Senior Cyber Threat Analyst – NCFTA – VP – NYC, NY



About Citi

Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management. Our core activities are safeguarding assets, lending money, making payments and accessing the capital markets on behalf of our clients.

Citi’s Mission and Value Propositionexplains what we do and Citi Leadership Standardsexplain how we do it. Our mission is to serve as a trusted partner to our clients by responsibly providing financial services that enable growth and economic progress. We strive to earn and maintain our clients’ and the public’s trust by constantly adhering to the highest ethical standards and making a positive impact on the communities we serve. Our Leadership Standards is a common set of skills and expected behaviors that illustrate how our employees should work every day to be successful and strengthens our ability to execute against our strategic priorities.

Diversity is a key business imperative and a source of strength at Citi. We serve clients from every walk of life, every background and every origin. Our goal is to have our workforce reflect this same diversity at all levels. Citi has made it a priority to foster a culture where the best people want to work, where individuals are promoted based on merit, where we value and demand respect for others and where opportunities to develop to are widely available to all.

The Citi Cyber Intelligence Center (CIC) is part of the Global Information Security organization and is responsible for analyzing cyber threat information designed to increase Citi’s cyber threat awareness and protection levels. By providing awareness, indications, warnings, and operational readiness, the CIC protects the Citi brand, global business operations, technology infrastructure and client trust against cyber threats worldwide. In support to this mission, the CIC Threat Intelligence Team is responsible for providing various cyber threat alerts, reports, briefings and other products and services for Citi stakeholders. This position is embedded within the National Cyber-Forensics & Training Alliance (NCFTA) office in New York, New York. C-13 grade/level staff members are responsible for various cyber threat analysis and reporting tasks to be performed on a daily basis.

Primary Tasks:

  • Perform cyber threat analysis and reporting from both internal and external sources.
  • Attend NCFTA-hosted meetings and calls representing Citi’s interests.
  • Analyze cyber threat data and correlate with existing understanding of cyber threats impacting the Citi franchise.
  • Conduct research and write papers based on the identification of trends, up-an-coming threats, and tailor products to intended customers.
  • Actively monitor and research cyber threats with a direct or indirect impact to the Citi brand, region business operations, technology infrastructure and client trust.
  • Interact daily with the Citi CIC and Cyber Security Fusion Center staff members globally.
  • Leverage the CIC gap request process to request additional information from third party intelligence service providers.
  • Provide cyber threat analysis to support CIC Intelligence Product development and research.
  • Triage, process, analyze, and disseminate CIC alerts, reports, IIRs and briefings.
  • Should possess a basic understanding of the cyber threat Kill Chain methodology to ascertain the impact of an attack and develop threat trends to assist the mitigation work centers and personnel in developing mitigation techniques and countermeasures which can prevent or lessen the effects of future cyber attacks.
  • Participate in conference calls with third party intelligence providers to review cyber threat deliverables, intelligence gap support requests, guide analytic discussions and nominate topics to be covered during the calls.
  • Develop and further relationships with personnel at other financial institutions, government agencies and other appropriate organizations.



Bachelor’s degree or equivalent work experience.

  • 5+ years working in a cyber threat intelligence job function.
  • 2+ years working in a cyber fraud analysis related function.
  • Experience working in an operational environment preferred.
  • Should be familiar with a variety of structured analytic techniques to generate and test a hypothesis, assess cause and effect, challenge analysis, and support decision making. Examples of these techniques include, but are not limited to:
    • Structured Brainstorming
    • Key Assumption Check
    • Analysis of Competing Hypotheses
    • Alternative Analysis
    • Strengths-Weaknesses-Opportunities-Threats (SWOT) Analysis
    • Kill Chain Methodology
  • Should have a working knowledge in one or more of the following areas:
    • Advanced Persistent Threat
    • Third Party Risks/Threats
    • Cyber crime
    • Extremist Groups and Cyber Terrorists
    • Hacktivism
    • Distributed Denial of Service attacks
    • Fraud
    • Malware
    • Mobile Threats
    • Emerging Threats
    • Social Engineering
    • Insider Threats
  • Must be a self-starter, self-motivated and able to work independently with little oversight in a fast-paced task force environment.
  • Ability to effectively communicate with all levels of senior management.
  • Strong written and verbal communication and presentation skills.
  • Ability to work within cross-functional and cross-business teams.
  • Strong analytical skills.
  • This position will report to the Cyber Intelligence Center (CIC) North America (NAM) Team Chief.
  • The CIC NAM Team Chief reports to the CIC Intelligence Analysis Manager.
  • The CIC Intelligence Analysis Manager reports to the CIC Director.
  • The CIC Director reports to the Global Head of Cyber Security.


Leave a Reply