Sr Engineer, Cyber Insider Threat - Network Activity Logs - Remote

This job description provides a comprehensive overview of the role, responsibilities, qualifications, and preferred skills. However, it contains some redundant elements and irrelevant sections, such as repeated job titles and unrelated job postings, which could be removed for clarity and focus. Additionally, the formatting can be improved for better readability by structuring the content more clearly and removing unnecessary repetitions.

Below is a refined version that maintains all essential information while enhancing clarity and focus:

Job Summary

The Sr Engineer, Insider Threat will implement cyber intelligence (CyInt) collection, compilation, and analysis for the insider threat program. This role involves developing data sets, tools, and providing support to insider threat analysts and investigations. The engineer will collaborate closely with cybersecurity teams, technical units, and business stakeholders to develop advanced insider threat systems and processes.

Job Duties

• Design, develop, and implement a comprehensive insider threat monitoring and detection strategy.
• Collaborate with cybersecurity analysts and engineers to refine monitoring capabilities.
• Correlate information from various technical and non-technical sources to enable proactive threat detection.
• Utilize cybersecurity expertise and data analytics to create innovative detection strategies.
• Analyze logs from multiple data sources.
• Automate investigation and escalation workflows.
• Support internal investigations, including forensic analysis and log review.
• Test security mechanisms for effectiveness.
• Develop insider risk techniques and use cases related to data exfiltration, fraud, privilege escalation, and sabotage.
• Evaluate and improve existing detection solutions.
• Guide the technical architecture of insider threat systems.
• Publish threat intelligence products and brief stakeholders.
• Define security controls and metrics to measure program effectiveness.
• Stay updated on emerging insider threat trends.
• Coordinate with stakeholders to ensure policy compliance.

Qualifications

Required:

• Bachelor’s degree in Computer Science, Cybersecurity, or related field or equivalent experience.
• Expertise in cybersecurity and insider threat concepts, tools, and protocols.
• Experience with UEBA deployment and data source integrations.
• Knowledge of data protection and privacy regulations.
• Proficiency in programming/scripting languages such as Python, PowerShell, Perl, or Bash.
• At least 6 years of experience in cybersecurity, investigations, or related fields.
• Experience leading technical investigations and managing confidential information.
• Knowledge of data analytics tools for insider threat detection.
• Ability to work autonomously and own complex projects.
• Experience with security controls across various operating systems and SaaS applications.

Preferred:

• Experience with UEBA/SIEM tools, EDR, and forensic analysis.
• Experience communicating technical issues to non-technical audiences.
• Familiarity with cybersecurity fundamentals, networking, and data exfiltration techniques.
• Skills in analyzing datasets using Excel or SQL and developing presentations.
• Relevant security certifications such as CISSP, CISM, or CEH.

Additional Details

• Pay Range: $80,412 - $188,164 annually.
• Senior level, full-time position in IT/Engineering within the IT Services and Consulting industry.