• Own the day-to-day security operations for a HIPAA-regulated, cloud-only environment • Harden Microsoft security stack, run incident response, hunt threats, and build the security program • Investigate alerts, tune detections, close gaps in Conditional Access, ensure compliance posture • Manage and refine Conditional Access policies, administer Privileged Identity Management (PIM) • Harden Exchange Online Protection and own email authentication projects • Write and tune KQL queries in Microsoft Defender Advanced Hunting and triage alerts • Implement Microsoft Purview information protection labels, DLP policies, and retention rules • Execute posture improvement roadmaps with external Microsoft security partner

Senior Cybersecurity Analyst | Fraud (Remote) Remote/Virtual Locations: GEORGIA, USA Full time With a career at The Home Depot, you can be yourself and also be part of something bigger. Position Purpose: We are seeking a Cybersecurity Senior Fraud Analyst to support our Identity Fraud Prevention Team, focusing on AI-driven fraud detection, deepfake mitigation, and advanced fraud penetration tactics. The ideal candidate will work closely with staff analysts to identify, analyze, and combat sophisticated fraud schemes leveraging Generative AI (GenAI), synthetic identities, and adversarial machine learning attacks. This role requires deep expertise in fraud detection methodologies, cybersecurity frameworks, and automation-driven fraud prevention strategies. Key Responsibilities: Fraud Analysis & Investigation: Conduct in-depth analysis of identity fraud patterns, including synthetic identity fraud, credential stuffing, account takeovers (ATO), and deepfake-enabled fraud. Develop AI-powered fraud detection models and continuously refine existing fraud prevention techniques. Identify adversarial AI threats, including automated bot fraud, GenAI-enabled phishing, and social engineering attacks. AI & Deepfake Detection: Research and implement machine learning models to detect deepfake-generated identities, voice fraud, and AI-assisted fraud schemes. Stay ahead of fraudster tactics using generative AI tools to fabricate convincing yet fraudulent documents, images, and videos. Collaborate with security engineers and data scientists to develop countermeasures for deepfake-based fraud attempts. Threat Intelligence & Red Teaming: Perform advanced fraud penetration testing against identity verification and fraud prevention systems. Assess vulnerabilities in biometric authentication, document verification, and AI-driven fraud defenses. Monitor and analyze dark web and underground fraud forums for emerging identity fraud trends and tactics. Collaboration & Incident Response: Work closely with staff analysts, cybersecurity teams, and fraud risk managers to escalate fraud cases and implement risk mitigation strategies. Assist in fraud investigations by providing AI-driven insights and real-time threat intelligence. Partner with engineering and data teams to improve fraud detection algorithms and automation frameworks. Continuous Improvement & Strategy: Contribute to the development of next-gen identity fraud prevention frameworks. Stay updated on NIST 800-63, AI risk mitigation best practices, and emerging fraud countermeasures. Advocate for ethical AI use in fraud detection and ensure compliance with regulatory and industry standards. Qualifications & Experience: Required: 3-5 years of experience in fraud detection, cybersecurity, or AI-driven fraud prevention. Strong understanding of identity verification, fraud analytics, and adversarial AI. Hands-on experience with fraud detection tools, machine learning models, and automation frameworks. Proficiency in Python, SQL, or other scripting languages for fraud analysis and data investigation. Knowledge of deepfake detection techniques, AI risk mitigation, and biometric security. Familiarity with fraudster TTPs (Tactics, Techniques, and Procedures) in digital identity fraud and organized retail crime. Experience with fraud modeling, anomaly detection, and AI-driven threat intelligence tools. Preferred: Certifications such as CFE (Certified Fraud Examiner), CEH (Certified Ethical Hacker), or CISSP. Experience working in CIAM, IAM, or identity fraud prevention environments. Background in threat hunting, adversarial AI research, or fraud penetration testing. Understanding of Generative AI ethics, deepfake countermeasures, and secure AI development principles. Key Responsibilities: - 50% Analysis - Synthesize data to develop a solution, communicate the solutions, present the solution to teams/stakeholders - 20% Collaborate - Partner cross-functionally to identify trends and resolve issues - 20% Drive Execution - Implement solutions to meet customer expectations; Ensure initiative/project goals are met in a timely manner - 10% Support and Enable - Mentor junior level Analyst Direct Manager/Direct Reports: - This Position typically reports to Manager or Sr. Manager - This Position has 0 Direct Reports Travel Requirements: - Typically requires overnight travel less than 10% of the time. Physical Requirements: - Most of the time is spent sitting in a comfortable position and there is frequent opportunity to move about. On rare occasions there may be a need to move or lift light articles. Working Conditions: - Located in a comfortable indoor area. Any unpleasant conditions would be infrequent and not objectionable. Minimum Qualifications: - Must be eighteen years of age or older. - Must be legally permitted to work in the United States. Minimum Education: - The knowledge, skills and abilities typically acquired through the completion of a bachelor's degree program or equivalent degree in a field of study related to the job. Minimum Years of Work Experience: - 5+ Competencies: - Action Oriented - Collaborates - Communicates Effectively - Customer Focus - Drives Results For California, Colorado, Connecticut, Rhode Island, Nevada, New York City, Ithaca (NY), Westchester County (NY), and Washington residents: The pay range for this position is between $100,000.00 - $180,000.00

