Apply on Employer Site

Perham Health · 2 weeks ago

Insider Threat Information Systems Security – Senior Data Analyst

Arlington, VA

Full-time

Onsite

Senior Level, Lead/Staff

$88.07/hr - $88.07/hr

8+ years exp

Perham Health is seeking a Senior Data Analyst for Insider Threat Information Systems Security. This role involves analyzing, detecting, and mitigating insider threats within the organization's information systems, working closely with the Information Security team and other stakeholders to enhance cybersecurity measures.

Health CareHospitalMedicalRehabilitation

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Analyze internal data streams to identify and flag suspicious activities indicative of insider threats, including unusual user behaviors, data access patterns, and anomalies in system and network activity

Utilize advanced data analytics tools and machine learning techniques to proactively identify emerging threats and vulnerabilities from insiders

Develop, implement, and continuously improve insider threat detection methodologies, ensuring they align with current threat landscapes

Lead the investigation of potential insider threat incidents, collaborating with cross-functional teams to determine the root cause and impact of security breaches

Coordinate with IT security teams to execute appropriate containment and mitigation strategies during and after a security incident

Prepare detailed incident reports, summaries, and post-incident reviews, making actionable recommendations for future mitigation strategies

Conduct in-depth data analysis to generate actionable insights, trends, and reports on insider threat activities, ensuring accurate reporting to senior leadership

Utilize statistical analysis, pattern recognition, and data mining techniques to interpret complex data sets related to insider behavior

Prepare and present periodic status reports, threat analysis summaries, and risk assessments to stakeholders

Work closely with information security, risk management, and compliance teams to enhance the organization's cybersecurity posture

Share threat intelligence findings and best practices with colleagues and internal stakeholders to increase awareness and improve threat detection capabilities across the organization

Mentor and provide guidance to junior analysts on data analysis techniques, threat detection methodologies, and best practices

Contribute to the creation and review of policies, procedures, and guidelines for insider threat detection, prevention, and response

Assist in the development of employee awareness programs regarding insider threat risks and the importance of data protection

Ensure all insider threat activities and investigations comply with relevant laws, regulations, and industry standards

Participate in risk assessments and audits to ensure that insider threat controls meet compliance requirements and continuously improve organizational security

Qualification

Data analysisCybersecurityInsider threat detectionStatistical modeling toolsIncident responseCISSP certificationPythonSQLAnalytical thinkingCommunication skillsProblem-solving skillsProject management

Required

Citizenship required

Bachelor's degree in computer science, Information Systems, Cybersecurity, or a related field

Eight (8) years of related IT experience

Minimum of 5 years of experience in data analysis, with at least 2 years of specialized experience focusing on insider threat detection or information systems security

Proven experience in analyzing security logs, identifying anomalies, and investigating security incidents

Strong understanding of cybersecurity principles, including encryption, authentication, access control, and network security

Expertise in data analysis and statistical modeling tools (e.g., Python, R, SQL)

Experience with insider threat detection tools and platforms (e.g., SIEM, DLP, UEBA)

Strong knowledge of insider threat behaviors, tactics, and indicators

Ability to work with large datasets and manage complex data analysis projects

Strong analytical thinking and problem-solving skills, with the ability to identify patterns and provide actionable insights

Excellent communication and interpersonal skills, with the ability to present findings to technical and non-technical stakeholders

Ability to manage multiple projects and deadlines in a fast-paced environment

Current CISSP, CRISC, CISM, CISA, CEH, or DoD 8570 IAM III equivalent certifications

Position will be subject to a U.S. Government Security Investigation. Incumbents must possess or obtain/maintain minimum a TOP SECRET clearance with ability to obtain/maintain special access requirements (SCI)

Preferred

Department of State experience

Certified Information Systems Security Professional (CISSP)

ArcSight Certified Integrator/Administrator (ACIA)

ArcSight Certified Security Analyst (ACSA)

Microsoft Certified Systems Engineer (MCSE)

Microsoft Certified IT Professional (MCITP)

GIAC Certified Incident Handler (GCIH)

Certified Ethical Hacker (CEH)

Comp TIA Security+

SANS GIAC GCIA

Intrusion Analyst Certification or Forensics Analyst Certification

Certified Authorization Professional (CAP)

Microsoft Certified Solutions Associate (MCSA)

Microsoft Technology Associate (MTA)

Proficient with information system vulnerability assessment and analysis

Proficient with incident handling and electronic data discovery

Skilled in the correlation and analysis of events, designing, implementing, tuning, and using the ArcSight Security Information and Event Management (SIEM) tool to detect IT security incidents

Proficient in configuring and monitoring Intrusion Detection Systems (IDS) and reading, interpreting, and analyzing network traffic and related log files

Experience establishing or maintaining network software parameters used for insider threat analysis, g., ArcSight security authorization tables, configuration definitions, file access tables

Proficient detecting malicious insider threat activity

Experience analyzing and reporting information technology (IT) security alerts

Experience analyzing IDS alerts, system logs, and/or SQL and data warehousing

Skilled with Microsoft Windows operating environment and administration

Experience documenting threat reports, assessments, and briefings