Insider Threat Analyst

OVERVIEW:

This role is responsible for overseeing the design and implementation of comprehensive security strategies and capabilities to mitigate and manage insider threats (InT)/User Activity Monitoring (UAM). This individual will work closely with cybersecurity teams, other technical teams, and business stakeholders to maintain and advanced insider threat systems and procedures. The ideal candidate is a thought leader, advising on matters of technical architecture and design and providing guidance in the development of advanced systems to detect, prevent, and mitigate insider threats

GENERAL DUTIES:

• Advise Senior Government personnel GS 14 and above on security engineering best practices. Works closely with business and IT stakeholders to identify critical assets and potential threat vectors and evaluate and recommend security technologies to improve the organization's insider threat posture.
• Lead all relevant program & project team meetings in coordination with stakeholders. Drive process improvements and technology solutions that enhance team productivity and effectiveness.
• Review possible improvement actions to enhance the insider threat mission and ensure quality and consistency of team execution against targeted project initiatives.
• Anticipate internal and/or external business challenges and resistance and recommend solutions.
• Prepare and refine detailed work plans, schedules, project estimates, resource plans, and status reports.
• System Documentation: Accountable for all Insider Threat capability project management artifacts, for a select number of projects, including but not limited to project plans, scoping documents, weekly status updates and the weekly team meeting agenda.
• Security Control Implementation: Design, implement, and configure security controls within Insider Threat information systems to meet RMF requirements.
• Has experience completing DISA STIG reviews. This includes access controls, encryption mechanisms, intrusion detection/prevention systems, firewalls, and other security technologies as applicable.
• System Security Architecture Design: Develop system security architectures that align with RMF principles and guidelines.
• Ensure that security controls are integrated seamlessly into InT system designs to provide comprehensive protection against threats and vulnerabilities.
• Vulnerability Management: Manage the vulnerability assessment process to identify, prioritize, and remediate security vulnerabilities within the InT information systems.
• Utilize vulnerability scanning tools, penetration testing, and patch management processes to maintain a secure posture.
• Security Configuration Management: Ensure that security configurations for the InT systems, applications, and network devices adhere to RMF requirements and best practices. Implement security baselines, hardening guidelines, and secure configuration standards to reduce attack surfaces.
• Assist cyber security tools engineers with configuration whitelisting to prevent performance impacts and conflicts between tools.
• Security Monitoring and Incident Response: Implement security monitoring tools and technologies to detect and respond to security incidents in real-time. Develop and execute incident response plans to contain, mitigate, and recover from security breaches or cyberattacks.
• Encryption and Data Protection: Implement encryption mechanisms to protect sensitive data at rest, in transit, and in use. Utilize encryption algorithms, key management practices, and cryptographic controls to ensure the confidentiality and integrity of information.
• Access Control Management: Manage user access rights and permissions for InT systems, applications, and data in accordance with RMF guidelines. Implement access control mechanisms such as role-based access control (RBAC), multi-factor authentication (MFA), and least privilege principles.
• Security Documentation and Reporting: Maintain documentation of security controls, policies, procedures, and technical configurations in compliance with RMF requirements. Generate security assessment reports, risk assessments, and authorization packages for system accreditation.
• Security Compliance Auditing: Conduct internal and external security audits to assess compliance with RMF requirements, regulatory standards, and organizational policies. Address audit findings and implement corrective actions to maintain compliance.

REQUIRED QUALIFICATIONS:

• Experience: 12 years of related experience or the equivalent combination of processional support, education, or professional training.
• Skills: Strong Independent work ethic and Emotional Intelligence, exceptional oral and written communication skills, and the ability to work unsupervised or within a team environment.
• Experience with large scale analytics platform system integration and guiding said systems through the RMF process. Database and Web application experience is also desired. Preferred experience with briefing Senior Executive personnel.
• Degree Requirements (if applicable) Master's degree from an accredited institute in an area applicable to the position in Cybersecurity, Computer Science, Information Systems, or a related discipline.
• Certification Requirements (if applicable) Certification in DoD 8570.01-M Cybersecurity workforce, compliance with DoD Directive 8140 Cyberspace Workforce Management, and IAT Level III (CASP+ CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, CCSP).

CLEARANCE:

• Top Secret minimum