoring, ana...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.marriott.com Logo
Marriott Bonvoy
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Sciences or related field or equivalent experience/certification
  • 3+ years of collective experience in Splunk SIEM (Splunk Enterprise Security) threat detection use case development or UEBA (Exabeam) use case development for insider threat use case development
  • 5+ years of experience in security functions such as SOC, CIRT, security engineering, risk management, vulnerability management or technical infrastructure operations, administration, or systems engineering
  • scripting or programming language, including Python
  • Current information security certification such as Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP) preferred
  • offensive and defensive security certifications such as CEH, IGAC Cyber Defense, OSCP or other related certifications preferred
  • Splunk Certification, including Splunk Enterprise Security Certified Admin preferred
  • use case development experience on the Exabeam platform preferred
  • working knowledge of the NIST Cyber Security Framework and ISO/IEC 27001:2022 preferred
  • working knowledge of the MITRE ATT&CK Framework preferred
Job Responsibility
Job Responsibility
  • Lead collaboration sessions within the cyber security tower and other business units to devise security monitoring use cases
  • engage and collaborate with other security engineers and architects as needed to keep pace with the evolution of corporate infrastructure and applications and share that knowledge with peers as appropriate
  • document prospective security monitoring use cases with MITRE ATT&ACK mappings using standard templates and methodologies
  • inform and consult other cyber ops teams of required data onboarding and integrations for use case development
  • develop analytics, correlation searches, dashboards, reports and alerts within the SIEM and UEBA platforms
  • solicit feedback for pre-production security monitoring content through peer review process and user acceptance testing for tuning
  • document developed security monitoring content in a documentation registry using department standard templates and methodologies
  • manage field mapping and transmission of security monitoring alerts to the security incident response platform for SOC analyst consumption as outlined in process documentation
  • provide governance support for the content development function entailing content development standards compliance, change management approvals for SIEM or UEBA content, and lifecycle management of developed security monitoring content
  • service operational requests in queue such as analytics content performance tuning, filtering, search refinement, parsing issues
  • Fulltime
Read More
Arrow Right

Acquisition Analyst

The candidate will be required to create and maintain a single Program Integrate...
Location
Location
United States , Redstone Arsenal, AL
Salary
Salary:
Not provided
qed-analytics.com Logo
QED Analytics Inc
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Degree Required
  • Must have 5-10 years' experience
  • Experience using MS Project Professional
  • Capable of leading and executing tasks associated with Integrated Master Schedule (IMS) planning, development, execution, and analysis for complex weapon systems
  • Proficiency in Milestones Professional and working knowledge of @Risk for MS project is highly desired
  • Demonstrated experience supporting and interacting on a daily basis with high level DOD Officials (06 and above, GS equivalent), sitting on-site with the DOD Program
  • Demonstrated MS Office skills, particularly Excel and PowerPoint and relational database tools for data management (and reporting) are required
  • SECRET or greater Security Clearance
Job Responsibility
Job Responsibility
  • Create and maintain a single Program Integrated Master Schedule (IMS) using Microsoft Project and/or Primavera P6
  • Incorporate updating status information into the Government IMS from the prime contractor IMS and Govt organizations
  • Provide critical path impact analysis and recommend conflict resolution actions as required to the Government Program Manager
  • Provide additional program top level reports of the Program IMS using Milestones Professional
  • Manipulate and update schedules during meetings and respond to questions from customers regarding milestones and changes
  • Aid with developing technology-based solutions to provide useful data in an easy-to-understand format using Contracts Manpower Dashboards, DAO Portal Management, Helpdesk Management, and Qlik dashboard development
  • Supports Defense Acquisition, Earned Value and Contracts on all strategic workforce development issues including manpower, retention, staffing, and other functional operations within the Missile Defense Agency
  • Administration of in-house database PRIDE (Personnel Resource Internet Database Environment) maintaining accuracy of records through weekly updates, managing move logistics/space assignments
  • Trusted agent duties for MDA incentive awards, provide weekly reports of incentive awards totals and percentage obligated from Acquisition, Contracts, and Earned Value programs
Read More
Arrow Right

Manager – Security Architecture and Strategy

The Manager, Security Architecture and Strategy, is a key role in continent secu...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.marriott.com Logo
Marriott Bonvoy
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Science, Information Technology, Information Security, Cybersecurity or related field
  • 3+ years IT/ information security work experience, preferably in a large organization
  • Experience in reviewing Security Architectures and explaining security risks/gaps as well as mitigation strategies is highly desirable
  • Professional certifications related to security assessment, such as CISA, CRISC, PCI ISA, ISO/IEC 27001 Lead Auditor, etc.
  • The coordinator must have strong interpersonal communication skills, as well as organizational skills. Project management experience is also desirable.
  • Fluent in English, both spoken and written.
  • Strong working knowledge of IT service management (e.g., ITIL-related disciplines)
  • Ability to communicate Security Requirements for areas including but not limited to: Cloud Computing, Application Development, IAM, Cryptography, and Infrastructure design and standards to a diverse audience.
  • Ability to present the process to all levels of audience, be comfortable answering questions around the process, gather and document feedback from these presentations and bring that back to the Security Architect for future enhancements.
  • Experience in creating presentations in PowerPoint, and comfort in presenting to C level executives.
Job Responsibility
Job Responsibility
  • Contributes to, evaluates, and supports the documentation, and validation processes necessary to assure that associates, information technology systems and business processes meet the organization’s information assurance, security, and privacy requirements.
  • Consults with customers to gather and evaluate functional requirements and provides these to the Security Architect team.
  • Provides sound advice and recommendations to leadership and staff on a variety of relevant topics within the pertinent subject domain
  • Works with the Security Architect Analysts to monitor ongoing project activities, intake of new projects and monitoring of the Security Engagement Process to meet team objectives for performance.
  • Develops specific goals and plans to prioritize, organize, and accomplish work.
  • Champions leaders’ vision for product and service delivery.
  • Makes and executes the necessary decisions to keep moving forward toward achievement of goals.
  • Provides direction and assistance to other teams regarding projects.
  • Determines priorities, schedules, plans and necessary resources to promote completion of any projects on schedule.
  • Analyzes information and evaluates results to choose the best solution and solve problems.
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy