Job description
GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation’s top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk.
The Sr. Insider Threat Analyst is a member of the Insider Threat Team with primary responsibility for mitigating, identifying, and responding to insider threat security events. The Insider Threat team is responsible for preventing, detecting, and responding to data exfiltration, workplace violence, systems sabotage, misuse of corporate assets, and other threats. Lead and conduct complex and technical data analysis; develop and tune rules, policies, and alerts for DLP and UEBA applications; develop strategies to deter, detect, and respond to insider threats; and collaborate with security operation centers, digital forensics, and physical security teams.
Primary Duties and Accountabilities
- Identify and Respond to Insider Threat Security Events
- Respond, analyze, and triage alerts from DLP, UEBA and other monitoring tools
- Characterize and analyze information from enterprise cyber security tools identify anomalous activity and potential threats
- Coordinate with enterprise-wide cyber defense staff to validate network alerts
- Analyze security incidents for trends and patterns to uncover anomalies, identify gaps, and propose risk mitigation solutions
- Manage incident response and investigative leads, including notification and escalation. Coordinate with physical security, legal, and HR teams as required.
- Develop Insider Threat Use Cases and Tune DLP and UEBA rules and policies
- Develop distinct insider threat use cases; identify tools, policies, and rules to monitor for the use case; tune policies and rules to meet use case requirements
- Based on analysis of alerts, modify rules and policies to increase accuracy and reduce false positives
- Identify and integrate new data sources to identify insider threat activity
- Perform security reviews, cyber defense trend analysis, and open-source research.
- Identify vulnerabilities in security architecture or controls; and recommended changes to resolve or mitigate risk of these vulnerabilities
- Analyze insider events to identify patterns and develop mitigation strategies
- Conduct open-source research about industry trends and developments in protecting company assets and countering Insider Threats
- Prepare timely written reports which summarize significant industry insider events to draw lessons which can be incorporated into the Insider Threat Program
- Assist in the development of policy, processes, procedures an associated metrics
- Produce and deliver insider threat awareness briefings, debriefings, and training activities.
Minimum Qualifications
- Bachelor’s degree in computer science, Cybersecurity, or related 4-year technical degree with 5 + years of experience in IT or cybersecurity, or equivalent combination of education and work experience
- Skill in collecting data from a variety of cyber defense resources and ability to interpret information collected to recognize threats
- Knowledge of DLP, UEBA, and logging applications; and skill tuning policies within these tools
- Knowledge of incident response and handling methodologies.
- Knowledge of computer networking concepts and protocols, and network security methodologies.
- Knowledge of host/network access control mechanisms
- Knowledge of operating systems
- Knowledge of scripting languages
- Knowledge of cyber-attack stages and techniques used by malicious insiders
- Knowledge of security controls frameworks and ability to assess organizational security posture against these frameworks
- Skill in conducting trend analysis
We use Greenhouse Software as our applicant tracking system and Zoom Scheduler for HR screen request scheduling. At times, your email may block our communication with you. Please be sure to check your SPAM folder so that you don’t miss updates on your application.
Why GuidePoint? GuidePoint Security is a rapidly growing, profitable, privately-held value added reseller that focuses exclusively on Information Security. Since its inception in 2011, GuidePoint has grown to over 1000 employees, established strategic partnerships with leading security vendors, and serves as a trusted advisor to more than 4,200 customers.
Firmly-defined core values drive all aspects of the business, which have been paramount to the company’s success and establishment of an enjoyable workplace atmosphere. At GuidePoint, your colleagues are knowledgeable, skilled, and experienced and will seek to collaborate and provide mentorship and guidance at every opportunity.
This is a unique and rare opportunity to grow your career along with one of the fastest growing companies in the nation.
Some added perks….
- Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions)
- Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family) and GPS will contribute in one lump sum: ($500 per EE annually / $1000 per family annually (includes spouse/children/family options)
- Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans
- 12 corporate holidays and a Flexible Time Off (FTO) program
- Healthy mobile phone and home internet allowance
- Eligibility for retirement plan after 2 months at open enrollment
- Pet Benefit Option
