CrawlJobs Logo
Citi Logo Citi · IT - Software Development

Soc Cloud Analyst

United States, Irving Employment contract 96400.00 - 144600.00 USD / Year · Job Posted June 15, 2026
Apply Position
Job Link Share

Job Description

Join Citi's Chief Information Security Office (CISO) as a SOC Cloud Analyst (Info Security Tech Sr Analyst - C12) and play a central role in protecting one of the world's most complex financial institutions from evolving cyber threats. Sitting within a globally integrated security function, you will monitor, detect, and respond to security incidents across major cloud environments (AWS, MS Azure, and Google Cloud) ensuring Citi's data, clients, and operations remain secure. This is an opportunity to make a measurable impact within a team that manages information security as a single, end-to-end program with clear accountability and a mandate aligned to modern security frameworks.

Job Responsibility

  • Monitor security events and alerts across cloud environments — including AWS, MS Azure, and Google Cloud — using dedicated security monitoring tools to detect threats in real time
  • Lead and support investigations into cloud security incidents, coordinating with incident response teams to assess technical risk and drive timely resolution
  • Assess the threat landscape on a regular basis, identifying emerging risks and ensuring controls remain effective as conditions evolve
  • Identify vulnerabilities in cloud systems and infrastructure, working with senior security colleagues to prioritize and address findings
  • Collaborate with system development and infrastructure teams to embed security controls throughout the development lifecycle, including authentication and encryption practices
  • Prepare security reports and documentation to support audits, compliance reviews, and internal governance requirements
  • Develop and maintain technical security procedures and process documentation, ensuring guidance is current, clear, and actionable
  • Mentor and support junior team members, sharing knowledge and contributing to a culture of continuous learning within the security function

Requirements

  • 5+ years of experience in information security, cloud security, or a closely related discipline
  • Hands-on experience monitoring and responding to security events in cloud environments such as AWS, MS Azure, or Google Cloud
  • Ability to communicate security findings and risk assessments clearly and concisely, both in writing and verbally, to technical and non-technical audiences
  • Demonstrated ability to build effective working relationships and influence outcomes across cross-functional teams
  • Strong analytical capability, with the ability to assess complex security scenarios and translate findings into clear, actionable recommendations
  • Bachelor's degree or equivalent professional experience

Nice to have

  • Familiarity with cloud security best practices, frameworks, or certifications (e.g., AWS Security Specialty, Microsoft SC-200, or equivalent)
  • Experience supporting vulnerability assessments or ethical hacking programs within cloud or hybrid environments
  • Exposure to security tooling used in a Security Operations Centre (SOC) context, such as SIEM platforms or cloud-native security services
  • Experience contributing to audit preparation or compliance documentation within a regulated financial services environment

What we offer

  • Medical, dental & vision coverage
  • 401(k)
  • Life, accident, and disability insurance
  • Wellness programs
  • Paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays
  • Hybrid working model — 3 days in the office and 2 days working remotely
  • Access to ongoing training and professional development in cloud security and cybersecurity
  • The opportunity to work within a globally integrated security program
  • A culture that values merit, inclusion, and authenticity
  • Meaningful work that directly contributes to the safety of Citi's clients, employees, and data
  • Competitive benefits and financial wellbeing support
Citi - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Soc Cloud Analyst

8 matching positions

Security Operation Center (SOC) Cloud Analyst - Assistant Vice President

The Security Operation Center (SOC) Cloud Analyst is an intermediate level posit...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-8 years of relevant experience
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills
  • Proven analytical skills
  • Bachelor’s degree/University degree or equivalent experience
Job Responsibility
Job Responsibility
  • Monitor security events and alerts from cloud environments (e.g., AWS, Azure, Google Cloud) using security monitoring tools
  • Assist in the detection and investigation of security incidents in the cloud
  • Work with senior security team members to identify vulnerabilities in cloud systems and infrastructure
  • Assist in the preparation of security reports and documentation for audits and compliance
  • Collaborate with internal teams to implement cloud security best practices and mitigate risks
  • Participate in ongoing training and professional development opportunities in cloud security and cybersecurity
  • Fulltime
Read More
Arrow Right