Role Description This position supports Information Security and Cyber Threat management programs within the Bank at an advanced level of ability. Key responsibilities include: - Analyzing vulnerability and threat data to provide actionable intelligence for cyber defense efforts. - Evaluating the Bank's networks and systems to identify technical security gaps or deficiencies. - Recommending process improvements and technical solutions to address identified gaps or deficiencies. - Facilitating the defense of the organization's information security and technological architecture through ongoing reporting and escalation of emerging threats. - Providing guidance for less experienced associates in the work group or assisting with special projects. Responsibilities - Security Review: Monitors and evaluates security incidents, system alerts, audit events, and other activity for potential threats against the Bank's networks and systems. Detects anomalies, malware infections, and intrusion attempts. Identifies, recommends, and executes appropriate mitigation tactics for identified threats. May perform system testing or provisioning. - Analysis: Analyzes data from various operating systems, databases, and applications within the Bank. Sources and interprets data to proactively search for threats. - Business Support: Supports the defense of the organization's information security and technological architecture through a number of operational and technical tasks. Ensures all cyber security monitoring systems are online and fully operational as well as ensuring compliance with all security policies and standards. Maintains current knowledge about threat indicators, attack trends, and cyber-intel as well as news and reports from industry sources. Participates in the creation and maintenance of playbooks and incident response procedures. May answer inquiries or facilitate training on security threats for other associates in the work group. - Reporting: Produces reports that document investigation and security incidents as well as the results of analysis. Provides analytics and reporting that facilitates actionable cyber-intelligence within daily operations. Conveys information to the appropriate parties, which includes both internal and external partners. Qualifications - Bachelor's Degree and 4 years of experience in Information Security OR High School Diploma or GED and 8 years of experience in Information Security. - Preferred Qualifications: - 6+ years of experience in Cyber Security and/or Information Technology. - Proficiency in vulnerability scanning and reporting platforms such as Tenable, Qualys VMDR, Rapid7, Wiz, Brinqa, etc. - Experience with IT Service Management tools such as ServiceNow and Jira. Benefits Benefits are an integral part of total rewards and First Citizens Bank is committed to providing a competitive, thoughtfully designed and quality benefits program to meet the needs of our associates. More information can be found at https://jobs.firstcitizens.com/benefits .

• Respond to and triage alerts relating to phishing attacks, impersonation, scams, and brand abuse (e.g. Sublime, Doppel), escalating credible threats where appropriate. • Coordinate day-to-day operation of the bug bounty program, including communication with researchers, issue tracking, reporting, and internal follow-up. • Conduct user access reviews and review security settings, access configurations, and administrative controls across business systems, SaaS platforms, and internal infrastructure, tracking remediation where required. • Support recurring operational security workflows, including documentation, process tracking, and follow-up.