PeopleTec is currently seeking an Insider Threat Analyst to support our Colorado Springs, CO location.
PeopleTec is currently seeking an experienced, talented Insider Threat Analyst with active Top Secret clearance and currently SCI eligible.
The ideal candidate will have a solid understanding of incident response, insider threat investigations, forensics, cyber threats and information security.
Additionally the ideal candidate is familiar with insider threat monitoring software, host-based forensic tools, intrusion detection systems, intrusion analysis functions, security information event management (SIEM) platforms, endpoint threat detection tools, security operations ticket management and the ability to help create insider threat focused dashboards, reports and workflow diagrams.
The selected candidate will conduct advanced security event analytics, insider threat monitoring, log analysis, host-based forensics (as required), incident response, and case management.
The analyst will gather, integrate, review, assess, and respond to information derived from all-source indicators to include system information, counterintelligence, cybersecurity, contractor/civilian/military personnel management, anti-terrorism risk management, law enforcement, and any specifically tasked monitoring as directed.
Strong written and verbal communications skills are a MUST.
Required Skills/Experience: Must have experience as an all source analyst supporting tactical and/or strategic levels.
Must have Subject Matter Expert (SME) experience in the following areas: Insider Threat, User Activity Monitoring, Counterintelligence, Personnel Security.
Strong analytical and technical skills in Computer Network Defense Operations, ability to lead efforts in Incident Handling (Detection, Analysis, Triage), Hunting (anomalous pattern detection and content management) and Malware Analysis.
The ability to conduct technical analyses of user activity data and alerts to identify reliable indicators of insider threats.
Previous hands-on experience with a Security Information and Event Monitoring (SIEM) platform and log management systems that perform log collection, analysis, correlation, and alerting.
Work with Threat Intelligence team members to refine alerts based on triage results and current events (as allowed). Experience with Cyber Security, Insider Threat, and Policy Violation Investigations, and conducting supporting investigations.
Conduct threat analysis, provide assessments of threats and vulnerabilities, produce investigative leads, uncover policy violations, assess risk posed by trusted insiders, and oversee the data collection effort on subject networks using provided tools.
Ability to develop rules, filters, views, signatures, countermeasures and operationally relevant applications and scripts to support analysis and detection efforts.
Conduct data analysis of insider threat auditing and monitoring software systems to detect, identify and refer threats to the appropriate entities, including reviews of Intelligence Information Reports (IIRs) and other sources providing related information gathering for a centralized analysis, reporting, and response capability.
Provide input to leadership when vulnerabilities are identified.
Ability to work on-call during critical incidents or to support coverage requirements (including weekends and holidays when required). Proficiency in report writing a technical writing sample and technical editing test will be required if the candidate has no prior published intelligence analysis reporting, excellent verbal and written communications skills and ability produce clear and thorough security incident reports and briefings.
Travel: 5% (or less) Must be a U.S.
Citizen An active DoD Top Secret/SCI (or Top Secret with SCI eligibility) clearance is required to perform this work.
Candidates are required to have an active Top Secret/SCI (or Top Secret with SCI eligibility)clearance upon hire, and the ability to maintain this level of clearance during their employment.Education Requirements:
Senior Analyst: 10+ years of experience in a cyber network defense environment with a Bachelor's Degree, OR 8+ years of experience with a Master's Degree, OR 5+ years of experience with a PhD.
Analyst: At least 4+ years of experience with a Bachelor's Degree, OR 2+ years of experience with a Master's Degree.
Experience in support of DoD or IC Insider Threat Programs and subject matter expertise with regards to Executive Order (E.O.) 13587, the DNI's National Counterintelligence and Security Center Insider Threat Task Force Standards, and DoD regulations/guidance regarding Insider Threat.
Experience with the modus operandi of foreign intelligence entities, international threat organizations, and associated Cyber capabilities and operations.
Experience conducting Forensic Analysis on compromised systems using digital forensics tools (e.g.
EnCase, FTK). Experience with DoD IA/CND certification and accreditation programs.
Familiarity with (or hold) Digital Forensic and Incident Response Certifications such as: GCIA, GCED, GCFA, GCFE, GCTI, GNFA, GCIH, ECSA, CHFI, CISSP, Security+, Network+, CEH, CND,CCE, CFC, EnCE, CFCE, GREM, etc.
Familiarity with scripting languages (BASH, Powershell, Python, PERL, Ruby, etc.) and/or software development frameworks (.NET). EOE/Minorities/Females/Veterans/Disabled PeopleTec, Inc.
is an Equal Employment Opportunity employer and provides reasonable accommodation for qualified individuals with disabilities and disabled veterans in its job application procedures.
If you have any difficulty using our online system and you need an accommodation due to a disability, you may use the following email address, and/or phone number ) to contact us about your interest in employment with PeopleTec, Inc.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, genetic information, citizenship, ancestry, marital status, protected veteran status, disability status or any other status protected by federal, state, or local law.
participates in E-Verify.
Job type: Full Time