Insider Threat Analyst - Remote

Job Title: Insider Threat Analyst

Location: Remote

Duration: 12+ Months (Extendable)

:

• cyber security background with hands-on experience working with insider threat programs, data loss prevention, and behavioural analytics UEBA.

• Strong preference for CISSP, GSLC, GCED, or other security certifications.

• Preference for experience with case management systems.

• Strong preference for experience with Splunk.

Qualifications

· Bachelor’s Degree (STEM, Humanities, IT) OR 5 years of a related discipline or an equivalent combination of education and work experience

· 5-7 years related experience in Cyber Security, Insider Threat, Intelligence Community, Federal Law Enforcement, or a related field

· Demonstrable understanding of computer networking concepts, communication protocols, primary threat actor attack methods and toolsSkilled in collecting, analyzing, and interpreting qualitative and quantitative data from multiple sources, documenting results and analyzing findings to provide advanced threat intelligence

· Ability to understand and learn technical specifications, system requirements and other application design information as needed

· Ability to use commercial and Opensource tools to quickly analyze, detect, and respond to cyber security events or incidents

· Ability to effectively collaborate with diverse teams

· Excellent analytical skills and strong attention to detail

· Strong written communication skills including experience with reports and presentations for executive audiences

· Relevant information security certification (e.g. CISSP) is preferred but not required

· Financial services experience is a plus

Your Impact:

• Use your analytical problem-solving skills to identify trends and patterns in data that indicate a potential or existing insider threat event

• Understand and apply risk scoring and threat analysis tools to improve the Freddie Mac security posture

• Leverage your experience with User and Entity Behavior Analytics (UEBA), Data Loss Prevention (DLP) security controls, and SIEM tools to properly detect, categorize, and document threat events

• Monitor various sources for insider threat activity on a continuous basis, including commercial and Opensource tools to quickly analyze, detect, and mitigate potential cyber security incidents

• Analyze internal threat intelligence and security related activities for the development of cyber threat summaries including risks to the institution and specific actions for the institution to consider

• Communicate and collaborate effectively with various lines of business, trusted parties, individual contributors and management

• Create structured and ad-hoc communications appropriate to different audiences on both technical and non-technical topics

• Develop comprehensive security write-ups which describe security issues, analysis, and remediation techniques to senior management

• Develop internal documentation, such as detailed procedures, playbooks, and operational metrics reports as required

• Execute daily ad-hoc tasks or lead small projects as needed