Security Operation Center - Incident Response Engineer (SVP)
Citigroup IncIrving, TX, United States1 day ago
Job type
- Full-time
Job descriptionLead and / or support in-depth triage and investigations of BAU, and urgent cyber incidents in traditional, and hybrid environments. Perform hands-on incident response functions including but not limited to host-based analytical functions (e.g. digital forensics, metadata, malware analysis, etc.) through investigating Windows, Unix based, appliances, and Mac OS X systems to uncover Indicators of Compromise (IOCs) and / or Tactics, Techniques and Procedures (TTPs). Participate in incident response efforts using forensic and other custom tools to identify any sources of compromise and / or malicious activities taking place. Serve as the SOC incident response regional contact in major cyber events and security incidents. This will include collaborating with global multidisciplinary groups to triage and define scope, as well as documenting and presenting investigative findings. Provide security expertise to the SOC IR team, leveraging industry standards as appropriate. Train and coach junior colleagues on relevant best practices. Partner with SOC Incident Response management on all program governance activities, including the development and / or maintenance of standards, procedures, metrics, reporting and training. Collaborate with other incident response functions such as Citi Security Investigative Services (CSIS) and Security Incident Management (SIM). Oversee and participate in the hands-on execution of SOC IR processes. Identify and measure critical metrics and continually improve the efficiency and effectiveness of all core services in scope. Provide appropriate updates to management regarding security event handling, trends, analysis, incident response resolutions and lessons learned. Participate in readiness exercises such as purple team, tabletops, etc. Stay current with the evolving landscape of threat activities and cybersecurity best practices. Quickly synthesize information from disparate sources. Scrutinize evidence thoroughly to identify relationships and develop leads. Establish defensible working theories to explain observations and findings. Perform investigations in a forensically sound manner.
Security Operation Center - Incident Response Engineer (SVP)
Citi's Security Operations Center (SOC) Incident Response Team seeks a highly skilled and experienced incident response hands-on practitioner to support and execute critical efforts aimed at protecting Citi infrastructure, assets, clients, and stakeholders. This is a demanding role with global exposure and responsibility. You will serve both as a technical subject matter expert and as an ambassador for the incident response team. You will be assigned to Citi's SOC and will collaborate closely with a talented cadre of security specialists and incident responders to triage and contain security events. Your observations and recommendations will impact security decisions across the organization and play an important part in maturing Citi's security posture.
This position requires strong leadership, active in-depth hands-on technical expertise, and prior experience in global cyber incident response operations within a SOC. As a Senior Vice President, you will assist a group of incident response professionals who triage and investigate cybersecurity incidents in cloud, traditional (i.e. on-premises), and hybrid environments. This position will be technically challenging and rewarding, but will also provide ample opportunity to establish partnerships, mentor colleagues and shape team culture.
The ideal candidate will be a technically experienced hands-on individual contributor and innovative security professional who has the ability and experience to lead a team of security professionals and execute broad security goals within a global team. Candidates should be experienced in coaching junior team members.
Requirements :
- Bachelor's and master's degree in a technically rigorous domain such as Computer Science, Information Security / Technology, Engineering, Digital Forensics, etc.
- 10+ years of professional experience in cybersecurity and / or information security or demonstrated equivalent capability.
- 8+ years hands-on working in cyber incident response and investigations in medium to large organizations with cloud and forensics components.
- Incident response and hands-on technical experience in a global financial institution.
- Experience with performing and managing tasks of 24x7 Incident Response services.
- Experience with creation, leading the development, implementation, and management of incident response plans and response activities.
- Proven leadership, communication, issue resolution and performance management skills.
- Lead by example.
- Enable team success by being approachable and available.
- Innovate and inspire others.
- Embrace challenges and approach any failures as opportunities for learning and improvement.
Responsibilities :
A skilled and creative incident responder. Success will depend on your ability to :
Create a job alert for this search
Security Engineer • Irving, TX, United States
Related jobs)
Our team members are at the heart of everything we do.At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on ...Show moreLast updated: 5 days ago
We are the leader in human-centric cybersecurity.Half a million customers, including 87 of the Fortune 100, rely on Proofpoint to protect their organizations.
We’re driven by a mission to stay ahead...Show moreLast updated: 1 day ago
Through our service brands Hyundai Motor Finance, Genesis Finance, and Kia Finance, Hyundai Capital America offers a wide range of financial products tailored to meet the needs of Hyundai, Genesis,...Show moreLast updated: 30+ days ago
Principal Security Engineer - IAM.Lennar is one of the nation's leading homebuilders, dedicated to making an impact and creating an extraordinary experience for their Homeowners, Communities, and A...Show moreLast updated: 7 days ago
Experian is a global data and technology company, powering opportunities for people and businesses around the world.We help to redefine lending practices, uncover and prevent fraud, simplify health...Show moreLast updated: 1 day ago Sr Security Engineer, Detection Engineering.Lennar is one of the nation's leading homebuilders, dedicated to making an impact and creating an extraordinary experience for their Homeowners, Communit...Show moreLast updated: 4 days ago 
BNSF the preeminent freight and mobility company in north america.Come make a difference with us!.The US base salary range for this full-time position is provided below : .
