Citi EMEA CSFC Core Team Senior Specialist / Manager in Budapest, Hungary

  • Primary Location: Hungary,Budapest,Budapest

  • Education: Bachelor's Degree

  • Job Function: Technology

  • Schedule: Full-time

  • Shift: Day Job

  • Employee Status: Regular

  • Travel Time: No

  • Job ID: 17048964


Job Purpose:

In support to the Cyber Security Fusion Center (CSFC) mission, the CSFC Core Team is responsible for analyzing cyber threat information designed to increase Citi's cyber threat awareness and protection levels. By providing awareness, indications, warnings, and operational readiness, the CSFC Core Team protects the Citi brand, global business operations, technology infrastructure and client trust against cyber threats worldwide.

Job Background:

The Cyber Security Fusion Center (CSFC) rises to the challenge of our threat landscape with effective situational awareness and improved communication, coordination and collaboration across our footprint. The CSFC supports three strategic objectives:

• Prevent cyber-attacks against Citi and our critical partners by deterring, detecting, predicting, planning for and pre-empting threats;

• Reduce Citi’s vulnerability and risk to cyber-attacks by sharing new knowledge and providing relentless follow-up on priority issues; and

• Minimize damage and recovery time from cyber-attacks that do occur by serving as a coordinating entity. The CSFC serves as a key information sharing enabler to support enhanced unity of effort in planning and executing a new framework for intelligence-driven activities. The CSFC is supported by forensic, analytic and knowledge management tools that capitalize on our understanding of the current threat landscape, coupled with conventional thinking and acting in concert and support of various departmental missions.

Key Responsibilities:

• Main responsibility is to be able to lead and be the acting deputy of the EMEA CSFC Head, including the Core, ADV2 and every matrix teams who are included in the CSFC concept

• Manage external and internal client events (Tour of the Site)

• Take responsibility and be the key person in Cyber Security Crisis Management

• Monitor-wall management and including monitor contain management

• Develop and introduce demos during the Tours: phishing demo, malware demo, mobile infection, etc.

• Engage daily as the CSFC EMEA lead with different Information Security teams to gather intelligence and data for analysis, particularly in the EMEA region

• Represent the CSFC in EMEA with Citi’s Security Operation teams to collect and analyse data for incident metrics reporting.

• Lead CSFC EMEA cyber threat analysis, alerting, and reporting based on intelligence and information gathered from both internal and external sources globally

• Drive cyber security research projects using multiple data sources, perform analysis and disseminate findings to both technical and non-technical consumers throughout the Citi enterprise

• Work daily with different Information Security counterparts to gather intelligence and data for analysis and to formulate changes in technology, policy or procedure that may reduce the risk to information security with an emphasis in the EMEA region

• Actively monitor and research cyber threats with a direct or indirect impact to the Citi brand, regional business operations, technology infrastructure and client trust

• Apply expertise to ascertain the impact of an attack and develop threat trends and mitigation techniques and countermeasures that can prevent future attacks

• Supervise daily interactions with the Cyber Security Fusion Center and collaborate with Cyber Intelligence Center staff to fuse threat intelligence with risk, impact, mitigation and recovery assessments

• Maintain a routine business integration with the CSFC leaders in Warren, NJ, USA and Irving, TX, USA

Development Value:

The Citi Cyber Security Fusion Center (CSFC) Core Team is charged with analyzing, investigating, and mitigating cyber threats against Citi through the fusion of analysis from nine different internal information security, technology infrastructure, and security/investigative services groups. The CSFC’s responsibilities and approach are unique and industry leading in that the centers focus is to continually improve the company’s cyber security defensive and responsive capabilities against ever present cyber threats. The CSFC Budapest team will be closely aligned with the other CSFC teams in the U.S. and one that will be recruited in Singapore in early 2016 to ultimately provide a 24 hour, follow the sun cyber security analytic and mitigation capability for Citi, its partners, and clients.


Knowledge and Experience:

• Direct, hands-on experience working in a cybersecurity fusion or operations centre

• Significant experience in cyber security incident management and analysis

• In-depth knowledge of business, technology, security, intelligence, and/or risk processes and best practices

• Proven capability to conduct high level briefings and/or work products for sector executives

• Demonstrated ability to work with international organizations

• Understanding of cyber-security event monitoring concepts and escalation processes

• Ability to conduct high level briefings and/or work products for government or private sector executives

• Proven ability to review information to determine its significance, validate its accuracy and assess its reliability to technical and non-technical audiences

• Expertise or significant working knowledge several of the following areas:

o Cyber crime

 Money laundering

 Money Mules

 Fraud

o Advanced Persistent Threat methods

o Lockheed Martin Kill Chain

o Mobile Threats

o Social Engineering

o Insider Threats

o Third Party risks and threats

o Data Leakage Threats

o Impact of actor trends


• Exceptional written and verbal communication and presentation skills to internal and external customers, ability to speak and write in multiple languages a plus

• Proven cyber security analytical and situational awareness skills

• Strong technical experience

• BigData / Mathematical background or similar experience is an advantage


• Bachelor’s degree or equivalent work experience, Master’s degree preferred

• 7+ years working in a cyber-security operations or information security space

• 2+ years at a cyber-threat analysis at a financial firm or government agency preferably in a leadership role

• 7+ years with IT/IS background

• 4+ years in people management

• 3+ years leading a cyber-threat analysis related function


• Must be a demonstrated proactive self-starter, self-motivated and able to work independently with little oversight

• Able to lead and manage multiple teams and to cooperate with them

• Quick decision making skills with the ability to see through complex situations easily

• High prioritizing skills

• Citi knowledge is a must to have (Products / Businesses, processes, legal and compliance procedures, etc.)