• Competitive
  • Singapour, Singapore
  • CDI, Plein-temps
  • Citibank NA
  • 2018-09-23

Cyber Security Advanced Adversary Team Member Intelligence Senior Analyst

Cyber Security Advanced Adversary Team Member Intelligence Senior Analyst

  • Primary Location: Singapore,Singapore,Singapore
  • Education: Bachelor's Degree
  • Job Function: Technology
  • Schedule: Full-time
  • Shift: Day Job
  • Employee Status: Regular
  • Travel Time: Yes, 10 % of the Time
  • Job ID: 18038208


  • Perform cyber threat analysis, alerting, and reporting based on intelligence and information gathered from both internal and external sources
  • Conduct research using multiple data sources, performs analysis and disseminates findings to senior Citi leaders
  • Provide understanding of Advanced Persistent Threat (APT) actors, their motivations, skillsets, toolsets and intent
  • Operate under the mode of thinking that a network is always in a state of compromise in order to detect persistent activity that is not otherwise detected by existing process, procedure and technology
  • Be part of a team that can perform deep inspection of both current and previous environmental indicators for indications of persistent attacker presence
  • Hunt down and respond to targeted threats and intrusions
  • Leverage Big Data to conduct research and analysis
  • Find/develop new threat intelligence, detection, and suggest hardening strategies
  • Drive changes needed to respond to emerging threats
  • Collaborate with leadership to improve internal investigation capabilities for responding to security events through tool building and training
  • Identify incidents of significance through fusion of current and historic threat data; determine impact, urgency and audience to whom prevention, detection, mitigation and remediation guidance
  • Oversee the preparation of written reports and give presentations to internal and external customers
  • Apply expertise to ascertain the impact of an attack and develop threat trends to develop mitigation techniques and countermeasures that can prevent future attacks
  • Enumerate adversary's tradecraft to address asymmetrical capabilities and enhance Citi's cyber tradecraft
  • Liaison with external partners to build greater situational awareness for the Cyber Security Fusion Center and its partners


3-5 years of related experience in the following areas:
  • Forensic analysis, threat intelligence, adversary hunting, anomaly detection and analysis, and the discovery of previously undiscovered cyber threats or attacks
  • Strong knowledge in network protocols and operating system structures and hierarchy (Windows and Linux)
  • Targeted attack techniques, tactics, and procedures
  • Analyzing DNS, network, honeypot, IDS/IPS, logs, forensic and other common industry hunting tools and feeds
  • IT and InfoSec background including cryptography and network/systems/physical security
  • Scripting (Python, Powershell, Bash, etc.)
  • Malware Reverse Engineering.
  • Network-based and system-level attacks and mitigation methods.
  • Disk/network/memory forensic tools, log analysis, and developing custom scripts/functionality
  • Forensics reports and investigation summaries to include the reporting of the why, what, how, and when of a cyber-attack
  • Analyze and triage malware use static/dynamic techniques, including investigations of botnet and rootkit behavior
  • Well rounded and interested in current global geopolitical topics and understanding the cyber threat nexus
  • Strong writing and verbal communication skills
  • Ability to perform "Intel-Lead" hunt activity which includes understanding a threat actors motivations, tactics, techniques and procedures and being able to formulate a hypothesis and hunt methodology based on those attributes
  • 3+ years performing information security incident response
Singapour, Singapore Singapour Singapore SG