The range represents the am...Show moreLast updated: 30+ days ago
Pilot CBP Air Interdiction Agent.Considering making an application for this job Check all the details in this job description, and then click on Apply.
Air and Marine Operations (AMO), a component o...Show moreLast updated: 30+ days ago
Cybersecurity Incident Response (Detection Engineer).Cybersecurity Incident Response (Detection Engineer).Global Security Operations Center (SOC), responsible for 24 / 7 monitoring, detection, invest...Show moreLast updated: 7 hours ago Customs and Border Protection (CBP) offers those interested in a career in law enforcement an exceptional opportunity to work with an elite team of highly trained professionals whose camaraderie, p...Show moreLast updated: 30+ days ago Our team members are at the heart of everything we do.At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on ...Show moreLast updated: 21 days ago 
Contract to Hire • • Work Location - Dallas or Miramar or open to remote Skills • 2 or more years of experience managing an EDR in an Enterprise environment • 2 or more years of cloud-based infrastru...Show moreLast updated: 30+ days ago
Work Schedule - 8am-5pm (HYBRID May be 1- 2 day a week in office).Anticipated Start Date - ASAP 2nd week of August.Anticipated length of assignment - 1 year.
As a Cyber Security Operations Engineer ...Show moreLast updated: 1 day ago
The Senior Release Manager is a strategic partner within the technology organization, reporting to SVP of Global Engineering.
This role works closely with engineering, product and enterprise project...Show moreLast updated: 29 days ago BNSF the preeminent freight and mobility company in north america.Come make a difference with us!.The US base salary range for this full-time position is provided below : .
The range represents the am...Show moreLast updated: 30+ days ago Customs and Border Protection (CBP) offers those interested in a career in law enforcement an exceptional opportunity to work with an elite team of highly trained professionals whose camaraderie, p...Show moreLast updated: 30+ days ago 
Your seniority as a security engineer puts you in the ranks of the top talent in your field.Play a critical role at one of the world's most iconic financial institutions where security is vital.As ...Show moreLast updated: 30+ days ago
Hiring near our Irving, TX Center of Excellence with a flexible environment.Join a world-class team of skilled engineers who build creative digital solutions to support our colleagues and clients.W...Show moreLast updated: 30+ days ago
- Promoted
Engineer II - OT Security Engineer
AmerisourceBergen Corporation (Cencora)Richardson, TX, United StatesFull-time
- Promoted
Security Solutions Engineer II
ProofpointDallas, TX, United StatesFull-time
Security Operations and Incident Response Manager
Hyundai Capital AmericaUSA, Texas, PlanoFull-time
- Promoted
Principal Security Engineer - IAM
Lennar HomesIrving, TX, USFull-time
- Promoted
Director of Cyber Defense Security Operations (Remote)
ExperianAllen, TX, United StatesRemote
Full-time
- Promoted
Sr Security Engineer, Detection Engineering
Lennar HomesIrving, TX, USFull-time
- Promoted
Sr / Staff Cybersecurity Engineer (Remote - US)
BNSF RailwayFort Worth, TX, United StatesRemote
Full-time
- Promoted
Air Interdiction Agent
U.S. Customs and Border ProtectionRhome, Texas, USFull-time +1
- Promoted
- New!
Sr. Cybersecurity Incident Response (Detection Engineer)
Blue YonderCoppell, TX, United StatesFull-time
- Promoted
Border Patrol Agent
U.S. Customs and Border ProtectionBardwell, Texas, USPermanent
- Promoted
Principal Engineer - Cyber Incident Response
AmerisourceBergen Corporation (Cencora)Frisco, TX, United StatesFull-time
- Promoted
Senior Engineer, Information Security Operations
Guru SchoolsDallas, TX, United StatesFull-time
- Promoted
Cyber Security Operations Engineer II
Veterans SourcingCarrollton, TX, United StatesFull-time
- Promoted
Senior Release Manager
Pluralsight, LLCWestlake, TX, United StatesFull-time
- Promoted
Cybersecurity Engineer I / II (Remote - US)
BNSF RailwayFort Worth, TX, United StatesRemote
Full-time
- Promoted
United States Border Patrol Agent
U.S. Customs and Border ProtectionBardwell, Texas, USPermanent
- Promoted
Security Engineer II
JPMorgan Chase Bank, N.A.Plano, TX, United StatesFull-time
- Promoted
Lead Security Engineer - Purple Team (Dallas Ft Worth Metro)
GartnerIrving, TX, United StatesFull-time