The cyber defense analyst for Services within the Business, Functions and Technology (BFT) is responsible for maintaining a secure technology ecosystem free from high-risk vulnerabilities and rapidly respond to the changing threat landscape and business demand to mitigate cyber risk for the Services business. **Responsibilities:** + **Vulnerability Operations** + Ensure business and technology remain within appetite for all applicable CSRAs and sustain it with the consistent operating model. + Enhance current VTM and GEM operating model in line with BFT Risk Governance organization with Path-to-appetite and reporting. + Timely escalate to CISO LTs and Businesses and ensure VTM Risk Treatment responses are entered in a timely fashion + Support VO Organization to improve the quality and integrity of VTM/GEM reports + Continue supporting VTM and GEM Uplift Program activities and reduce risk while reducing stakeholders’ pain-points (data/reporting, false positives, processes). + Perform root cause analysis of VA Issues and identification of repeated offenders for high risk vulnerabilities + **Security Incident Response** + Identify areas of repeating SIRT incidents, related trending and work with technology team and ISO contacts in reducing repeat volume instances. + Identify opportunities for improving SIRT workflow efficiencies and developing reporting which better reports on root causes for bringing down repeat instance volumes + Work with SIM and ISO community to facilitate the adherence of SIRT reporting timelines as per defined within SIRT standard, as well as identify deviations and its cause (Project Dixson) + Define and document escalation and response procedures between IR CFSC and Cyber Defense. + Document/update a Cyber Response plan or guideline to complement Business or Country Crisis Management Plans and support Crisis Management Team training. **Qualifications:** + 6-10 years of relevant experience + Understanding of security frameworks, specifically the Cyber Risk Institute (CRI) Profile + Proficient in interpreting and applying policies, standards, and procedures + Extensive knowledge of information security specifically in application security as well as risk assessment methodologies, tools, and industry standards. + Strong analytical, and problem-solving skills + Excellent communication and interpersonal skills + CRISC, CISA, CISM, CISSP preferred + At least intermediate-level proficiency in Microsoft Office tools **Education:** + Bachelor’s degree/University degree or equivalent experience This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required. ------------------------------------------------------ **Job Family Group:** Technology ------------------------------------------------------ **Job Family:** Information Security ------------------------------------------------------ **Time Type:** Full time ------------------------------------------------------ _Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law._ _If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review_ _Accessibility at Citi (https://www.citigroup.com/citi/accessibility/application-accessibility.htm)_ _._ _View Citi’s_ _EEO Policy Statement (https://www.citigroup.com/global/eeo-aa-policy)_ _and the_ _Know Your Rights (https://www.eeoc.gov/sites/default/files/2023-06/22-088\_EEOC\_KnowYourRights6.12ScreenRdr.pdf)_ _poster._ Citi is an equal opportunity and affirmative action employer. Minority/Female/Veteran/Individuals with Disabilities/Sexual Orientation/Gender Identity.