Head of Cyber Threat Intelligence

About Citi:
Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments, and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management.

As a bank with a brain and a soul, Citi creates economic value that is systemically responsible and in our clients’ best interests. As a financial institution that touches every region of the world and every sector that shapes your daily life, our Enterprise Operations & Technology teams are charged with a mission that rivals any large tech company. Our technology solutions are the foundations of everything we do from keeping the bank safe, managing global resources, and providing the technical tools our workers need to be successful to designing our digital architecture and ensuring our platforms provide a first-class customer experience. We reimagine client and partner experiences to deliver excellence through secure, reliable, and efficient services.

Our commitment to diversity includes a workforce that represents the clients we serve from all walks of life, backgrounds, and origins. We foster an environment where the best people want to work. We value and demand respect for others, promote individuals based on merit, and ensure opportunities for personal development are widely available to all. Ideal candidates are innovators with well-rounded backgrounds who bring their authentic selves to work and complement our culture of delivering results with pride. If you are a problem solver who seeks passion in your work, come join us. We’ll enable growth and progress together.

About Our Team:

The Chief Information Security Office (CISO) is home to deeply talented colleagues that work to ensure the safety of Citi's clients', our revenue, our employees and our proprietary data. We manage information security as one end-to end program – one with a clear mandate and accountability. Our mission is a program that is fully anchored to modern control and architectural frameworks, is fully aligned with the enterprise architecture of the firm and is deeply integrated into the sectors and functions.

This Sr. Director role will lead the Cyber Threat Intelligence function, which both proactively identifies and reports on external cyber threats to Citi and participates in incident management activities. The function supports operational through executive customers with products ranging from a daily to an annual cadence, and has an industry-standard collections, analysis, dissemination, and engagement make-up. The function is part of a cyber security fusion center and works very closely with those teams.

This is a senior role involving managing managers, and direct communication with executives, and the successful candidate will have experience at this level. Technical and crisis management experience strongly preferred.

The Head of Cyber Threat Intelligencewill leverage threat information to guide the risk management process for enterprise IT security risks while informing key stakeholders on strategic, operational, and tactical threats and likelihood/impacts on an ongoing basis. Build regular reporting mechanisms to keep stakeholders across a wide geographic area as well as a broad range of career-levels up to C-Level/Board of Directors informed on latest trends, techniques, tactics of cyber adversaries and subsequent risks. Manage and grow a best-in-class cyber threat team to aid in proactively identifying security risks in systems/applications/networks using cyber threat intelligence to think like an adversary.

MAJOR DUTIES AND RESPONSIBILITIES 

Oversees a function that identifies, reacts to, and where feasible pre-empts externally occurring threats to Citi’s cyber safety, from tactical response through to policy making.

• Manage the CTI function, including setting strategic direction, and overseeing the management of staff and budgets.

• Represents CTI to executive level forums and processes, and to major clients and other stakeholders as needed.

• Takes an active role in wider fusion center leadership, including supporting other teams as necessary.

• Operates impact metrics to measure the success of the function.

REQUIRED QUALIFICATIONS
Skills/Abilities and Knowledge

• Expert knowledge of the cyber threat landscape (nation state / geopolitical, cybercrime, hacktivism, insider risks, etc.) – able to articulate and incorporate into program understanding of major threat categories, motivations, and intent of adversaries against corporate assets - help organization see threats around the proverbial corner.

• Deep understanding of malware families/evolution, indicators (pyramid of pain), TTPs (tools, tactics/techniques, procedures) used by cyber adversaries and how to apply effectively to help inform key stakeholders of attack chains & exploits while also building threat assessments for organizational cyber adversaries and their probability/intent to attack.

• Expert level knowledge and understanding of technology across various domains

• Proven ability to lead a security function with previous leadership experiences building, guiding, and growing threat intelligence programs, vulnerability management programs, incident response & hunting programs.

• Experience with working inside, and through, security operations/fusion centers, or equivalent.

• Skillfully synthesizes large quantities of complex information under pressure. Distills it to the most critical issues and draws accurate conclusions, taking into account a high degree of uncertainty Experience relaying sensitive information to appropriate parties

• A team player with the ability to enable changes in the business processes and ability to work cooperatively with all groups is essential

• Keeps clients, superiors, peers, and direct reports updated based on their information needs

• Displays a sense of urgency to resolve issues quickly and efficiently

• Experience leading others, providing constructive feedback, and growing a high performing team culture.

• Demonstrated interpersonal skills and ability to work effectively and collaboratively with a wide range of stakeholders

• Skill in organizing resources and establishing priorities

• Ability to work with others to resolve problems, handle requests or situations

• Ability to multi-task and handle on a proactive basis, changing priorities in a fast-paced environment in order to maximize time-management and efficiencies

• Ability to recruit, motivate, develop, and direct people as they work, identifying the best people for the job

• Goals oriented, with proven track record in collaborating with diverse stakeholders and driving results, especially via influence management

• Successful history of working in and leading teams to meet business needs

Education
BA/BS in Information Technology, Computer Science, MIS or related field or equivalent work experience

Related Work Experience

• 10 - 12 years IT work experience 

• 7 - 10 years Leadership experience 

• 5 - 7 years Project management experience

PREFERRED QUALIFICATIONS
Skills/Abilities and Knowledge

• Strong conceptual and technical knowledge for modern IT environments to include server configuration/architecture, cloud, database management/configuration, networking protocols/designs, access management/access controls, coding languages/software development methodologies.

• Expert-level understanding in two or more cybersecurity/information security domains to include but not limited to access management, security operations, threat management/cyber threat intelligence, vulnerability management/vulnerability assessments/ethical hacking/penetration testing/red teaming, security engineering, SDLC, encryption, etc.

• Previous experiences working for or extensively with with law enforcement, government agencies, information sharing centers.

Related Work Experience
15+ years of experience

------------------------------------------------------

Job Family Group:

------------------------------------------------------

Job Family:

------------------------------------------------------

Time Type:

------------------------------------------------------

Primary Location:

------------------------------------------------------

Primary Location Full Time Salary Range:

In addition to salary, Citi’s offerings may also include, for eligible employees, discretionary and formulaic incentive and retention awards. Citi offers competitive employee benefits, including: medical, dental & vision coverage; 401(k); life, accident, and disability insurance; and wellness programs. Citi also offers paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays. For additional information regarding Citi employee benefits, please visit citibenefits.com. Available offerings may vary by jurisdiction, job level, and date of hire.

------------------------------------------------------

Anticipated Posting Close Date:

------------------------------------------------------

Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View the "EEO is the Law" poster. View the EEO is the Law Supplement.

View the EEO Policy Statement.

View the Pay Transparency Posting