SOC Analyst II

Piper Companies is hiring an SOC Analyst II to support a client in the technolog...
Location
Location
United States , Raleigh
Salary
Salary:
105000.00 - 125000.00 USD / Year
pipercompanies.com Logo
Piper Companies
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active Secret Clearance
  • Experience as a Tier 2 SOC Analyst supporting incident detection and response
  • Hands-on expertise with Splunk SIEM, AWS environments, and cloud security operations
  • Familiarity with modern security frameworks, threat detection, and investigative methodologies
Job Responsibility
Job Responsibility
  • Monitor and triage security alerts across SIEM (Splunk), EDR (Defender, Trend Micro), cloud platforms (Wiz, AWS Security Hub, GuardDuty), DLP, and network tools
  • Perform Tier 2 incident investigations, analyzing events to determine impact and required response
  • Support post-incident reviews and enhance detection rules, playbooks, and response processes
  • Contribute to SOC metrics, reporting, and overall operational effectiveness
What we offer
What we offer
  • Health
  • Vision
  • Dental
  • PTO
  • Paid Holiday
  • Sick Leave if Required by Law
  • Fulltime
Read More
Arrow Right

Soc Analyst

Location
Location
United Kingdom , Cambridge
Salary
Salary:
Not provided
roku.com Logo
Roku
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong understanding of SIEM, EDR, cloud security services (e.g., AWS GuardDuty), and various security technologies
  • Experience in automation and development of automated playbooks and associated processes in security orchestration, automation and response (SOAR) environments
  • Experience in the creation of incident response plans and leading incident response efforts and post incident reporting when required
  • Threat intelligence, knowledge of tactics, techniques, and procedures (TTPs) utilised by threat actors and how to generate and deploy mitigation strategies
  • Vulnerability management, monitoring, reporting and engagement with necessary stakeholders to ensure timely remediation
  • Can demonstrate strong understanding of network security principles and encryption technologies
  • Experience of security change management processes and procedures
  • Demonstrate experience of risk assessment and advisory capabilities on both internal systems and products/solutions from third party vendors (SaaS, AI etc)
  • Experience in contributing to the development, implementation and management of security policies and procedures
  • Strong knowledge of security frameworks and industry best practices – such as ISO 270001, NIST, PCI-DSS and others
Job Responsibility
Job Responsibility
  • Supporting the design and implementation of information security systems and frameworks including threat prevention, detection and mitigation tools
  • Manage, maintain and optimize security information and event management (SIEM) platforms and associated security infrastructure
  • Detect and respond to information security incidents, investigate security incidents, identify attack vectors, and lead containment/eradication/recovery efforts
  • Create detailed incident reports, lead post-incident reviews, document lessons learned, and contribute to compliance reporting
  • Hunt for undetected threats, tune security tools, refine detection rules, and address false positives
  • Vulnerability management, analysis, oversee the vulnerability management lifecycle and reporting, support prioritization and advise relevant stakeholders on vulnerability status and postures
  • Identify risks in new and existing projects and environments and support the implementation of necessary security controls to meet business needs
  • Support the implementation of security orchestration, automation and response (SOAR) playbooks and procedures in order to improve response times and ensure consistent approach to incidents
  • Provide mentorship and support to more junior analysts, act as escalation point for complex issues
  • Support in testing and evaluation of security products and solutions
What we offer
What we offer
  • Global access to mental health and financial wellness support and resources
  • healthcare (medical, dental, and vision)
  • life, accident, disability, commuter, and retirement options (401(k)/pension)
  • Fulltime
Read More
Arrow Right

Cybersecurity SOC Analyst

About the Role Location: Remote EST Position Description: Incident response f...
Location
Location
United States , King of Prussia
Salary
Salary:
80000.00 - 85000.00 USD / Year
bhsg.com Logo
Beacon Hill
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years experience
  • 1+ years proven Cyber Security troubleshooting SOC Analyst experience ability creating the detection, creating the alert in the environment
  • SIEM experience is a must
  • Excellent Problem Solving
  • Critical thinking
  • And any 2 of the following: Email gateway
  • Microsoft 365
  • Purview
  • Cloud – Azure, Purview, M365, AWS, GCP any Cloud
Job Responsibility
Job Responsibility
  • Incident response from beginning to end
  • Detection platform, assigned incidents to work beginning to end
  • Threat hunting – using indicators to find in environment
  • On call hours for 7 days on a 24/7 rotation – highly unlikely that you’ll get a call during the week. On the weekends, there are a few tasks to be performed, and you’ll be the point person if anything goes wrong. 5 hours max would cover it (2.5 Saturday and 2.5 Sunday). Roughly one week every 5 weeks.
  • Fulltime
Read More
Arrow Right

