Insider Threat Analyst Jobs

At U.S. Bank, we’re on a journey to do our best. Helping the customers and businesses we serve to make better and smarter financial decisions and enabling the communities we support to grow and succeed. We believe it takes all of us to bring our shared ambition to life, and each person is unique in their potential. A career with U.S. Bank gives you a wide, ever-growing range of opportunities to discover what makes you thrive at every stage of your career. Try new things, learn new skills and discover what you excel at—all from Day One.

U.S. Bank is seeking an Insider Threat Analyst to support analysis and threat detection for the Information Security Insider Threat (ISIT) program. The Insider Threat Analyst will have a broad understanding of data loss prevention and insider threat prevention concepts, technical expertise, and analytical capabilities to detect patterns and anomalies across data sets of technical and non-technical indicators. #ISS
Responsibilities:

• Conduct log file analysis to recognize and report activity of concern.
• Work to grow your knowledge in the areas of current technologies, developments, security compliance requirements, standards, and industry trends to help achieve the goals of the department.
• Document findings in a manner that technical and non-technical stakeholders can consume while being prepared to explain the details of your analytic work to team leadership and customers.
• Perform initial analysis on data from systems to identify unexpected or malicious activity across channels while keeping the bigger picture in mind of how this activity fits into the overall threat landscape.
• Work independently and with teams to understand and complete analysis activities.
• Utilize your understanding of Insider Threat principles to help identity trends and patterns which can assist the Data Science team in the development of new detection rules and models.
• Work as an independent contributor to the Insider Threat Triage and Analysis team with the goal of detecting risks and gaps in the areas of people, processes, and technology.
• Review data and behaviors to identify problems from multiple angles, gather information, and ask relevant questions to aid in your understanding of information gaps needed to produce best results.
• Collaborate with Data Science team to provide feedback for validation and improvement of various tools, models, and processes.
• Articulate the implications of the risks relative to insider threats to relevant stakeholders.

Basic Qualifications:

• Bachelor's degree or equivalent work experience
• At least 3+ years of experience with processes, tools, techniques, and practices for assuring adherence to standards associated with accessing, altering, and protecting organizational data.

Required Skills/Experience:

• Basic understanding of data loss prevention and insider threat prevention concepts.
• Basic understanding of cloud environments (AWS, AZURE, and GCP).
• Experience writing queries with SQL or SPL.
• Experience analyzing log activity on network devices, servers (i.e. web servers) and clients.
• Professional communication skills, both oral and written.
• Experience analyzing security events and activities with a variety of data analysis and visualization tools (such as: Splunk, Net Witness, Proofpoint).
• Demonstrated critical thinking and problem-solving skills.
• Technical knowledge and analytical capabilities to detect patterns and anomalies across data sets of technical and non-technical indicators.
• 1+ year experience supporting an enterprise-wide Insider Threat program.
• Basic understanding of relational databases and big data databases.
• Experience with NIST 800 series, NIST CSF, and ISO 27000 series frameworks.

Preferred Skills:

• Desire and motivation to contribute and help to push the team forward in all areas – the ideal candidate will not have a “that’s not my job” mentality
• Insider Threat-specific training/certifications such as Certified Counter-Insider Threat Professional-Fundamentals (CCITP-F), Certified Counter-Insider Threat Professional-Analysis (CCITP-A), the NITTF Hub Operations Course, or CERT Insider Threat course work and certifications.
• Ability to work independently while remaining open to constructive criticism and coaching from others.
• Analytic mindset – the perfect candidate should enjoy the process of conducting deep-dive analysis on difficult problem sets and be comfortable forming assessments and conclusions without a prescribed step-by-step procedure for every situation.
• Comfort collaborating regularly within team in addition to some collaboration with relevant stakeholders outside of the team.
• Industry certifications in information security and technology auditing including, CISSP, CISM, CGEIT, CISA, GIAC GSEC.

If there’s anything we can do to accommodate a disability during any portion of the application or hiring process, please refer to our disability accommodations for applicants.
Learn how the way we work at U.S. Bank drives meaningful relationships with our customers and collaboration across the company.
Benefits:
Our approach to benefits and total rewards considers our team members’ whole selves and what may be needed to thrive in and outside work. That's why our benefits are designed to help you and your family boost your health, protect your financial security and give you peace of mind. Our benefits include the following (some may vary based on role, location or hours):

• 401(k) and employer-funded retirement plan
• Healthcare (medical, dental, vision)
• Paid vacation (from two to five weeks depending on salary grade and tenure)
• Basic term and optional term life insurance
• Pregnancy disability and parental leave
• Sick and Safe Leave accruals of one hour for every 30 worked, up to 80 hours per calendar year unless otherwise provided by law
• Adoption assistance
• Short-term and long-term disability
• Up to 11 paid holiday opportunities

EEO is the Law
U.S. Bank is an equal opportunity employer committed to creating a diverse workforce. We consider all qualified applicants without regard to race, religion, color, sex, national origin, age, sexual orientation, gender identity, disability or veteran status, among other factors. Applicants can learn more about the company’s status as an equal opportunity employer by viewing the federal KNOW YOUR RIGHTS EEO poster.
E-Verify
U.S. Bank participates in the U.S. Department of Homeland Security E-Verify program in all facilities located in the United States and certain U.S. territories. The E-Verify program is an Internet-based employment eligibility verification system operated by the U.S. Citizenship and Immigration Services. Learn more about the E-Verify program.