Job Description

The insider threat analyst is responsible for researching, triaging, and investigating anomalous events of concern using Behavior Analytical tools, Splunk, and other tools to determine potential malic The insider threat analyst is responsible for researching, triaging, and investigating anomalous events of concern using Behavior Analytical tools, Splunk, and other tools to determine potential malicious or risky insider activity. This analyst role will come under the IT Risk and Security department reporting to the Security Operations Manager. Key Responsibilities: Conduct investigations by analyzing and verifying information through various investigative techniques, internal resources, forensics, and Insider threat tools such as Data Loss Prevention, End Point Detection and Response, Database Access Monitoring controls. Provide actionable Insider threat analysis for remediation on all escalations. Triage all Insider Threat alerts within SLA guidelines. Collaborate with internal teams to drive insider threat program continuous improvement. Assess and make recommendations for improvement and refinement of Use Cases, software tools, and other risk reduction methods used to improve the insider threat program. Proven experience using analytical and data visualization tools to automate the analysis and provide insights of large dataset and correlate with SIEM and other sources of information and conduct investigative works into all traffic anomalies against established, historical baselines to identify the root cause to an incident. Stay current with the latest Cyber threats, Attacks and vulnerabilities, and updated with the evolving and emerging attack techniques and methods. Participate in various Cybersecurity exercises such as Cyber Ranges and BCP. Work on other project and tasks duties. Qualifications: Minimum of (3) three years direct Information Security experience as an insider threat analyst, or security engineer, or a similar role, preferably with insider threat management experience in a Financial Institution environment. Bachelor Degree in Computer Science or equivalent Candidate with team management experience will be given the opportunity to lead a team of Insider Threat Analysts. Hands on experience with investigative and/or insider threat tools, such as UEBA, DLP, EDR. DAM, Computer Forensics, Monitoring, Splunk, Incident Response, Databases, or data visualization tools Understanding and/or working knowledge of insider threats in the Dark and Deep Web underground forums Strong practical experience in Cyber security: Framework, Cyber kill chain, TTP, threat intelligence, malware triage. Strong understanding of Different Attacks on System, Network, Applications. Relevant industry certifications such as Splunk certification, CERT, CFE, CFCE, CISSP, GCIH, SANS, GIAC Possess strong analytical skills, self-motivated, detail oriented and team player Willing to learn and work in a collaborative manner with peers and team. Good interpersonal and communication skill. Able to work under pressure during critical situations A passion for information security and data security