Sr Engineer, Cyber Insider Threat - Network Activity Logs - Remote

Company: Molina Healthcare

The Senior Engineer, Insider Threat will implement cyber intelligence (CyInt) collection, compilation, and analysis for the insider threat program. This role involves developing and supporting insider threat systems, working closely with cybersecurity teams, analysts, and stakeholders to enhance threat detection capabilities.

1. Lead the design, development, and implementation of insider threat monitoring and detection strategies.
2. Collaborate with cybersecurity analysts and engineers to develop monitoring capabilities.
3. Analyze logs from various data sources to identify potential threats.
4. Automate investigation and escalation workflows.
5. Support internal investigations with forensic analysis and log review.
6. Develop insider risk techniques and procedures, including use cases for data exfiltration, fraud, privilege escalation, and sabotage.
7. Evaluate and improve existing technical solutions for insider threat detection.
8. Guide the technical architecture of insider threat systems to align with organizational goals.
9. Publish threat intelligence products and briefings for stakeholders.
10. Define security controls and metrics to measure program effectiveness.
11. Stay updated on emerging insider threat trends and update strategies accordingly.
12. Ensure compliance with policies and regulations through stakeholder coordination.

1. Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, or related field.
2. Expertise in cybersecurity and insider threat concepts, protocols, and tools.
3. Experience with UEBA deployment, data source integration, and configuration.
4. Strong knowledge of data protection and privacy regulations.
5. At least 6 years of experience in cybersecurity, DLP, Security Operations, or related fields.
6. Experience leading technical investigations using insider threat tools.
7. Ability to manage confidential matters professionally.
8. Proficiency with data analytics tools for insider threat information collection.
9. Experience developing and implementing controls around various operating systems and SaaS applications.
10. Proficiency in automating workflows and integrating security tools.

1. Experience with UEBA/SIEMs and EDR tools.
2. Experience with insider threat investigations and broad system forensics.
3. Ability to communicate technical concerns to non-technical audiences.
4. Experience with insider threat tools such as Red Vector, Code42, Exabeam, DTEX.
5. Familiarity with cybersecurity fundamentals, networking, and data exfiltration methods.
6. Experience with analysis tools like Excel or SQL, and developing PowerPoint presentations.
7. Relevant security certifications (e.g., Security+, CISSP, CISM, CEH).

Salary Range: $80,412 - $188,164 annually.