Insider Threat Information Systems Security – Senior Data Analyst

Job description

H4 Enterprises are currently seeking the following:

POSITION SUMMARY

Insider Threat Information Systems Security - Senior Data Analyst will be responsible for analyzing, detecting, and mitigating potential insider threats within an organization's information systems.

This role requires a skilled individual with deep knowledge in data analysis, cybersecurity, and risk management, as well as expertise in identifying and responding to both intentional and unintentional internal security breaches.

Insider Threat Information Systems Security - Senior Data Analyst will work closely with the Information Security team, data protection specialists, and incident response teams to prevent, investigate, and manage insider threats.

Assist the assigned Government Division Chief and assigned team leader with various IT security duties in support of the Department's information security and information assurance needs of SCI IT networks.

The contractor is responsible for implementing IC policies and standards for the protection of the SCI being processed on DOS IT system.

RELATIONSHIPS

The Insider Threat Information Systems Security - Senior Data Analyst will receive direct government oversight, assignments, and directions from the assigned Government Office/ Program Director, through an assigned team leader.

DUTIES & RESPONSIBILITIES

Insider Threat Detection and Monitoring:

• Analyze internal data streams to identify and flag suspicious activities indicative of insider threats, including unusual user behaviors, data access patterns, and anomalies in system and network activity.
• Utilize advanced data analytics tools and machine learning techniques to proactively identify emerging threats and vulnerabilities from insiders.
• Develop, implement, and continuously improve insider threat detection methodologies, ensuring they align with current threat landscapes.

Incident Investigation and Response:

• Lead the investigation of potential insider threat incidents, collaborating with cross-functional teams to determine the root cause and impact of security breaches.
• Coordinate with IT security teams to execute appropriate containment and mitigation strategies during and after a security incident.
• Prepare detailed incident reports, summaries, and post-incident reviews, making actionable recommendations for future mitigation strategies.

Data Analysis and Reporting:

• Conduct in-depth data analysis to generate actionable insights, trends, and reports on insider threat activities, ensuring accurate reporting to senior leadership.
• Utilize statistical analysis, pattern recognition, and data mining techniques to interpret complex data sets related to insider behavior.
• Prepare and present periodic status reports, threat analysis summaries, and risk assessments to stakeholders.
• Collaboration and Knowledge Sharing:
• Work closely with information security, risk management, and compliance teams to enhance the organization's cybersecurity posture.
• Share threat intelligence findings and best practices with colleagues and internal stakeholders to increase awareness and improve threat detection capabilities across the organization.
• Mentor and provide guidance to junior analysts on data analysis techniques, threat detection methodologies, and best practices.

Policy and Procedure Development:

• Contribute to the creation and review of policies, procedures, and guidelines for insider threat detection, prevention, and response.
• Assist in the development of employee awareness programs regarding insider threat risks and the importance of data protection.

Compliance and Risk Management:

• Ensure all insider threat activities and investigations comply with relevant laws, regulations, and industry standards.
• Participate in risk assessments and audits to ensure that insider threat controls meet compliance requirements and continuously improve organizational security.

PROFESSIONAL QUALIFICATIONS & SKILLS

Citizenship

• Citizenship required

Education

• Bachelor's degree in computer science, Information Systems, Cybersecurity, or a related field.
• Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Information Security Manager (CISM) preferred.

Experience

• Eight (8) years of related IT experience
• Minimum of 5 years of experience in data analysis, with at least 2 years of specialized experience focusing on insider threat detection or information systems security.
• Proven experience in analyzing security logs, identifying anomalies, and investigating security incidents.
• Strong understanding of cybersecurity principles, including encryption, authentication, access control, and network security.

Skills and Competencies:

• Expertise in data analysis and statistical modeling tools (e.g., Python, R, SQL).
• Experience with insider threat detection tools and platforms (e.g., SIEM, DLP, UEBA).
• Strong knowledge of insider threat behaviors, tactics, and indicators.
• Ability to work with large datasets and manage complex data analysis projects.
• Strong analytical thinking and problem-solving skills, with the ability to identify patterns and provide actionable insights.
• Excellent communication and interpersonal skills, with the ability to present findings to technical and non-technical stakeholders.
• Ability to manage multiple projects and deadlines in a fast-paced environment.
• Current CISSP, CRISC, CISM, CISA, CEH, or DoD 8570 IAM III equivalent certifications

Preferred: Department of State experience

Preferred Certifications:

• Certified Information Systems Security Professional (CISSP)
• ArcSight Certified Integrator/Administrator (ACIA)
• ArcSight Certified Security Analyst (ACSA)
• Microsoft Certified Systems Engineer (MCSE)
• Microsoft Certified IT Professional (MCITP)
• GIAC Certified Incident Handler (GCIH)
• Certified Ethical Hacker (CEH)
• Comp TIA Security+
• SANS GIAC GCIA
• Intrusion Analyst Certification or Forensics Analyst Certification
• Certified Authorization Professional (CAP)
• Microsoft Certified Solutions Associate (MCSA)
• Microsoft Technology Associate (MTA)
• Proficient with information system vulnerability assessment and analysis
• Proficient with incident handling and electronic data discovery
• Skilled in the correlation and analysis of events, designing, implementing, tuning, and using the ArcSight Security Information and Event Management (SIEM) tool to detect IT security incidents
• Proficient in configuring and monitoring Intrusion Detection Systems (IDS) and reading, interpreting, and analyzing network traffic and related log files
• Experience establishing or maintaining network software parameters used for insider threat analysis, g., ArcSight security authorization tables, configuration definitions, file access tables
• Proficient detecting malicious insider threat activity
• Experience analyzing and reporting information technology (IT) security alerts
• Experience analyzing IDS alerts, system logs, and/or SQL and data warehousing
• Skilled with Microsoft Windows operating environment and administration
• Experience documenting threat reports, assessments, and briefings

CLEARANCE REQUIREMENT

Position will be subject to a U.S. Government Security Investigation.

Incumbents must possess or obtain/maintain minimum a TOP SECRET clearance with ability to obtain/maintain special access requirements (SCI).

PLACE OF PERFORMACE

Primarily, the work will take place at a designated Department of State Location in the National Capital Region.

EEO Statement

H4 Enterprises, LLC does not discriminate in employment on the basis of race, color, religion, sex (including pregnancy and gender identity), national origin, political affiliation, sexual orientation, marital status, disability, genetic information, age, membership in an employee organization, retaliation, parental status, military service, or other non-merit factor.

Required Skill Profession

Computer Occupations