Sr Engineer, Cyber Insider Threat - Network Activity Logs - Remote

2 days ago Be among the first 25 applicants

Get AI-powered advice on this job and more exclusive features.

Lensa is the leading career site for job seekers at every stage of their career. Our client, Molina Healthcare, is seeking professionals. Apply via Lensa today!

The Sr Engineer, Insider Threat, will implement cyber intelligence (CyInt) collection, compilation, and analysis for the insider threat program. Responsibilities include implementing data sets, tools, and supporting insider threat analysts and investigations. The role requires close collaboration with cybersecurity teams, technical teams, and business stakeholders to develop advanced insider threat systems and processes.

• Lead the design, development, and implementation of a comprehensive insider threat monitoring and detection strategy integrating technical and non-technical components.
• Collaborate with cybersecurity analysts, engineers, and other stakeholders to develop and refine monitoring capabilities.
• Correlate information from multiple sources such as user activity monitoring (UAM), user entity behavior analytics (UEBA), data loss prevention (DLP), SIEM, and non-technical data sources to enable proactive threat detection.
• Utilize cybersecurity expertise and data analytics to create strategies for detecting and preventing malicious activities.
• Conduct in-depth analysis of logs from various data sources.
• Architect and automate investigation and escalation workflows.
• Support internal investigations through forensic analysis, log review, and alert analysis.
• Test internal security mechanisms to validate effectiveness.
• Develop and maintain insider risk techniques and procedures, including use cases like data exfiltration, internal fraud, privilege escalations, and sabotage.
• Evaluate and improve existing solutions for threat detection and response.
• Guide the technical architecture of insider threat systems aligning with organizational goals.
• Publish threat intelligence products and briefings for stakeholders.
• Define security controls and metrics to measure program effectiveness.
• Stay updated on emerging insider threat trends and adapt strategies accordingly.
• Coordinate with stakeholders to ensure policy and regulatory compliance.

• Bachelor’s degree in computer science, Cybersecurity, Information Systems, or equivalent experience.
• Expertise in cybersecurity and insider threat concepts, protocols, and tools.
• Experience with UEBA deployment, administration, and data source integration.
• Strong knowledge of data protection and privacy regulations.
• Proficiency in programming or scripting languages such as Java, Python, .NET, JavaScript, or C+.
• Experience with scripting languages like PowerShell, Perl, or Bash.
• Excellent leadership, communication, and presentation skills.
• Minimum 6 years of experience in cybersecurity, DLP, Security Operations, investigative analysis, or related fields.
• Experience leading or conducting technical investigations using insider threat tools.
• Ability to handle confidential matters with appropriate judgment.
• Experience with data analytics tools for insider threat information collection and risk scoring.
• Proactive engineer capable of autonomous work and complex project ownership.
• Experience developing and implementing controls across Windows, MacOS, Linux, and SaaS applications.
• Skill in automating workflows and integrating security tools within IT environments.

• Experience with UEBA/SIEMs, EDR tools, device management, and telemetry sources.
• Experience working on insider threat teams or investigations.
• Knowledge of broad system forensics.
• Ability to communicate technical security issues to non-technical audiences.
• Experience with insider threat tools like Red Vector, Code42, Exabeam, DTEX.
• Experience handling confidential/sensitive information.
• Familiarity with cybersecurity fundamentals, networking, digital forensics, and data exfiltration methods.
• Proficiency with Excel or SQL for data analysis.
• Experience developing PowerPoint presentations.
• Relevant certifications such as Security+, CISSP, CISM, CERT Insider Threat, CEH.

Pay Range: $80,412 - $188,164 / ANNUAL

• Actual compensation varies based on location, experience, education, and skills.

• Senior level: Mid-Senior
• Employment type: Full-time
• Job function: Engineering and IT
• Industries: IT Services and Consulting

Referrals increase your chances of interviewing at Lensa by 2x.

Get notified about new Senior Software Engineer jobs in Augusta, GA.