Must-haves
- Bachelor’s degree and 5 years of relevant experience OR Masters and 3 years (IT/ Cybersecurity related preferred)
- Experience using one or more Cybersecurity Asset Mngt tools such as: Axonius, Forescout, Qualys AssetView, , Tanium
- Experience using one or more Security Information and Event Management (SIEM) tools: Splunk Enterprise Security, Logrhythm, AlienVault, Microsoft Sentinel, Securonix, RSA NetWitness, Graylog, McAfee Enterprise Security Manager (ESM), ArcSight, QRadar
- Experience using one or more Endpoint Detection and Response (EDR) tools: CrowdStrike Falcon, Carbon Black (vmware), Microsoft Defender for Endpoint, SentinelOne, Symantec Endpoint Detection and Response
- Experience with Code 42 Incydr, DTEX, Fulcrum or similar insider threat tool
- Ability to complete identified Insider Threat Program training requirements prior to obtaining access to Insider Threat Program information.
- Excellent written and verbal communication skills.
- One or more basic cybersecurity certifications such as: Certified Ethical Hacker (CEH), PenTest+, Certified Threat Intelligence Analyst (CTIA), GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Enterprise Defender (GCED), GIAC Certified Forensic Analyst (GCFA), GIAC Certified Incident Handler (GCIH) or equivalent.
Plusses
- Active Secret Clearance
- Master’s degree
- Splunk applications, tool, and add-ons, including ES and SOAR
- Experience using open-source intelligence (OSINT) tools and data sources in the execution of insider threat inquiries and investigations such as: Maltego, Shodan, SpiderFoot, Recon-ng, Amass, Google Dorks, Metagoofil, Censys, etc.
- One or more advanced cybersecurity certifications such as: Offensive Security Certified Professional (OSCP), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or equivalent.
- Global Counter Insider Threat Professional (GCITP), Insider Threat Program Manager Professional (ITPM), or Insider Risk Management Measures of Effectiveness certifications (IRM-MoE).
Day-to-Day
An Insight Global Client is looking for an Insider Threat Cybersecurity Analyst to join their team on a contract with potential to be hired on permanent
The Insider Threat Cybersecurity Specialist will play an integral role in supporting the identification of potential and/or actual insider threat behaviors. The ideal candidate for this role is an insider threat focused cybersecurity subject matter expert who can use a variety of tools and sources to support incident response, inquiries, and investigations. The Insider Threat Cybersecurity Specialist will work closely with the Cybersecurity Department Director, Information Security Operations Center (ISOC), and the Insider Threat Program Senior Official (ITPSO) and team.
This position has been designated as hybrid and work will be performed in the Atlanta, GA metropolitan area within Eastern Time (ET) Zone.
Compensation:
Contract: $50/hr to $71/hr (Exact compensation may vary based on several factors, including skills, experience, and education.)