x
Get our mobile app
Fast & easy access to Jobstore
Use App
Congratulations!
You just received a job recommendation!
check it out now
Browse Jobs
Companies
Campus Hiring
Download App
Browse Jobs
Companies
Campus Hiring
News
Download App
Employers
View All Jobs
Jobs in Singapore
Jobs in Singapore   »   Jobs in Singapore   »   24774163 VP - SOC Incident Responder
banner picture 1 banner picture 2 banner picture 3

24774163 VP - SOC Incident Responder

Citibank N.a.

Job Type   /   Job Level
Full-time   /   Others/Any
Job Location
Singapore, Singapore, Singapore
Salary Offered

Whether you’re at the start of your career or looking to discover your next adventure, your story begins here. At Citi, you’ll have the opportunity to expand your skills and make a difference at one of the world’s most global banks. We’re fully committed to supporting your growth and development from the start with extensive on-the-job training and exposure to senior leaders, as well as more traditional learning. You’ll also have the chance to give back and make a positive impact where we live and work through volunteerism.

Shape your Career with Citi

Citibank serves as a trusted advisor to our retail, mortgage, small business and wealth management clients at every stage of their financial journey. Through Citi's Access Account, Basic Banking, Citi Priority, Citigold and Citigold Private Client, we offer an array of products, services and digital capabilities to clients across the full spectrum of consumer banking needs worldwide.

We’re currently looking for a high caliber professional to join our team as SOC Incident Responder - VP based in Singapore. Being part of our team means that we’ll provide you with the resources to meet your unique needs, empower you to make healthy decision and manage your financial well-being to help plan for your future. For instance:

Job Description

Security Operations Center (SOC) Incident Response Team seeks a highly skilled and experienced incident response practitioner to support critical efforts aimed at protecting Citi infrastructure, assets, clients and stakeholders. This is a demanding role with global exposure and responsibility. You will serve both as a technical subject matter expert and as an ambassador for the incident response team. You will be assigned to Citi's SOC and will collaborate closely with a talented cadre of security specialists and incident responders to react urgently to security events. Your observations and recommendations will impact security decisions across the organization and play an important part in maturing Citi's security posture.

As an individual contributor, you will be a hands-on first responder who triages and investigates cybersecurity incidents in cloud, traditional (i.e. on-premises), and hybrid environments. This position will be technically challenging and rewarding, but will also provide ample opportunity to establish partnerships, mentor colleagues and shape team culture. One guarantee is that no two days will be the same.


Responsibilities

Related activities include but are not limited to:

  • Lead and/or support in-depth triage and investigations of urgent cyber incidents in cloud, traditional, and hybrid environments.
  • Perform incident response functions including but not limited to host-based analytical functions (e.g. digital forensics, metadata, malware analysis, etc.) through investigating Windows, Unix based, appliances, and Mac OS X systems to uncover Indicators of Compromise (IOCs) and/or Tactics, Techniques and Procedures (TTPs).
  • Create and track metrics based on the MITRE ATT&CK Framework and other standard security-focused models.
  • Work with application and infrastructure stakeholders to identify key components and information sources such as environments (on-premises versus cloud), servers, workstations, middleware, applications, databases, logs, etc.
  • Participate in incident response efforts using forensic and other custom tools to identify any sources of compromise and/or malicious activities taking place.
  • Collaborate with global multidisciplinary groups for triaging and defining the scope of large scale incidents.
  • Document and present investigative findings for high profile events and other incidents of interest.
  • Participate in readiness exercises such as purple team, table tops, etc.
  • Train junior colleagues on relevant best practices.

Qualifications

You should be all of the following:

A skilled and creative incident responder. Success will depend on your ability to:

  • Stay current with the evolving landscape of threat activities and cybersecurity best practices.
  • Quickly synthesize information from disparate sources.
  • Scrutinize evidence thoroughly to identify relationships and develop leads.
  • Establish defensible working theories to explain observations and findings.
  • Perform investigations in a forensically sound manner.

A goal oriented individual contributor. Success will depend on your ability to:

  • Stay motivated and work independently with minimal oversight.
  • Adapt to changing requirements in a fast paced environment.
  • Multitask and meet deadlines despite competing priorities.
  • Navigate operational impediments in order to complete time sensitive tasks.
  • Identify and document any opportunities for process improvement.

A reliable team player. Success will depend on your ability to:

  • Practice mutual respect at all times.
  • Establish trust and build strong partnerships.
  • Resolve conflict in a constructive manner and use as an opportunity to develop team unity.
  • Prioritize collective success ahead of individual ambition.

