Job Description

Overview:

TekWissen is a global workforce management provider headquartered in Ann Arbor, Michigan that offers strategic talent solutions to our clients world-wide. Our client is a global operator, franchisor, and licensor of hotel, residential, and timeshare properties. The company is primarily focused on management, franchising, and licensing of its lodging properties. It also occasionally develops, acquires or renovates hotel and residential properties, directly and through partnerships, joint ventures, and other business structures with third parties.

Position: Sr Insider Threat Management Analyst

Location: Bethesda, MD, 20814

Duration: 12 Months

Job Type: Contract

Work Type: Remote

Job Description:

• Responsible for supporting the Global Insider Threat Management Program. Duties will include incident response to insider incidents and collaborating with multiple areas of the business, including human resources, business data owners, legal, physical security, SOC/CIRT, software development and information technology groups.

• Act as a technical subject matter expert to enhance adjacent programs such as threat intelligence, cybersecurity incident response, risk management, audit, ethics, etc.

• He/She will track and manage program metrics (KPI/KRI) to ensure the advancement of the program across the enterprise, while mitigating human risk to the organization.

• He/She will also assist in supporting the digital aspects of the client's Executive Protection Program.

CANDIDATE PROFILE

Education and Experience

Required:

• Bachelor's degree in Criminal Justice, Computer Science, MIS, or related field or equivalent experience/certification

• 5+ years' experience in insider threat/risk, or information security that includes cross-functional incident response, risk assessments, threat mitigation, and/or investigative support.

• 3+ years' SIEM, DLP, UEBA user experience

• 3+ years' experience with Endpoint and Detection Response platforms (ex. CrowdStrike Falcon) and root cause analysis.

Preferred:

• Current information security certification, including Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP)

• Excellent communication skills and problem-solving ability

• Demonstrated ability to work independently and with others

• Ability to manage the details and compliance with standards and expectations

• Technical infrastructure operations, administration, or engineering background

CORE WORK ACTIVITIES

Insider Threat Management & Response

• Establish a framework for researching, documenting, and integrating assessments.

• Responsible for gathering relevant intelligence regarding attacker tactics, techniques, and procedures.

• Work as needed with the incident response team to triage alerts triggered by suspicious or malicious activity.

• Act as a technical subject matter expert to enhance adjacent programs such as incident response, threat hunting, and custom detection development.

• Develop and report on key metrics of the insider threat management program.

• Utilize the corporate Endpoint Detection and Response tool and SIEM to identify anomalous activity and potential threats to the enterprise infrastructure.

• Perform analysis of adversary tradecraft, malicious code, and capabilities for hunt pivoting purposes.

• Manage the analysis of artifacts to determine potential specific adversary and motives.

• Responds to crisis or urgent situations within the pertinent domain to mitigate immediate and potential threats and comply with relevant data breach laws. Uses mitigation, preparedness, and response and recovery approaches, as needed, to maximize safety and security of systems, preservation of intellectual property, and information security. Investigates and analyses all relevant security and privacy response activities.

• Conducts assessments of threats and vulnerabilities, determines deviations from acceptable configurations or enterprise or local policy, assesses the level of risk, and develops and/or recommends and operationalizes appropriate mitigation countermeasures.

• Identifies and assesses the capabilities and activities of; produces findings to help initialize or support law enforcement and counterintelligence investigations or activities.

• Analyses threat information from multiple sources, disciplines, and agencies across industry and regulatory organizations.

• Synthesizes and places regulatory and intelligence information in context; draws insights about the possible implications

TekWissen Group is an equal opportunity Employer supporting workforce diversity.

Job Tags

Similar Jobs