Senior SOC Analyst

In Cyclad we work with top international IT companies in order to boost their po...
Location
Location
Salary
Salary:
Not provided
cyclad.pl Logo
Cyclad Sp. z o.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in a SOC or cybersecurity operations role
  • Strong experience with SIEM platforms (e.g., Splunk, IBM QRadar, Microsoft Sentinel)
  • Hands-on experience with EDR/XDR solutions (e.g., CrowdStrike, Microsoft Defender, SentinelOne)
  • Solid understanding of network protocols, system logs, and security event analysis
  • Experience with threat intelligence platforms and frameworks (e.g., MITRE ATT&CK)
  • Proficiency in analyzing logs from Windows, Linux, and cloud environments
  • Familiarity with scripting (e.g., Python, PowerShell) for automation and analysis
  • Strong analytical, problem-solving, and decision-making skills
  • Fluent English, both written and spoken
Job Responsibility
Job Responsibility
  • Monitor, analyze, and respond to security events and incidents using SIEM and other security tools
  • Lead incident response activities, including investigation, containment, eradication, and recovery
  • Perform advanced threat hunting and detection engineering
  • Develop and tune detection rules and use cases to improve SOC effectiveness
  • Analyze malware, phishing campaigns, and emerging threats
  • Coordinate with IT, engineering, and external stakeholders during security incidents
  • Mentor and support junior SOC analysts
  • Create and maintain incident response playbooks and documentation
  • Participate in on-call rotation and handle escalated security alerts
  • Ensure compliance with internal policies and industry standards
What we offer
What we offer
  • Private medical care with dental care (covering 70% of costs)
  • Family package option possible
  • Multisport card (also for an accompanying person)
  • Life insurance
  • Work with talented engineers on large-scale, technically challenging projects
  • Fulltime
Read More
Arrow Right

Senior SOC Analyst

The Senior SOC Analyst will play a crucial role in enhancing security operations...
Location
Location
United Kingdom , Birmingham
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Must be able to obtain SC Clearance or already hold SC clearance
  • SIEM Expertise: Hands-on experience with at least two of the following: Splunk, IBM QRadar, Microsoft Defender for Endpoint, Microsoft Sentinel, Google Chronicle
  • Strong knowledge of log formats, parsing, and normalization
  • Experience with KQL, SPL, AQL, or other SIEM query languages
  • Familiarity with scripting (Python, PowerShell) for automation and enrichment
  • Deep understanding of threat detection, incident response, and cyber kill chain
  • Familiarity with MITRE ATT&CK, NIST, and CIS frameworks
  • Strong verbal and written English communication
  • Strong interpersonal and presentation skills
  • Strong analytical skills
Job Responsibility
Job Responsibility
  • Deploy, configure, and maintain SIEM platforms (Splunk, QRadar, Sentinel, Defender, Chronicle)
  • Onboard and normalize log sources across cloud and on-prem environments
  • Develop and optimize analytical rules for threat detection, anomaly detection, and behavioural analysis
  • Design and implement incident response playbooks for various threat scenarios (e.g., phishing, lateral movement, data exfiltration)
  • Integrate playbooks with SOAR platforms (e.g., Microsoft Logic Apps, XSOAR) to automate triage and response
  • Continuously refine playbooks based on threat intelligence and incident feedback
  • Monitor and analyse security alerts and events to identify potential threats
  • Perform in-depth investigations and coordinate incident response activities
  • Collaborate with threat intelligence teams to enrich detection logic
  • Conduct threat modelling exercises using frameworks like MITRE ATT&CK, STRIDE, or Kill Chain
What we offer
What we offer
  • We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing
  • Our Learning and Development team ensure that there are continuous growth and development opportunities for our people
  • We also offer the opportunity to have flexible work options
Read More
Arrow Right

