Cyber Security - Insider Risk Investigator at PRI Global
REMOTE, TX 73301
About the Job
Cyber Security - Insider Risk Investigator
ACCOUNTABILITIES
Works on cybersecurity problems that may be diverse and highly complex, with particular emphasis on security operations.
Selects methods and techniques for identifying and advocating effective security solutions.
Specializes in security operations in one or more areas, including network, host, database, application, event management, cloud, cryptography, identity, and other emerging technology.
Participates in reviews of available tools, technologies, and processes to secure all aspects the enterprise.
Maintains and optimizes tools, processes, documentation, reporting, and technologies, and defines success criteria for their effective usage.
Deploys tools, processes, documentation, and technologies, and defines success criteria for their effective usage.
RESPONSIBILITIES
Work is generally guided by management
May develop cybersecurity operations trend analysis and report the results
Works on cybersecurity problems that are low complexity, with particular emphasis on security operations
Assists in selecting methods and techniques for identifying and advocating effective security solutions
Supports the maintenance of tools, processes, documentation, reporting, and technologies, and defines success criteria for their effective usage"
Insider Risk Investigator
eFI – Sr. Advisor Investigative Position
US Citizenship Required
Reporting to the Insider Risk Operations team within the Cybersecurity Intelligence and Response organization, the Security Advisor is a subject matter expert in Insider Risk Investigations. The Security¿Advisor will participate in all stages of an insider risk investigation from planning, detection, collection, analysis, and reporting. The Security¿Advisor completes documentation and procedures for testing, installation, maintenance, and training of Insider Risk software and infrastructure.
The ideal candidate is a strong team player that succeeds in a fast-paced and challenging global environment. Candidates must be able to work proactively, independently and demonstrate exceptional organizational and time management skills. Exceptional communication skills are a must.
Job Responsibilities:
• Monitor for and detect potential insider risks from behavior analytic use cases, various log sources, and defined risk thresholds
• Detect and investigate anomalous behavior that may indicate threats to Intellectual Property assets. Determine the significance, accuracy, and reliability of incoming information.
• Utilize a wide variety of security tools across multiple environments
• Participate in designing, testing and deployment of new insider risk tools or solutions.
• Develop specific expertise in areas such as Insider Threat models, discern patterns of complex behavior, and provide an accurate understanding of present and future threats to company intellectual property.
• Develop and maintain comprehensive operating & process documentation.
• Standardize process and procedures and provide continual process improvement.
• Perform other duties as required.
Required Skills:
• A minimum of 2 years’ experience acting in an insider threat or security incident response role with responsibility of analyzing insider threats, responding accordingly
• Experience with one or more major insider risk investigation tools in an enterprise (End point monitoring, DLP, user behavior analytics)
• An understanding of commonly used targeted Insider Threat and Data Exfiltration techniques, tactics, and procedures.
• Problem solving and analytical skills.
• Ability to read, write and speak English.
• Good written and oral communication skills.
• Must work well independently and with others as part of larger team and be able to collaborate on cross functional teams.
Desired Skills:
• 6+ Years Information Security and or Computer Forensics Experience.
• Experience working with end point agent deployment in a large enterprise
• Experience with ObserveIT
• Working knowledge of computer forensic concepts
• Familiar with Data Privacy laws and the associated security requirements.
• EnCE, ACE, GCFE, GCFA or other SANS certification.
• CISSP or similar Security certifications
Duration: 6+ months
Location: Remote
ACCOUNTABILITIES
Works on cybersecurity problems that may be diverse and highly complex, with particular emphasis on security operations.
Selects methods and techniques for identifying and advocating effective security solutions.
Specializes in security operations in one or more areas, including network, host, database, application, event management, cloud, cryptography, identity, and other emerging technology.
Participates in reviews of available tools, technologies, and processes to secure all aspects the enterprise.
Maintains and optimizes tools, processes, documentation, reporting, and technologies, and defines success criteria for their effective usage.
Deploys tools, processes, documentation, and technologies, and defines success criteria for their effective usage.
RESPONSIBILITIES
Work is generally guided by management
May develop cybersecurity operations trend analysis and report the results
Works on cybersecurity problems that are low complexity, with particular emphasis on security operations
Assists in selecting methods and techniques for identifying and advocating effective security solutions
Supports the maintenance of tools, processes, documentation, reporting, and technologies, and defines success criteria for their effective usage"
Insider Risk Investigator
eFI – Sr. Advisor Investigative Position
US Citizenship Required
Reporting to the Insider Risk Operations team within the Cybersecurity Intelligence and Response organization, the Security Advisor is a subject matter expert in Insider Risk Investigations. The Security¿Advisor will participate in all stages of an insider risk investigation from planning, detection, collection, analysis, and reporting. The Security¿Advisor completes documentation and procedures for testing, installation, maintenance, and training of Insider Risk software and infrastructure.
The ideal candidate is a strong team player that succeeds in a fast-paced and challenging global environment. Candidates must be able to work proactively, independently and demonstrate exceptional organizational and time management skills. Exceptional communication skills are a must.
Job Responsibilities:
• Monitor for and detect potential insider risks from behavior analytic use cases, various log sources, and defined risk thresholds
• Detect and investigate anomalous behavior that may indicate threats to Intellectual Property assets. Determine the significance, accuracy, and reliability of incoming information.
• Utilize a wide variety of security tools across multiple environments
• Participate in designing, testing and deployment of new insider risk tools or solutions.
• Develop specific expertise in areas such as Insider Threat models, discern patterns of complex behavior, and provide an accurate understanding of present and future threats to company intellectual property.
• Develop and maintain comprehensive operating & process documentation.
• Standardize process and procedures and provide continual process improvement.
• Perform other duties as required.
Required Skills:
• A minimum of 2 years’ experience acting in an insider threat or security incident response role with responsibility of analyzing insider threats, responding accordingly
• Experience with one or more major insider risk investigation tools in an enterprise (End point monitoring, DLP, user behavior analytics)
• An understanding of commonly used targeted Insider Threat and Data Exfiltration techniques, tactics, and procedures.
• Problem solving and analytical skills.
• Ability to read, write and speak English.
• Good written and oral communication skills.
• Must work well independently and with others as part of larger team and be able to collaborate on cross functional teams.
Desired Skills:
• 6+ Years Information Security and or Computer Forensics Experience.
• Experience working with end point agent deployment in a large enterprise
• Experience with ObserveIT
• Working knowledge of computer forensic concepts
• Familiar with Data Privacy laws and the associated security requirements.
• EnCE, ACE, GCFE, GCFA or other SANS certification.
• CISSP or similar Security certifications
Duration: 6+ months
Location: Remote