Insider Threat Analyst

Peopletec Colorado Springs , CO 80901

Posted 2 months ago

PeopleTec is currently seeking an Insider Threat Analyst to support our Colorado Springs, CO location.
PeopleTec is currently seeking an experienced, talented Insider Threat Analyst with active Top Secret clearance and currently SCI eligible.
The ideal candidate will have a solid understanding of incident response, insider threat investigations, forensics, cyber threats and information security.
Additionally the ideal candidate is familiar with insider threat monitoring software, host-based forensic tools, intrusion detection systems, intrusion analysis functions, security information event management (SIEM) platforms, endpoint threat detection tools, security operations ticket management and the ability to help create insider threat focused dashboards, reports and workflow diagrams.
The selected candidate will conduct advanced security event analytics, insider threat monitoring, log analysis, host-based forensics (as required), incident response, and case management.
The analyst will gather, integrate, review, assess, and respond to information derived from all-source indicators to include system information, counterintelligence, cybersecurity, contractor/civilian/military personnel management, anti-terrorism risk management, law enforcement, and any specifically tasked monitoring as directed.
Strong written and verbal communications skills are a MUST.
Required Skills/Experience: Must have experience as an all source analyst supporting tactical and/or strategic levels.
Must have Subject Matter Expert (SME) experience in the following areas: Insider Threat, User Activity Monitoring, Counterintelligence, Personnel Security.
Strong analytical and technical skills in Computer Network Defense Operations, ability to lead efforts in Incident Handling (Detection, Analysis, Triage), Hunting (anomalous pattern detection and content management) and Malware Analysis.
The ability to conduct technical analyses of user activity data and alerts to identify reliable indicators of insider threats.
Previous hands-on experience with a Security Information and Event Monitoring (SIEM) platform and log management systems that perform log collection, analysis, correlation, and alerting.
Work with Threat Intelligence team members to refine alerts based on triage results and current events (as allowed). Experience with Cyber Security, Insider Threat, and Policy Violation Investigations, and conducting supporting investigations.
Conduct threat analysis, provide assessments of threats and vulnerabilities, produce investigative leads, uncover policy violations, assess risk posed by trusted insiders, and oversee the data collection effort on subject networks using provided tools.
Ability to develop rules, filters, views, signatures, countermeasures and operationally relevant applications and scripts to support analysis and detection efforts.
Conduct data analysis of insider threat auditing and monitoring software systems to detect, identify and refer threats to the appropriate entities, including reviews of Intelligence Information Reports (IIRs) and other sources providing related information gathering for a centralized analysis, reporting, and response capability.
Provide input to leadership when vulnerabilities are identified.
Ability to work on-call during critical incidents or to support coverage requirements (including weekends and holidays when required). Proficiency in report writing a technical writing sample and technical editing test will be required if the candidate has no prior published intelligence analysis reporting, excellent verbal and written communications skills and ability produce clear and thorough security incident reports and briefings.
Travel: 5% (or less) Must be a U.S.
Citizen An active DoD Top Secret/SCI (or Top Secret with SCI eligibility) clearance is required to perform this work.
Candidates are required to have an active Top Secret/SCI (or Top Secret with SCI eligibility)clearance upon hire, and the ability to maintain this level of clearance during their employment.

Education Requirements: Senior Analyst: 10+ years of experience in a cyber network defense environment with a Bachelor's Degree, OR 8+ years of experience with a Master's Degree, OR 5+ years of experience with a PhD.
Analyst: At least 4+ years of experience with a Bachelor's Degree, OR 2+ years of experience with a Master's Degree.
Desired