SOC Analyst L3

The primary function of the Tier 3 Analyst is to enhance our security operations...
Location
Location
Belgium , Diegem
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 3 to 5 years of experience in the IT security industry, preferably working in a SOC/NOC environment
  • Hands-on experience with at least two of the following: Splunk, IBM QRadar, Microsoft Defender for Endpoint, Microsoft Sentinel, Google Chronicle
  • Strong knowledge of log formats, parsing, and normalization
  • Experience with KQL, SPL, AQL, or other SIEM query languages
  • Familiarity with scripting (Python, PowerShell) for automation and enrichment
  • Deep understanding of threat detection, incident response, and cyber kill chain
  • Familiarity with MITRE ATT&CK, NIST, and CIS frameworks
  • Strong verbal and written English communication
  • Strong interpersonal and presentation skills
  • Strong analytical skills
Job Responsibility
Job Responsibility
  • Deploy, configure, and maintain SIEM platforms (Splunk, QRadar, Sentinel, Defender, Chronicle)
  • Onboard and normalize log sources across cloud and on-prem environments
  • Develop and optimize analytical rules for threat detection, anomaly detection, and behavioural analysis
  • Design and implement incident response playbooks for various threat scenarios (e.g., phishing, lateral movement, data exfiltration)
  • Integrate playbooks with SOAR platforms (e.g., Microsoft Logic Apps, XSOAR) to automate triage and response
  • Continuously refine playbooks based on threat intelligence and incident feedback
  • Monitor and analyse security alerts and events to identify potential threats
  • Perform in-depth investigations and coordinate incident response activities
  • Collaborate with threat intelligence teams to enrich detection logic
  • Conduct threat modelling exercises using frameworks like MITRE ATT&CK, STRIDE, or Kill Chain
  • Fulltime
Read More
Arrow Right

Senior SOC Analyst

Brunswick is in search of a Senior Security Operations Center (SOC) Analyst to j...
Location
Location
United States , Mettawa
Salary
Salary:
87800.00 - 128750.00 USD / Year
herbrucks.com Logo
Herbruck Poultry Ranch
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in cybersecurity, computer science, engineering, or related field
  • Five plus years of experience in SOC monitoring, incident response, or related fields
  • Certifications in Information Security and related disciplines are a plus
  • Demonstrated technical understanding in emerging cybersecurity threats
  • Ability to create detections aligning with the MITRE ATT&CK framework
  • Expertise in SOAR, SIEM, threat intelligence, identity management, and endpoint detection and response tools
  • Strong understanding of threats, vulnerabilities, and incident response principles
  • Excellent judgment and ability to make quick decisions in complex situations
  • Perform tasks independently and work within a fast-paced environment
  • Exceptional written and verbal communication skills across varying levels of the organization
Job Responsibility
Job Responsibility
  • Serve as a subject matter expert for a team of analysts dedicated to monitoring and responding
  • Respond to and investigate cybersecurity incidents, including those that occur off-hours as part of a scheduled on-call rotation
  • Serve as a mentor and escalation point for junior SOC analysts, assisting with day-to-day SOC requirements
  • Identify strengths and areas for improvement within the team to improve skills and knowledgebase
  • Stay current with cybersecurity threats, AI developments, risks, and vulnerabilities that could impact services
  • Create detections aligned with the MITRE ATT&CK framework and recommend improvements to leadership
  • Refine and maintain playbooks, procedures, and guidelines that align with industry best practices
  • Maintain strong partnerships with security engineering, incident response, and IT teams to improve monitoring, workflow, and response capabilities
  • Document and share information with team members to help improve analytical skills
  • Support monitoring and response metrics, KPIs, and service level objectives for security events and incidents
What we offer
What we offer
  • annual discretionary bonus
  • medical
  • dental
  • vision
  • paid vacation
  • 401k (up to 4% match)
  • Health Savings Account (with company contribution)
  • well-being program
  • product purchase discounts
  • Fulltime
Read More
Arrow Right