CrawlJobs Logo

SOC Incident Responder

https://www.citi.com/ Logo

Citi

Location Icon

Location:
United States, Irving

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Employment contract

Salary Icon

Salary:

125760.00 - 188640.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

Citi's Security Operations Center (SOC) Incident Response Team seeks a highly skilled and experienced incident response practitioner to support critical efforts aimed at protecting Citi infrastructure, assets, clients, and stakeholders. This is a demanding role with global exposure and responsibility. You will serve as a subject matter expert and a hands-on first responder for cyber incidents, working with global teams to uncover and address security threats across various environments.

Job Responsibility:

  • Lead and/or support in-depth triage and investigations of urgent cyber incidents in cloud, traditional, and hybrid environments
  • Perform incident response functions including but not limited to host-based analytical functions through investigating Windows, Unix based, appliances, and Mac OS X systems to uncover Indicators of Compromise (IOCs) and/or Tactics, Techniques and Procedures (TTPs)
  • Create and track metrics based on the MITRE ATT&CK Framework and other standard security-focused models
  • Work with application and infrastructure stakeholders to identify key components and information sources such as environments, servers, workstations, middleware, applications, databases, logs, etc.
  • Participate in incident response efforts using forensic and other custom tools to identify any sources of compromise and/or malicious activities
  • Collaborate with global multidisciplinary groups for triaging and defining the scope of large scale incidents
  • Document and present investigative findings for high profile events and other incidents of interest
  • Participate in readiness exercises such as purple team, table tops
  • Train junior colleagues on relevant best practices.

Requirements:

  • Bachelor's degree in a technically rigorous domain such as Computer Science, Information Security, Engineering, Digital Forensics, etc.
  • 5+ years of professional experience in cybersecurity and/or information security, or demonstrated equivalent capability
  • 2+ years hands-on working in cyber incident response and investigations in medium to large organizations with cloud and forensics components
  • Experience in Cloud Forensics/IR
  • Hands-on Dev/Sec/Ops experience with cloud environments and underlying storage, compute and monitoring services
  • Prior experience with cloud common services
  • Hands-on experience with forensic investigations or large scale incident response in cloud environments
  • Hands-on experience with containerization methods and tools (e.g. Docker, Kubernetes) including incident response and digital forensics
  • Certifications (e.g. GIAC, AWS, etc) in cloud or demonstrated equivalent capability
  • Hands-on experience with analyzing and pivoting through large data sets
  • Current hands-on experience in digital forensics (e.g. computer, network, mobile device forensics, and forensic data analysis, etc.)
  • Familiarity with malware analysis and Reverse Engineering of samples (e.g. static, dynamic, de-obfuscation, unpacking)
  • In-depth File system knowledge and analysis
  • In-depth experience with timeline analysis
  • In-depth experience with Registry, event, and other log file and artifact analysis
  • Hands-on experience with a DFIR toolset and related scripting
  • Current expertise with an EDR system
  • One or more GIAC (e.g. GCFE, GCFA, GREM, GCIH, GASF, GNFA, etc.) or other digital forensic and/or incident response certifications
  • Experience in Windows Operating Systems / UNIX / Mac OS X, specifically in system administration, command line use, and file system knowledge
  • Proficient in basic scripting and automation of tasks (e.g. C/C++, Powershell, JavaScript, Python, bash, etc.)
  • Working knowledge of networking protocols and infrastructure designs
  • Working knowledge of relational database systems and concepts (SQL Server, PostgreSQL, etc.)
  • Working knowledge of virtualization products (e.g. VMware Workstation)
  • Must have flexibility to work outside of normal business hours when necessary.

Nice to have:

  • Experience in Basic Scripting and Automation
  • Working knowledge of relational database systems and concepts
  • Working knowledge of virtualization products.
What we offer:
  • Medical, dental & vision coverage
  • 401(k)
  • Life, accident, and disability insurance
  • Wellness programs
  • Paid time off packages including vacation, sick leave, and holidays
  • Discretionary and formulaic incentive and retention awards.

Additional Information:

Job Posted:
June 11, 2025

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
View All Jobs In This Company
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon
Welcome to CrawlJobs.com
Your Global Job Discovery Platform
At CrawlJobs.com, we simplify finding your next career opportunity by bringing job listings directly to you from all corners of the web. Using cutting-edge AI and web-crawling technologies, we gather and curate job offers from various sources across the globe, ensuring you have access to the most up-to-date job listings in one place.
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Australia Jobs China Jobs Canada Jobs Mexico Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
© 2025 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy