Senior Insider Threat Analyst
Vienna, VA

Job Description

Email Job Description

Employee Perks

Why You Will Love Being Part of the Navy Federal Team:

* Competitive compensation with opportunities for annual raises, promotions, and bonus potential
* Best-in-Class Benefits! (7% 401k match / Pension plan / Tuition reimbursement / Great insurance options)
* On-site amenities include fitness center, wellness center, cafeteria, etc. at Pensacola, FL; Vienna, VA and Winchester, VA campuses
* Consistently Awarded Top Workplace
* Nationally recognized training department by TRAINING Magazine
* An employee-focused, diverse, and service-oriented workplace environment

Basic Purpose

Navy Federal's Cybersecurity Operations team is a dedicated group of information security experts committed to protecting the credit union from cyber-based threats. We are looking for an experienced Senior Insider Threat Analyst to provide expert analytic support to the Information Security division.

Your primary role will be helping develop, implement, and evaluate procedures for aggregating, processing, analyzing, and reporting on potential insider threat activities. You will also support cyber threat intelligence and countermeasure efforts. You will investigate alerts, trends, or anomalies from data or in response to stakeholder inquiries using system/network monitor tools.

Join us and be part of a team that encourages personal development and promotes transparency and cross-team development.

Responsibilities:

Primary

* Assist the Insider Threat Program (ITP) lead in defining technical and operational requirements related to potential insider threat issues
* Assist the ITP lead in :

o identifying and assessing security visibility over technical and user data

o identifying operational gaps, process deficiencies, and automation requests

o continuously developing insider threat risk models and investigative techniques

* Champion red-team and tabletop exercises regarding insider threat behaviors
* Provide in-depth analysis of investigative leads and recommended courses of action
* Assist in developing insider threat-centric training and awareness for various audiences
* Develop aggregation, processing, and analytic standards regarding review of vendor/contract access to organizational network resources
* Present findings to senior leaders, stakeholders, and working groups
* Evaluate business processes for potential opportunities for insider exploitation

Secondary

* Support the daily operations of the ITP:

o Triage and review

o Threat hunting

o Case management

* Develop and refine case intake sources, procedures, and output
* Liaise with various business units regarding insider threat awareness, critical asset/access concerns, and reporting requirements
* Effectively gather, accurately record, and appropriately communicate incident details
* Participate in reviewing information security incidents and determining root cause, highlighting control, process, and contributing security gaps
* Complete and evaluate metrics for management reporting
* Contribute to the team's outreach and engagement strategy

Qualifications:

Target

* Strong case management skills
* Excellent communication skills-oral and written
* Experience working in an investigative capacity, preferably dealing with insider threat issues
* Strong understanding of:

o insider threat behaviors, correlations, and data requirements

o investigative processes, confidentiality, and evidence handling

o insider threats relative to financial services

o behavioral analytics (theory, application, and analysis)

o the relationship between insider threat and incident response

* Proficiency in :

o Data loss prevention

o Security information and event management

o Endpoint detection and response

o File and database activity

o User and entity behavioral analytics

* Ability to develop and track security metrics (performance/effectiveness)
* Ability to handle sensitive situations with discretion and employ high ethical standards

Desired

* Counterintelligence investigations experience
* Security certifications (CEH, Security +, CISSP, etc)

Hours:

Flexible hours within a set of core hours

Equal Employment Opportunity

Navy Federal values, celebrates, and enacts diversity in the workplace. Navy Federal takes affirmative action to employ and advance in employment qualified individuals with disabilities, disabled veterans, Armed Forces service medal veterans, recently separated veterans, and other protected veterans. EOE/AA/M/F/Veteran/Disability