Cyber Threat Hunt Analyst

Citi is seeking a highly motivated and experienced Cyber Threat Hunt Analyst to join our team in Dublin, Ireland. This role is based in the Cyber Intelligence Center (CIC), which is part of the Chief Information Security Officer (CISO) organization. The CIC's primary mission is to provide proactive threat intelligence to protect Citi's global assets and infrastructure. The position is offered as a hybrid role, requiring in-office presence in Dublin).

• Conduct proactive, hypothesis-based threat hunting activities using various techniques and tools to identify malicious activity and potential security breaches.
• Develop and implement threat hunting strategies based on industry best practices, threat intelligence, and organizational risk assessments.
• Analyze network traffic, system logs, and other data sources to detect anomalies, patterns, and indicators of compromise (IOCs).
• Collaborate with other security teams, such as incident response, security engineering, and security operations, to enhance defenses and incident response capabilities.
• Investigate security incidents and breaches to determine scope, impact, and root cause.
• Develop and maintain threat hunting playbooks, procedures, and documentation.
• Stay up to date with the latest threat landscape, attack techniques, and security vulnerabilities.
• Contribute to the development and improvement of security tools and technologies.
• Provide technical expertise and guidance to other security team members.
• Communicate findings and recommendations to stakeholders in a clear and concise manner.

• Bachelor's degree in Computer Science, Information Security, or a related field.
• Minimum of 3 years of experience in cyber security, with a focus on threat hunting, incident response, or security analysis.
• Strong understanding of networking protocols, operating systems, and security technologies.
• Proficiency in analyzing network traffic, system logs, and other data sources using security tools such as SIEM, IDS/IPS, and packet capture tools.
• Experience with threat intelligence platforms and threat hunting frameworks.
• Knowledge of common attack techniques, malware families, and threat actor TTPs.
• Ability to develop and implement threat hunting strategies based on industry best practices and threat intelligence.
• Strong analytical and problem-solving skills.
• Excellent communication and collaboration skills.

• Security certifications such as GIAC GREM, CISSP, or GIAC GCTH.
• Experience with scripting languages such as Python or PowerShell for automating security tasks and data analysis.
• Familiarity with cloud security concepts and technologies.
• Experience with reverse engineering malware.
• Knowledge of data science and machine learning techniques for security analysis.
• Experience using Splunk for security analysis, threat hunting, and incident investigation.

By joining Citi Dublin, you will be part of a business casual workplace with a hybrid working model (up to 2 days working at home per week). You will receive a competitive base salary (annually reviewed) and a broad benefits package to support you and your family.

Citi is committed to ensuring a workplace where everyone can feel comfortable being their whole self. We seek the best talent and strive to energise, motivate, and empower our people to thrive.

Citi is an equal opportunity employer. Qualified candidates will receive consideration without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other characteristic protected by law. If you need a reasonable accommodation to apply, please contact Accessibility at Citi.