Apply on Employer Site

Arlo Solutions · 3 months ago

(589) Insider Threat Program Analyst

Silver Spring, MD

Full-time

Onsite

Mid, Senior Level

5+ years exp

Arlo Solutions is an information technology consulting services company specializing in delivering technology solutions. They are seeking an Insider Threat Program Analyst to support NOAA's Internal Risk Management Program by designing and implementing insider threat detection and mitigation capabilities. The role involves developing policies, analyzing security data, and coordinating with stakeholders to protect sensitive information and ensure compliance with regulations.

Cyber SecurityInformation TechnologyManagement Consulting

Growth Opportunities

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Support development and implementation of a comprehensive Internal Risk Management Program (IRMP) that detects, deters, and responds to insider threats across NOAA’s workforce, including employees, contractors, and uniformed personnel

Assist with crafting and maintaining internal risk/insider threat policies, procedures, and governance artifacts; ensure alignment with federal directives and NOAA policy

Consolidate and analyze security data from multiple sources (e.g., cybersecurity telemetry/SIEM, User Access Management (UAM), Human Resources (HR), physical access, case management, and lawful external data) into a cohesive risk picture that provides actionable insights to leadership

Develop analytic methods and behavioral indicators; produce dashboards and routine analytical products to inform risk prioritization and mitigation activities

Monitor system integration performance and data quality; recommend improvements to achieve target integration milestones and performance metrics

Execute insider threat reporting and response procedures; triage, document, and track matters in the IRMP HUB case management tools; coordinate formal referrals and follow-up actions

Support insider threat incident investigations, response, and mitigation; document timelines, actions, lessons learned, and protocol adjustments

Meet timeliness standards for incident documentation and reporting (e.g., initial reporting within three business days) and ensure evidence handling aligns with applicable policy

Develop and deliver insider threat and internal risk training and awareness content; assess training effectiveness via post-training surveys and performance metrics

Drive adoption of best practices to embed a proactive, ethical, and privacy-aware internal risk culture across NOAA; tailor content to roles and mission contexts

Maintain training artifacts and schedules; recommend continuous improvement actions based on feedback and outcomes

Support development and implementation of research security protocols and compliance measures to protect sensitive research and deter foreign interference

Assist with assessments, gap analyses, and corrective action planning to achieve and sustain compliance with NSPM-33 and related standards

Coordinate with internal stakeholders (e.g., Cybersecurity Division, HR, Legal/Privacy/Civil Liberties, Research Security, Security Management) and external partners (e.g., NITTF, SEI CERT)

Document stakeholder engagements, action items, and outcomes; track completion and effectiveness

Develop and maintain program artifacts and deliverables, which may include: Risk Mitigation Strategy documents; Research Security Compliance Reports; Training & Awareness Program Reports; Insider Threat Detection System Status Reports; Incident Response and Mitigation Reports; Risk Management dashboards/tools updated at least weekly; Policy and SOP updates; Stakeholder Engagement Reports; and annual/final program evaluations

Ensure products are accurate, clear, Section 508 compliant, and aligned to acceptance criteria and performance standards

Identify, track, and mitigate program and operational risks, including integration, privacy, and workforce continuity risks; propose practical workarounds and improvements

Support development and maintenance of dependencies, milestones, resource plans, and tracking mechanisms to keep the roadmap on schedule

Adhere to NISPOM, Privacy Act, CUI handling, civil liberties protections, and NOAA security policies; safeguard CNSI and CUI per contract requirements

Maintain required security training and certifications

Qualification

Insider Threat AnalysisSecurity Data AnalysisRisk AssessmentIncident ResponseData AnalyticsTraining DevelopmentStakeholder EngagementCompliance KnowledgeEthics ComplianceWritten CommunicationOral CommunicationCollaboration

Required

Must be a U.S. Citizen

Active Top Secret security clearance with SCI eligibility (SCI access preferred); ability to maintain eligibility throughout performance

Bachelor's degree in cybersecurity, information systems, intelligence/counterintelligence, behavioral science, criminology, data analytics, or a related field; equivalent experience may be considered

Five (5) or more years of experience in insider threat, internal risk, counterintelligence, security operations, or cyber analytics within federal, defense, or research environments

Demonstrated experience consolidating and analyzing multi-source security data (e.g., SIEM/UAM/HR/physical access); proficiency with dashboards and analytics (e.g., Smartsheet, Tableau, Power BI, Google Workspace)

Hands-on experience with insider threat/IRMP case management, incident response, and formal referral processes; strong documentation and chain-of-custody practices

Knowledge of and experience applying NITTF Minimum Standards, EO 13587, NSPM-33, NISPOM, FISMA, NIST standards (e.g., SP 800-53, 800-171), and CUI handling requirements

Experience developing and delivering training and awareness programs; ability to measure training effectiveness and drive continuous improvement

Strong written and oral communication skills; demonstrated ability to brief leadership and produce high-quality, timely reports and deliverables

Proven ability to collaborate with cross-functional stakeholders (Cybersecurity, HR, Legal/Privacy, Research Security, Security Management) and external partners (e.g., NITTF, SEI CERT)

Commitment to privacy, civil liberties, ethics, and Section 508 compliance in all program artifacts

Preferred

NITTF Insider Threat Program personnel training/certification

Relevant professional certifications (e.g., CISSP, Security+, CEH, GCIH, GCFE, CISM, CCSP)

Experience supporting research security and NSPM-33 implementation within a federal research environment

Experience with User and Entity Behavior Analytics/User Activity Monitoring (UEBA/UAM) solutions, SIEM platforms (e.g., Splunk), and case management systems; familiarity with SIPRNet/secure enclaves

Data analytics skills (e.g., SQL, Python) and experience building automated dashboards and metrics

Familiarity with CMU SEI CERT insider threat best practices and NOAA mission context

Experience producing program roadmaps, risk registers, and accepted program documentation under federal QASP/QASP-like surveillance