A great communicator. Success will depend on your ability to:

  • Establish clear narratives to describe investigative findings and working theories.
  • Clearly and concisely articulate any recommendations that arise from investigative activities.
  • Motivate colleagues and partners to cooperate and support as needed.
  • Exert influence both verbally and in writing.

A passionate leader. Success will depend on your ability to:

  • Lead by example.
  • Enable team success by being approachable and available.
  • Innovate and inspire self and others.
  • Embrace challenges and approach any failures as opportunities for learning and improvement.

Minimum Requirements

Education, knowledge, and Experience:

  • Bachelor's degree in a technically rigorous domain such as Computer Science, Information Security, Engineering, Digital Forensics, etc.
  • 5+ years of professional experience in cybersecurity and/or information security, or demonstrated equivalent capability.
  • 2+ years hands-on working in cyber incident response and investigations in medium to large organizations with cloud and forensics components.

Experience in Cloud Forensics/IR

  • Hands-on Dev/Sec/Ops experience with cloud environments and underlying storage, compute and monitoring services
  • Prior experience with cloud common services
  • Hands-on experience with forensic investigations or large scale incident response in cloud environments.
  • Hands-on experience with containerization methods and tools (e.g. Docker, Kubernetes) including incident response and digital forensics.
  • Certifications (e.g. GIAC, AWS, etc) in cloud or demonstrated equivalent capability.

Experience in Incident Response

  • Hands-on experience with analyzing and pivoting through large data sets
  • Current hands-on experience in digital forensics (e.g. computer, network, mobile device forensics, and forensic data analysis, etc.).
  • Activities include but not limited to:

o In-depth experience with Registry, event, and other log file and artifact analysis.

o In-depth experience with timeline analysis.

o In-depth File system knowledge and analysis.

o Familiarity with malware analysis and Reverse Engineering of samples (e.g. static, dynamic, de-obfuscation, unpacking)

o Evidence preservation, following industry best practices.

o Memory collection and analysis from various platforms

  • Hands-on experience with a DFIR toolset and related scripting
  • Current expertise with an EDR system
  • One or more GIAC (e.g. GCFE, GCFA, GREM, GCIH,GASF, GNFA, etc.) or other digital forensic and/or incident response certifications.

Experience in the following operating systems:

  • Windows Operating Systems / UNIX / Mac OS X, specifically in system administration, command line use, and file system knowledge.

Experience in Basic Scripting and Automation

  • Proficient in basic scripting and automation of tasks (e.g. C/C++, Powershell, JavaScript, Python, bash, etc.).

Network Concepts and Understanding

  • Working knowledge of networking protocols and infrastructure designs; including routing, firewall functionality, host and network intrusion detection/prevention systems, encryption, load balancing, and other network protocols.

Other

  • Working knowledge of relational database systems and concepts (SQL Server, PostgreSQL, etc.)
  • Working knowledge of virtualization products (e.g. VMware Workstation)
  • Must have flexibility to work outside of normal business hours when necessary.
  • Exceptional candidates from non-traditional backgrounds or who otherwise do not meet all of these criteria may be considered for the role provided they demonstrate sufficient skill and experience

How You’ll Succeed

Be conscientious and consistent in identifying security vulnerabilities and working with the respective engineering teams and stakeholders to provide sound guidance and remediations. Be a team player, and a keen learner.

Working at Citi is far more than just a job. A career with us means joining a family of more than 230,000 dedicated people from around the globe. At Citi, you’ll have the opportunity to grow your career, give back to your community and make a real impact.

Take the next step in your career, apply for this role at Citi today

https://jobs.citi.com/dei

Sharing is Caring

Know others who would be interested in this job?
Similar Jobs
Logistics Officer / Shipping Officer (Up $2700 / 0 - 2 years experience / East / 5 Days) NATL
Mci Career Services Pte. Ltd.
Quick Apply
Fleet Personnel Assistant Manager
Onesea Solutions Pte. Ltd.
Quick Apply
Senior Associate
Quantuma (singapore) Pte. Limited
Quick Apply
Associate
Quantuma (singapore) Pte. Limited
Quick Apply
COLDROOM STOREKEEPER
Ismy Pte. Ltd.
Quick Apply
Office Coordinator
MMR Research Worldwide LTD
Quick Apply
Content Creator (Photography/Videography)
Two Sleepy Heads Creative Studio
Quick Apply
Freelance Music Composer
Twine
Quick Apply
Accounts Payable, 6 months contract (0094 July 2024)
Royal Ocean Marine
Quick Apply
Senior Manager, Commercial, APAC
NielsenIQ
Quick Apply
© 2024 Jobstore. All rights reserved.