Job Summary:
Research and analyze cyberthreat and geopolitical intelligence issues of interest to Citi leaders and cybersecurity stakeholders to disseminate findings in written and oral form.
Job Description:
Citi’s Cyber Intelligence Center is seeking a senior cyberthreat analyst to serve as an individual contributor on the Strategic Intelligence Team. This position’s primary duties involve conducting research and performing analysis to produce intelligence products in written and oral form for Citi cybersecurity stakeholders. This role must coordinate and collaborate with cross-functional cyber intelligence and fusion center teams and engage with other business elements, partners, or clients, as necessary. The ideal candidate will possess in-depth knowledge of cyberthreat principles, understand how geopolitical events shape the cyberthreat landscape, strong critical thinking and interpersonal skills, the capability to lead projects independently, and strong proficiency in briefing senior leaders and external partners.
Primary Duties:
- Conduct research on existing and emerging cyberthreat issues that may impact Citi, including clients, customers, suppliers, and the Financial Sector
- Analyze cyberthreat information to form analytic assessments that are substantiated with evidence and supported by level of confidence
- Contextualize geopolitical, technical, regulatory, and legislative issues that could impact the cyberthreat landscape across one or multiple countries or regions
- Draw high-quality and objective conclusions that assess impact with a nexus to Citi
- Conduct trend-over time analysis of cyberthreat activity, identifying patterns, changes in threat vectors and levels, and potential impact to Citi, her clients, and suppliers.
- Maintain subject matter expertise on assigned area(s) of responsibility, including understanding threat actor TTPs and motivations, assessing attribution, and identifying patterns, commonalities, and linkages between multiple actors
- Evaluate underlying sources and methods to assess the veracity of information informing assessments and confidence in reporting
- Produce clearly written, properly sourced, and grammatically correct intelligence products that adhere to established style guide and template standards and clearly articulate and support all analytic conclusions
- Conduct briefings to internal partners, senior management, and external partners and clients, conveying technical matters in a digestible manner to non-technical audiences when needed
Preferred Qualifications:
- Analytic experience in covering China geopolitical and cyber activity, with an emphasis on targeting Financial Institutions
- Good technical comprehension with ability to apply technical knowledge to strategic reporting and appropriately customize technical details to intended audiences
- Solid understanding on key drivers to cyberthreat activity, such as the role geopolitics, regulatory environments, and emerging technology play on the cyberthreat landscape
- Demonstrated use of analytic tools or cyber intelligence principles, such as Structured Analytic Techniques, OSINT tools, indicator pivoting, or cyberthreat frameworks, such as Mitre ATT&CK or Cyber Kill Chain
- Working level knowledge of Mandarin
- Ability to translate technical matters to non-technical customers
- Strong briefing skills
Job Skills/Qualifications:
- Bachelor’s degree required; a plus if education includes competency in an analytic or technical discipline
- 7+ years’ experience working in an intelligence analysis job function; geopolitical and cyberthreat subject matter expertise preferred
- Advanced intelligence analysis experience and skills
- Excellent written and verbal communication and presentation skills
- Ability to effectively communicate with all levels of senior management
- Familiarity with open-source intelligence research and methodologies