Information Security Senior Analyst

About The Position

Requirements

• 3+ years of experience in Information Technology, Cybersecurity, brand protection, or fraud prevention.
• Demonstrated experience with the tools and resources available to conduct email and threat analysis.
• Strong technical and analytical expertise.
• Cross-functional understanding of email operations, security practices, and user experience.
• Familiarity with OSINT (Open Source Intelligence) techniques.
• Demonstrated ability to use approved AI/LLM tools responsibly, including prompt development, critical output validation, and documentation of analyst review in alignment with acceptable-use and governance requirements.
• Excellent written and verbal communication and presentation skills.
• Strong analytical, investigative, and problem-solving skills.
• Ability to organize and prioritize multiple ongoing tasks via efficient time management.
• Ability to work independently as well as in a team to achieve desired results.
• Developed communication and diplomacy skills to guide and influence decision-makers.

Nice To Haves

• Project management skills are a plus.
• A degree in Cybersecurity, IT, or a related field is a plus.
• Cyber Certifications are desired, though optional (e.g., CISSP, GSEC, CISA, Security+).

Responsibilities

• Actively monitor and research cyber threats, including phishing, that have a direct or indirect impact or threat on Citi, its workforce, or the Citi brand.
• Monitor a wide range of digital channels, including e-commerce platforms, social media, and app stores, for brand abuse.
• Develop and manage processes to track identified incidents to resolution.
• Initiate and manage takedown requests on various platforms for phishing sites and brand impersonation cases.
• Analyze email threats and manage associated controls.
• Identify automation opportunities for repetitive triage, enrichment, and documentation tasks.
• Use approved AI/LLM tools to assist with alert summarization, IOC extraction, and case narrative drafting while critically validating all outputs for accuracy, bias, and trustworthiness prior to operational use.
• Develop and manage weekly, monthly, quarterly, and annual metrics and reports on brand protection activities, trends.
• Triage information received from vendors and process it through defined internal workflows.
• Actively engage in liaison activities with internal stakeholders, intelligence communities, industry associations, and peer institutions.
• Keep up to date with the ever-changing cybersecurity landscape to remain relevant and knowledgeable.
• Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients, and assets.

Benefits

• medical, dental & vision coverage
• 401(k)
• life, accident, and disability insurance
• wellness programs
• paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays.