Cybersecurity Analyst

About the Firm:

We are a leading global investment firm and aim to help endowments & foundations, pension plans, and high net worth private clients implement and manage custom investment portfolios that generate outperformance and enable them to maximize their impact on the world. Working alongside its early clients, Cambridge Associates pioneered the strategy of high-equity orientation and broad diversification, which since its inception in the 1980s has been a primary driver of performance for institutional investors. Today, we deliver a range of portfolio management services, including outsourced CIO, non-discretionary portfolio management, investment staff extension, and asset class mandates. Cambridge Associates maintains offices in major financial centers across the globe, with headquarters in Boston, MA.

Working with some of the world’s most sophisticated institutional investors, we bring a deep knowledge of portfolio management best practices to the clients we serve and select our colleagues with great attention to their potential to become a valuable member of a collaborative, intelligent and hard-working team.

About the Team:

CA maintains an information security program which sets the policies for accessing, collecting, storing, using, transmitting and protecting electronic, paper and other records.  The purpose of this program is to establish administrative, technical, and physical safeguards to protect information that is owned, licensed, stored or maintained by CA.  The Chief Information Security Officer (CISO) oversees the program with the support of a dedicated team of information security professionals.

Cambridge Associates seeks an Insider Risk Analyst to join its Cyber Security team. The position is responsible for supporting the efforts of Cambridge Associate’s core Insider Risk team to assess, monitor, and mitigate security risks associated with the actions of corporate insiders (employees and contractors).   The primary role of the analyst is to mature the technical capabilities of the Insider Risk program and to support day-to-day monitoring activities, conducting analysis, providing assessments of known insider threats and vulnerabilities discovered, and identifying policy violations.

The position provides an opportunity to build on prior experience with enterprise information systems analysis as well as cyber security and data protection. As a member of the firm’s Cyber Security team the Analyst is expected to contribute to the day-to-day administration of the firm’s security program, as well as its future design and development.

What You’ll Do:

·         Support implementation of insider threat detection and prevention controls, incorporating aspects of human reporting, the automated identification of anomalous behaviors (user behavior analytics), the identification of contextual risk indicators, and the classification of high-risk users.

·         Monitor for and detect potential insider threats using the established detection regime.

·         Identify opportunities to correlate data across multiple sources to identify activity which has a strong probability of indicating an insider threat.

·         Aid in the coordination of insider threat investigations from detection through resolution.

·         Collaborate with the security incident response team, and other technical teams for security incident remediation and communication.

·         Document insider risk governance policies and procedures.

·         Assist with the implementation of the firm’s data classification and labeling efforts.

·         Assist with the implementation of a case management solution.

·         Assist with planning and execution of insider risk training.

·         Develop a comprehensive understanding of Cambridge Associates business practices as it relates to the construction and flow of structured and unstructured data.

·         Analyze normal data usage patterns, including business process analysis, user behavior analysis, and user personas.

·         Participate in the ongoing monitoring of potential data loss.

·         Assist with the implementation and usage of data loss prevention and event monitoring tools, including CASB, DLP, SIEM and EDR.

·         Develop a high-level of trust with stakeholders to ensure on-going commitment.

·         Foster a team environment, open to communication and collaboration

Required Qualifications:

·         Experience in a role requiring application of analytic skills as an analyst, ideally in an information systems or cybersecurity setting.

·         Experience with conducting data analysis on large data sets

·         Knowledge of computer networking and network-based information assurance devices

·         Knowledge of, and experience with cloud-based information systems (e.g. Amazon Web Services, Microsoft Azure/Office 365, Salesforce, SharePoint, Box, Dynamics)

·         Experience developing and presenting, orally and in writing, technical information to non-technical audiences and clients.

·         Bachelor’s degree, preferably in a technical, scientific, or analytical discipline.

·         Candidates must be eligible to work in the US without sponsorship.

 Preferred Qualifications

·         Cybersecurity training and certification (e.g., Security+, SSCP, GSEC)

·         Demonstrable knowledge of, and experience with Cybersecurity programs in a professional setting.

·         1+ years’ experience with SQL, KQL and/or a programming language such as Python or Java.

·         1+ years’ experience with the investment management and/or the investment services industry.

Equal Opportunity Employment:

The firm is committed to the concept and practice of equal employment opportunity and will not discriminate against any employee or applicant on the basis of race, color, religion, age, sex, national origin, sexual orientation, gender identity, disability, or veteran status. It is expected that all employees will follow a similar policy toward their co-workers