The Intelligence Lead Analyst is a senior level professional responsible for driving efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy.

Responsibilities:

• Analyze regional threat data and determine a correlation if any, to existing intelligence requirements
• Monitor and research cyber threats with a direct or indirect impact to the Citi brand
• Research and identify malicious activity by performing post-mortem analysis on logs, traffic flows, and other activities
• Conduct intrusion analyses to ascertain the impact of an attack, and develop mitigation techniques for future attacks
• Evaluate networks and programs to assess potential weaknesses and points of entry
• Analyze and present to senior leadership discovered patterns to forecast future cyber-attacks and their potential impact
• Liaise with intelligence communities, law enforcement, industry partners, peer financial institutions, and information sharing communities
• Triage, process, analyze, and disseminate intelligence alerts, reports, and briefings
• Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.

Qualifications:

• 6-10 years of relevant experience
• Should have a working knowledge in one or more of the following areas: Advanced Persistent Threat, Third Party Risks/Threats, Cybercrime, Extremist Groups and Cyber Terrorists, Hacktivism, Distributed Denial of Service attacks, Fraud, Malware, Mobile Threats
• Consistently demonstrates clear and concise written and verbal communication
• Proven influencing and relationship management skills
• Proven analytical skills

Education:

• Bachelor’s degree/University degree or equivalent experience
• Master’s degree preferred

This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.

Job Description

Job Summary

The Citi Security and Investigative Services (CSIS) Security Intelligence Analyst is responsible for coordinating, refining, and executing strategic security intelligence analysis and production in a fast-paced and dynamic environment. This position coordinates implemented processes and tasks pertaining to the analysis and production of security assessments and specialized products in consultation with leadership and key partners. Based in Mexico City, Mexico this position will report to xxxxx.

Business description (group overview)

Citi Security and Investigative Services (CSIS) is a full-service security and investigative team that protects the assets, integrity, and reputation of the company and its clients. We accomplish this by offering in-house professional security services and independent investigations to clients across all of businesses, and partnerships with other business groups, law enforcement agencies, governments and industry counterparts.

Job Purpose

The Global Intelligence & Analysis (GIA) program within CSIS combines a specialized global intelligence research and analytical resources, in support of threat (fraud, security, and cyber) and business intelligence. The Security Intelligence Analyst position is responsible for coordinating, refining, and executing tactical and strategic security intelligence analysis and production in a fast-paced and dynamic environment. This position coordinates implemented processes and tasks pertaining to the analysis and production of CSIS and business stakeholder requested security assessments and specialized products in consultation with leadership and key partners. The analyst will conduct strategic and operational analysis of security threats and geopolitical risks faced by the company and its businesses, including geo-political and regional conflicts, political and social unrest, organized crime, terrorism, non-state actors, rule of law and economic stability. The analysis will be based on internal and external data/reporting and further developed in collaboration with leadership and key partners. The analyst will act as a project manager for key strategic projects and partner with other staff to support related products, collection management, and analysis. The position requires the ability to turn difficult and evolving threat activities into business questions and structured analytical solutions, which drives changes, mitigation strategies, impacts risk management processes and informs senior decision makers. Additionally, the position will be responsible for seeking improvements in intelligence methodologies used for creating new solutions and analytical models - based on subject matter expertise in identified security threat areas for the company. 

Key Responsibilities/ Day to Day Activities

• Function as GIA analyst on security threat streams and deliver all-source intelligence products and analytical assessments.
• Support GIA efforts to coordinate security threat streams for the CSIS leadership and other stakeholders.
• Gather, analyze, produce, and disseminate intelligence information and products as tasked.
• Produce briefings/presentations and present information to clients, internal stakeholders, or leadership.
• Meet deadlines and maintain consistency with updating schedules for various products and services; proactively seek out new information to include in products.
• Apply theory and methods to collect, organize, analyze, interpret, and summarize reports and information to provide actionable intelligence and situational awareness to decision makers in coordination with the Security Intelligence Program Manager and other GIA staff, as appropriate.
• Maintain partnerships with other units responsible for investigative, intelligence, or security related operations, monitoring, crisis management, and response.
• Conduct review of physical security threats that create risk to the company, its employees, shareholders, assets and clients. 
• Demonstrate ability to identify the problems and product/solution needs of our internal stakeholders.
• Be familiar with conducting forecasting and ‘over the horizon’ threat analysis.
• Lead sub-program, which may include management of people, management of vendors or outside resources, case/project assignments and oversight, approval of final products, and program reporting.
• Train and mentor others, including ongoing professional development.

                                                                                                                                                                                              

Qualifications:

Experience (years, type, nature of work, specialized knowledge and technical skills)

• At least five to eight years previous experience with private sector organization is preferred, including prior experience working as part of a globally and/or regionally dispersed team.
• Analytic experience related to intelligence analysis (private or government), geopolitical risk, cyber threat intelligence analysis, statistical/data analysis, or relevant experience in large and complex environments.
• Ability to conduct effective and combined qualitative and quantitative intelligence analysis to provide impactful findings and holistic understanding of threat issues.          

Qualifications (educational background, licenses, professional knowledge) & Skills (soft skills)

• Minimum of a Bachelor’s degree preferred, post graduate degree welcomed.
• Bilingual in English and Spanish preferred. Portuguese speakers welcomed.
• Expertise in Microsoft Office products – Word, Excel, Outlook, & PowerPoint – and demonstrated creativity in use of these products to solve analytical problems.
• Excellent communication, negotiation, and presentation skills with the ability to communicate effectively through all levels of the organization.
• Self-motivated and independent operator with the ability and maturity to make decisions in the absence of detailed instructions and operate in fast paced and dynamic settings.
• Able to work an occasional flexible schedule as crisis response requires.

------------------------------------------------------

Job Family Group:

Technology

------------------------------------------------------

Job Family:

Information Security

------------------------------------------------------

Time Type:

Full time

------------------------------------------------------

Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View the "EEO is the Law" poster. View the EEO is the Law Supplement.

View the EEO Policy Statement.

View the Pay Transparency Posting