Skills:
Experience in support of DoD or IC Insider Threat Programs and subject matter expertise with regards to Executive Order (E.O.) 13587, the DNI's National Counterintelligence and Security Center Insider Threat Task Force Standards, and DoD regulations/guidance regarding Insider Threat.
Experience with the modus operandi of foreign intelligence entities, international threat organizations, and associated Cyber capabilities and operations.
Experience conducting Forensic Analysis on compromised systems using digital forensics tools (e.g.
EnCase, FTK). Experience with DoD IA/CND certification and accreditation programs.
Familiarity with (or hold) Digital Forensic and Incident Response Certifications such as: GCIA, GCED, GCFA, GCFE, GCTI, GNFA, GCIH, ECSA, CHFI, CISSP, Security+, Network+, CEH, CND,CCE, CFC, EnCE, CFCE, GREM, etc.
Familiarity with scripting languages (BASH, Powershell, Python, PERL, Ruby, etc.) and/or software development frameworks (.NET). EOE/Minorities/Females/Veterans/Disabled PeopleTec, Inc.
is an Equal Employment Opportunity employer and provides reasonable accommodation for qualified individuals with disabilities and disabled veterans in its job application procedures.
If you have any difficulty using our online system and you need an accommodation due to a disability, you may use the following email address, and/or phone number ) to contact us about your interest in employment with PeopleTec, Inc.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, genetic information, citizenship, ancestry, marital status, protected veteran status, disability status or any other status protected by federal, state, or local law.
PeopleTec, Inc.
participates in E-Verify.

Job type: Full Time


See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Insider Threat Analyst

ICF International, Inc

Posted 2 weeks ago

VIEW JOBS 10/26/2018 12:00:00 AM 2019-01-24T00:00 Working at ICF Working at ICF means applying a passion for meaningful work with intellectual rigor to help solve the leading issues of our day. Smart, compassionate, innovative, committed, ICF employees tackle unprecedented challenges to benefit people, businesses, and governments around the globe. We believe in collaboration, mutual respect, open communication, and opportunity for growth. If you're seeking to make a difference in the world, visit www.icf.com/careers to find your next career. ICF—together for tomorrow. Performs assessments of systems and networks within the networking environment or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. Achieves this through passive evaluations (compliance audits) and active evaluations (vulnerability assessments). Establishes strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems. This includes process support, analysis support, coordination support, security certification test support, security documentation support, investigations, software research, hardware introduction and release, emerging technology research inspections and periodic audits. Assists in the implementation of the required government policy (i.e., NISPOM, DCID 6/3), and makes recommendations on process tailoring. Performs analyses to validate established security requirements and to recommends additional security requirements and safeguards. Supports the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports. Periodically conducts of a review of each system's audits and monitors corrective actions until all actions are closed. As the Insider Threat Analyst you will be responsible for the development of an insider threat program for the client organization. As the Analyst you will make recommendations on organizational policy, enterprise security architecture, and mitigation strategies. Join our team of cyber pioneers with expertise and decades of experience defending and protecting some of the nation's most valuable resources—ICF. Through implementation of effective cybersecurity solutions, ICF supports security awareness, readiness, resilience and response to cyber incidents. Our extensive customer base has benefited from the leading-edge work our security engineers and data scientists perform in maintaining and advancing situational awareness of the current cyber threat landscape. Key Responsibilities: * Develop an insider threat program for client organization. * Develop, execute, and maintain standard operating procedures (SOPs) for the insider threat program. * Create TTPs for identifying insider threats. * Perform gap analysis of current security tools and make recommendations to improve the enterprise security posture Basic Qualifications: * Must have an active/current Dod clearance. * Bachelor's Degree in Computer Science or related technical discipline, or the equivalent combination of education, professional training, or work experience. * Must have a current DOD 8570 certification prior to start: CEH, DFR, CySA+, GCIA, GCIH, GICSP, or SCYBER) and IAT II (CCNA, CySA+, GICSP, GSEC, Sec+, or SSCP * Minimum of three (3) years information assurance, incident response, or cybersecurity experience. * Ability to demonstrate strong knowledge of computer security concepts. * Demonstrated ability to document processes and procedures Preferred Experience: * Initiative and a personal interest in Information Technology Security. * People skills and the ability to communicate effectively with various clients with the ability to explain and elaborate on technical details. * Intelligence analyst/community experience. * Certified Information Systems Security Professional (CISSP). * An understanding of DOD information assurance policy and regulations. ICF offers an excellent benefits package, an award winning talent development program, and fosters a highly skilled, energized and empowered workforce. ICF is an equal opportunity employer that values diversity at all levels. (EOE – Minorities/Females/Protected Veterans Status/Disability Status/Sexual Orientation/Gender Identity) Pay Transparency Statement: For more information, please click here: https://www.dol.gov/ofccp/pdf/pay-transp_formattedESQA508c.pdf Colorado Client Office (CO88) ICF International, Inc Colorado Springs CO

Insider Threat Analyst

Peopletec