Insider Threat Specialist/ Engineer
Insider Threat Specialist
Job Number: 21-07351
Use your skills where innovative technology solutions begin. Eclaro is looking for an Insider Threat Specialist for our client in Austin, TX.
Eclaro’s client is a leading technology solutions provider, collaborating with customers to manage their needs and achieve success in their business goals. If you’re up to the challenge, then take a chance at this rewarding opportunity!
- The Insider Threat Specialist will provide day-to-day insider threat subject matter expert services for the enterprise and its customers.
- The specialist will focus building out the insider threat program including but not limited to tool deployments, investigations, using strong problem-solving skills, and able to communicate effectively to people at various layers to assist leadership to make timely and well thought out decisions.
- This role will work cross-functionally with their peers on other teams such as threat response, blue team, human resources, legal and privacy analysts.
- This role is considered a subject matter expert for insider threat detection and investigation
- Build and mature the insider threat program, detecting and investigating potential well-intentioned and malicious activities attributable to internal activities
- Evaluate client needs, coordinate design for an insider threat solution, and clearly communicate the value proposition of implementation
- Implement and/or assess existing detection and monitoring security controls
- Provide expert level knowledge of tools and technologies used for enterprise insider threat
- Hands on analysis and insider threat investigations to include intelligence collection and forensics activities leveraging DLP, UBA, SIEM, EDR, and Mandiant proprietary tools
- Administer and respond to DLP alerts, providing tuning as needed in response to investigations
- Provide eDiscovery support for HR and Legal initiated investigations
- Experience building security programs to include hands-on implementation and/or assessment of security controls
- In-depth knowledge in collecting, analyzing, and investigating security incidents; responding to insider incidents, and/or collecting, analyzing, and disseminating insider threat intelligence
- Experience practicing extreme discretion while privy to highly sensitive information
- Experience using one or more cyber-forensic investigation tools (i.e. FTK, EnCase, F-Response, etc.)
- Expert-level experience using one or more Remote Monitoring and Management (RMM) tools (i.e. Teramind, NinjaRMM, etc.)
- Excellent written and verbal communication skills; to include report writing and presentation
- Quickly master, simplify, and communicate the value proposition of complex subjects to clients
- Use formal project management skills in planning, tracking, and reporting on project progress
- Familiarity with security bypasses and backdoors to security controls as investigation points
- Familiarity with cloud technologies such as VMWare, Microsoft Azure and Amazon Web Services
- Minimum of 6+ years relevant cybersecurity experience
- Minimum of 3+ years in use and system administration of insider threat tools such as SIEM, DLP, and UBA
- Knowledge of insider threat tools and technologies used for enterprise security
- Law Enforcement (LE) background investigations experience is preferred, but not required
- Experience directly conducting and managing cyber-forensic investigations
- BS, AS, in computer science + 3 years or more relevant work experience or 6+ years' experience in cybersecurity without a degree
If interested, you may contact:
Tim Cusick | LinkedIn
Equal Opportunity Employer: Eclaro values diversity and does not discriminate based on Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.