Threat Analyst/Usability Engineer (BC)
Jersey City, N.J.
110k + Bonus
Major Insurance Company
The Analytics Specialist will be tasked with other forensic activities relevant to User Behavior Analytics. The successful candidate will possess strong technical and interpersonal skills, will provide technical subject matter expertise and will have proven ability to handle multiple high-profile matters and work under pressure with minimal supervision.
- Partner with Information Security team to serve as primary investigations-focused data analytics and UBA platform architect.
- Lead highly sensitive, complex, and confidential investigations into incidents of data loss and intellectual property theft, technology misuse, conflict of interest, and other types of matters.
- Actively work with partners across numerous cybersecurity and investigative focus areas.
- Perform real-time incident handling, including forensics collections and intrusion correlations and tracking.
- Over 5 years professional experience, including at least two years of insider threat, UBA, or high-tech investigation program experience.
- Experience configuring and utilizing user and/or entity behavior analytics (UBA/UEBA) platforms.
- Knowledge of mainstream desktop/server operating systems (UNIX, Windows, OSX, Linux) and file systems (NTFS, exFAT, FAT, HFS/HFS+, APFS, EXT2/3/4).
- Excellent analytical and problem-solving skills.
- Excellent written and oral communication skills.
- Industry-accepted certifications (EnCE, CCE, GCFE, GCFA, GCFN, GCIH, GREM, CFCE, etc.).
- Bachelor's degree.
- Advanced knowledge and experience using Splunk to execute complex search queries and generate reports.
- Advanced understanding of enterprise networking concepts and protocols.
- Experience with Data Loss Prevention concepts and tool sets.
- Experience with analysis of security events from multiple sources including but not limited to events from Security Information Monitoring (SIEM) tools, network and host based intrusion detection systems, firewall logs, system logs (Unix and Windows), mainframes, mid-range, applications, and databases.
- Advanced understanding of common server, desktop, and mobile operating systems (Windows, OSX, Linux) and corresponding file systems (NTFS, FAT, HFS+, EXT, iOS, Android, etc.).
- Experience with Microsoft’s Protection Center and the greater Office 365 architecture.
- Experience with endpoint detection and response software.
- Comprehensive understanding of adversarial exploitation, privilege escalation, persistence, and lateral movement techniques.
- Advanced knowledge of cloud computing platforms including Amazon Web Services (AWS) and Microsoft Office 365.
- Experience with automation scripting (Python, Perl, Ruby, PowerShell, Bash, etc.).
- Experience with computer network surveillance/monitoring.
Please contact Brian Clark at email@example.com
CLARK DAVIS ASSOCIATES, 20 Waterview Blvd, Parsippany, NJ, 07054; Phone (973) 257-8825; For a list of over 200 job opportunities, visit our website at https://clarkdavis.com