Job Description
Job Title - Senior Insider Threat Analyst
Duration: 12 months
Location: Lone Tree, CO 80124, or Phoenix, AZ 85016
(hybrid work model—3 days onsite in a week)
Notes from the Hiring Manager discussed on the call:
About the Role: The client is seeking two Senior Insider Threat Analysts to join the Insider Threat and Data Loss Prevention team. The role involves deploying the new DTEX Intercept Insider Threat tool into the client environment. The ideal candidates will assist with the tool’s deployment, configuration, program development, and the operationalization of Insider Threat use cases. This project will span several phases, with a focus on detection, response capabilities, analytics, and automation.
Key Responsibilities:
- Tool Deployment: Assist in deploying DTEX Intercept across 54,000 agents, beginning in Q1 2024.
- Configuration and Program Development: Configure and build out the tool based on client-specific use cases
- Detection and Response: Develop detection rules and response procedures to address Insider Threat activities, ensuring they align with the defined use cases.
- Tuning: Conduct extensive tuning and policy adjustments based on pilot phase results, with the expectation of addressing the current high alert-to-action ratio (approximately 50% alert rating currently).
- Advanced Analytics and Automation: Support the development of advanced analytics to enhance detection and automate repeatable processes through runbooks/playbooks.
- Mentorship: Provide guidance to junior analysts, mentoring the team in investigative techniques and pattern recognition.
Required Skills and Experience:
- Tool Experience:
- Preferably experienced with DTEX Intercept or other UEBA enterprise-level insider threat tools such as Exabeam, Splunk, Chronicle, etc.
- Familiarity with programming languages for rule creation and policy scripting is needed, with knowledge of DTEX’s proprietary language a plus (training will be provided).
- Insider Threat Analysis:
- Ability to analyze Insider Threat data, identify behavioral patterns, and create rules and policies for detection.
- Experience building or improving detection models for Insider Threat programs is highly desirable.
- Minimum of 7 years of experience in Insider Threat analysis, preferably with involvement in tool deployment and creating insider threat policies.
- Program Development: Experience with creating and implementing new policies and processes within a regulated environment is important. Experience with new tool deployments and creating a program from the ground up is highly valued.
- Scripting Knowledge: Experience with scripting languages for rule modification (e.g., Exabeam, Splunk) is essential. The role requires knowledge in programming for policy and rule configuration within detection tools.
- Regulated Environment Experience: While financial services experience is preferred, candidates from other regulated sectors such as healthcare, life sciences, or insurance will also be considered.
Qualifications:
- Experience Level: Senior-level, with at least 7 years of experience in Insider Threat analysis or a related field.
- Degree Requirements: A Bachelor’s degree or equivalent experience in a cybersecurity-related field is preferred.
- Location: Preference for candidates based in Phoenix, AZ or Lone Tree, CO, but remote candidates in other locations may be considered, with occasional travel to these offices.
Interview Process:
- The interview process will consist of two rounds: an initial screening interview with the HM or an associate, followed by a team interview.
- Client aims to onboard candidates by early Q1 2024, aligning with the project’s timeline for tool deployment.
Additional Notes:
- Work Hours: The project is planned to run over the course of a year, and client seeks to alleviate burnout through the addition of contract roles. While overtime and weekend work should not be required, candidates should be flexible in alignment with project demands.
- Mentorship and Leadership: The ideal candidates will be able to guide and mentor junior analysts, providing leadership and sharing expertise on investigative techniques and pattern recognition.
About Us: Established in 2004, SPECTRAFORCE® is one of the largest and fastest-growing diversity-owned staffing firms in the US. The growth of our company is a direct result of our global client service delivery model that is powered by our state-of-the-art A.I. proprietary talent acquisition platform, robust ISO 9001:2015/ISO 27001 certified processes, and strong and passionate client engaged teams. We have built our business by providing talent and project-based solutions, including Contingent, Permanent, and Statement of Work (SOW) services to over 140 clients in the US, Canada, Puerto Rico, Costa Rica, and India. Key industries that we service include Technology, Financial Services, Life Sciences, Healthcare, Telecom, Retail, Utilities and Transportation. SPECTRAFORCE is built on a concept of “human connection,” defined by our branding attitude of NEWJOBPHORIA®, which is the excitement of bringing joy and freedom to the work lifestyle so our people and clients can reach their highest potential. Learn more at: http://www.spectraforce.com
Benefits: SPECTRAFORCE offers ACA compliant health benefits as well as dental, vision, accident, critical illness, voluntary life, and hospital indemnity insurances to eligible employees. Additional benefits offered to eligible employees include commuter benefits, 401K plan with matching, and a referral bonus program. SPECTRAFORCE provides unpaid leave as well as paid sick leave when required by law.
Equal Opportunity Employer: SPECTRAFORCE is an equal opportunity employer and does not discriminate against any employee or applicant for employment because of race, religion, color, sex, national origin, age, sexual orientation, gender identity, genetic information, disability or veteran status, or any other category protected by applicable federal, state, or local laws. Please contact Human Resources at LOA@spectraforce.com if you require reasonable accommodation.
California Applicant Notice: SPECTRAFORCE is committed to complying with the California Privacy Rights Act (“CPRA”) effective January 1, 2023; and all data privacy laws in the jurisdictions in which it recruits and hires employees. A Notice to California Job Applicants Regarding the Collection of Personal Information can be located on our website. Applicants with disabilities may access this notice in an alternative format by contacting NAHR@spectraforce.com.
LA County, CA Applicant Notice: If you are selected for this position with SPECTRAFORCE, your offer is contingent upon the satisfactory completion of several requirements, including but not limited to, a criminal background check. We consider qualified applicants with arrest or conviction records for employment in accordance with all local ordinances and state laws, including the Los Angeles County Fair Chance Ordinance for Employers (FCO) and the California Fair Chance Act (FCA). The background check assessment will consider whether a criminal history could reasonably have a direct, adverse impact on the job-related safety, security, trust, regulatory compliance, or suitability for this role. Such findings may result in withdrawal of a conditional job offer.
At SPECTRAFORCE, we are committed to maintaining a workplace that ensures fair compensation and wage transparency in adherence with all applicable state and local laws. This position’s starting pay is: $55.00/hr.