Be an early applicantLess than 25 applicants

Company

Pueo Business Solutions LLC · 4 hours ago

Insider Threat Analyst

United States

Full-time

Remote

Senior Level, Lead/Staff

12+ years exp

Maximize your interview chances

Business IntelligenceConsulting

Growth Opportunities

Insider Connection @Pueo Business Solutions LLC

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Advise Senior Government personnel GS 14 and above on security engineering best practices. Works closely with business and IT stakeholders to identify critical assets and potential threat vectors and evaluate and recommend security technologies to improve the organization's insider threat posture.

Lead all relevant program & project team meetings in coordination with stakeholders. Drive process improvements and technology solutions that enhance team productivity and effectiveness.

Review possible improvement actions to enhance the insider threat mission and ensure quality and consistency of team execution against targeted project initiatives.

Anticipate internal and/or external business challenges and resistance and recommend solutions.

Prepare and refine detailed work plans, schedules, project estimates, resource plans, and status reports.

System Documentation: Accountable for all Insider Threat capability project management artifacts, for a select number of projects, including but not limited to project plans, scoping documents, weekly status updates and the weekly team meeting agenda.

Security Control Implementation: Design, implement, and configure security controls within Insider Threat information systems to meet RMF requirements.

Has experience completing DISA STIG reviews. This includes access controls, encryption mechanisms, intrusion detection/prevention systems, firewalls, and other security technologies as applicable.

System Security Architecture Design: Develop system security architectures that align with RMF principles and guidelines.

Ensure that security controls are integrated seamlessly into InT system designs to provide comprehensive protection against threats and vulnerabilities.

Vulnerability Management: Manage the vulnerability assessment process to identify, prioritize, and remediate security vulnerabilities within the InT information systems.

Utilize vulnerability scanning tools, penetration testing, and patch management processes to maintain a secure posture.

Security Configuration Management: Ensure that security configurations for the InT systems, applications, and network devices adhere to RMF requirements and best practices. Implement security baselines, hardening guidelines, and secure configuration standards to reduce attack surfaces.

Assist cyber security tools engineers with configuration whitelisting to prevent performance impacts and conflicts between tools.

Security Monitoring and Incident Response: Implement security monitoring tools and technologies to detect and respond to security incidents in real-time. Develop and execute incident response plans to contain, mitigate, and recover from security breaches or cyberattacks.

Encryption and Data Protection: Implement encryption mechanisms to protect sensitive data at rest, in transit, and in use. Utilize encryption algorithms, key management practices, and cryptographic controls to ensure the confidentiality and integrity of information.

Access Control Management: Manage user access rights and permissions for InT systems, applications, and data in accordance with RMF guidelines. Implement access control mechanisms such as role-based access control (RBAC), multi-factor authentication (MFA), and least privilege principles.

Security Documentation and Reporting: Maintain documentation of security controls, policies, procedures, and technical configurations in compliance with RMF requirements. Generate security assessment reports, risk assessments, and authorization packages for system accreditation.

Security Compliance Auditing: Conduct internal and external security audits to assess compliance with RMF requirements, regulatory standards, and organizational policies. Address audit findings and implement corrective actions to maintain compliance.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Insider Threat ManagementSecurity Architecture DesignVulnerability ManagementEncryption MechanismsAccess Control ManagementRMF ComplianceSecurity MonitoringIncident ResponseDatabase ExperienceWeb Application ExperienceDoD 8570.01-M CertificationIAT Level III CertificationMaster's Degree

Required

12 years of related experience or the equivalent combination of professional support, education, or professional training.

Strong Independent work ethic and Emotional Intelligence.

Exceptional oral and written communication skills.

Ability to work unsupervised or within a team environment.

Experience with large scale analytics platform system integration and guiding said systems through the RMF process.

Database and Web application experience is also desired.

Master's degree from an accredited institute in an area applicable to the position in Cybersecurity, Computer Science, Information Systems, or a related discipline.

Certification in DoD 8570.01-M Cybersecurity workforce, compliance with DoD Directive 8140 Cyberspace Workforce Management, and IAT Level III (CASP+ CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, CCSP).

Top Secret minimum clearance.

Preferred

Preferred experience with briefing Senior Executive personnel.

Company

Pueo Business Solutions LLC

Capabilities Our portfolio of innovative Day-1 tools allows us to deliver immediate value while helping our customers better understand their technology needs, without additional costs, licenses, or system accreditation dependencies.

Founded in 2016

Fredericksburg, Virginia, USA

51-200 employees