Info Security Analyst
Possible Contract to Perm
This person will support the establishment and execution of the insider threat program by analyzing, monitoring and appropriately responding to security events from email, web or end-users workstations.
The Analyst must be able to identify potential data leaks and determine if information constitutes a violation of any company policies related to Personal Identifiable Information (PII) or Intellectual Property (IP).
Evaluate user activity to determine if the activity is within the users day to day responsibility or potentially an abuse of privilege or unauthorized.
Have the ability to work with fragments of data and quickly rationalize the missing elements to determine if a user poses a threat to the company.
Conduct data analysis utilizing forensic and data mining tools to identify insider threat activity and user that should be tagged as a Person of Interest (POI) that would require additional monitoring to ensure the security of the company.
Effectively communicate finding in written and oral format when required to a non-technical audience.
KEY RESPONSIBILITIES AND DUTIES:
Conduct and triage anomalous events of concern using industry data loss prevention tools to include Symantec DLP, Bluecoat, CASB and User Activity Monitoring (UAM) tools.
Provision of report and statements in clear unambiguous language
Identification of root cause in partnership with peer groups on remediation of control gaps/failures
Maintain an awareness of industry challenges and advancements in order to add value to existing technologies and processes used within the team
Desired Skills (Preferred, not required):
3-5+ years of related work experience
Experience and hands on knowledge with Data Loss Prevention security controls and tools (e.g. Symantec DLP, Bluecoat, CASB)
Mix of intelligence, threat analysis, investigative experience, and technical skills related to cyber security and insider threats
Possess one or more of the following certifications: Security+, Network+, CEH, CISSP, CISA, CFCE, CCE, EnCE, ACE, GCFA, CISSP, CFE or similar IT security certifications
Strong knowledge of User Behavior Analytical concepts and products
Insider Threat program experience as a focus area within Cybersecurity
Proven ability to self-direct project outcomes, with minimal supervision, to achieve program goals.
Working knowledge of conducting a forensics investigation
Hands on experience with an Incident Management Tool (RSA Archer, ServiceNow)
Hands on experience with user activity monitoring tools such as ObserveIT, Veriato 360 or similar product
Experience with databases, SQL, and data visualization tools
Experience with Windows, MacOS, Linux, iOS
Ability to navigate and work effectively across a complex organization.
Good understanding of data privacy laws and experience interacting with Legal and Compliance professionals
Experis is an Equal Opportunity Employer (EOE/AA)