3-5 years of DevOp or DevSecOP Experience, 1-2 year of experience doing capability development for cyber security or insider threat
Oversee design, development, maintenance and support of our pipelines, which support our Continuous Integration and Deployment of Insider related Capabilities for Detection and prevention
Perform Threat-modeling & risk analysis based on direct interaction with investigators, analysts, and available data for all business segments
Provide training and assistance with playbook development for emerging threats and their related detections
Work with stakeholders to define and drive continuous improvements in policies, procedures, and technical controls related to the Insider Threat Program
Experience with User and Entity Behavior Analytics (UEBA), Security Information Event Management (SIEM), and Data Loss Prevention (DLP) principles
Knowledge of NIST Cyber Security Framework, computer forensics, incident response, threat-informed defense approaches, the MITRE ATT&CK framework, and cyber security principles.
Experience with scripting languages like Python
Experience with infrastructure as code languages like Terraform
Preferred Qualifications
3-5 years of DevOp or DevSecOP Experience, 2-3 year of experience doing capability development for cyber security or insider threat, law enforcement background preferred
Oversee design, development, maintenance and support of our pipelines, which support our Continuous Integration and Deployment of Insider related Capabilities for Detection and prevention
Perform Threat-modeling & risk analysis based on direct interaction with investigators, analysts, and available data for all business segments
Provide training and assistance with playbook development for emerging threats and their related detections
Subject Matter Expert in infrastructure, development, operations, security and quality assurance, with proven experience with DevOps and Agile practices.
Work with stakeholders to define and drive continuous improvements in policies, procedures, and technical controls related to the Insider Threat Program
Experience with User and Entity Behavior Analytics (UEBA), Security Information Event Management (SIEM), and Data Loss Prevention (DLP) principles
Knowledge of computer forensics, incident response, threat-informed defense approaches, the MITRE ATT&CK framework, and cyber security principles.
Experience with security technologies, such as EDR, DLP, CASB, UEBA, SIEM, IPS/IDS, PAM
Experience with cross cutting technology stacks that include both on-prem(VMware) and cloud resources (AWS, GCP, AZURE, Oracle Cloud)
Certifications- CERT ITPM, GCFA, CFCE, CFI, CFSR, or Similar Credentials
GCP, AWS, and Azure Professional Experience with certification
Experience with scripting languages like Python, Perl, Bash, or Powershell
Experience with infrastructure as code languages like Terraform, Ansible, Puppet
Experience making remediation recommendations based on industry practice surrounding PCI, SOX, PHI, PII, GDPR, GLBA, and NIST CyberSecurity Framework
Desired Skills & Capabilities
Track record of acting with integrity, taking pride in work, seeking to excel, and being curious and flexible
Strong agile development background with experience supporting cyber security or insider threat operations
Excellent judgment and the ability to make quick decisions when working with complex situations
AWS Experience in an IaC environment,
CI/CD GitOps experience (Jenkins, Terraform)
Understand insider tactics, techniques and procedures(TTP) to aid in discovery and analysis
High degree of integrity, trustworthiness and confidence; represents the company and its management team with the highest level of professionalism.
Performing data analysis to discover insider TTP reactively to alerting
Insider Threat Program Management and Development based on evolving threats and business operating environments
Conduct proactive data discovery for new trends among possible insider threat actors
Developing Detections and Alertings for Insider Activity across SIEM and UEBA Controls
Developing capabilities across complex technology stacks consisting of a blend of components ranging from IAAS, PAAS, FAAS, SAAS across multiple cloud providers
Proficient use of scripting with one or more programming language including Python, PowerShell, JavaScript and Bash.
Proficient use of scripting with one or more programming infrastructure as a code languages including Terraform, Kubernete Manifests, Ansible, Puppet
