insider threat cybersecurity specialist - secret clearance.
atlanta , georgia
posted august 11, 2024
job details
summary
$50 - $69 per hour
contract
bachelor degree
category computer and mathematical occupations
reference1061561
job details
job summary:
As part of the Information and Cybersecurity Department (ICD), the Insider Threat Cybersecurity Specialist will play an integral role in supporting the identification of potential and/or actual insider threat behaviors. The ideal candidate for this role is an insider threat focused cybersecurity subject matter expert who can use a variety of tools and sources to support incident response, inquiries, and investigations. The Insider Threat Cybersecurity Specialist will work closely with the ICD Director, Information Security Operations Center (ISOC), and the Insider Threat Program Senior Official (ITPSO) and team. This role reports to the ICD Director. This position has been designated as hybrid and work will be performed in the Atlanta, GA metropolitan area within Eastern Time (ET) Zone. We value bright, intellectually curious, growth-oriented professionals and provide a work environment that allows work / life balance and opportunity for growth. Position is starting as a contract role with potential for hire to a permanent employee based on performance. Pay is commensurate with level of experience.
location: Atlanta, Georgia
job type: Contract
salary: $50 - 69 per hour
work hours: 9am to 5pm
education: Bachelors
responsibilities:
Job Purpose
Requires extensive knowledge of computer operating systems, networks, log analysis and security tools.
Applies engineering principles to cybersecurity challenges.
Necessary skill areas: fundamentals of computer science, information analysis, testing software, log analysis, event correlation, anomaly detection, and behavioral analysis.
Defining cybersecurity controls for different systems and networks.
Creates novel cyber security technology components to ensure that critical systems/information are resilient to cyber exploits and attacks.
Performs attendant vulnerability assessments, analysis, and software engineering and design.
Ensures cybersecurity needs established and maintained for operations, security requirements definition, security risk assessment, information systems analysis, information systems design, information systems hardening, configuration and maintenance of other security boundary devices (IDS/IPS, Firewalls, perimeter routing) and vulnerability scanning, incident response, disaster recovery, and operations continuity planning and provides analytical support for security policy development and analysis.
Engineers, implements, and maintains Information Technology Infrastructure and associated cybersecurity controls.
Areas of responsibility include but are not limited to information security operations, cyber risk & intelligence, data loss & fraud protection, regulatory compliance, policy management and audits & assessment.
Key Responsibilities
·Helps with the validation security control configuration on systems, ensure all systems are configured to necessary controls, such as NIST, DFARS 252.204-7012, CMMC, and other similar requirements.
·Performs day to day analysis of security threats.
·Performs day to day remediation of security incidents.
·Provide leadership to lower-level cybersecurity and IT professionals across the enterprise.
Additional Responsibilities
·Assuring implementation of technical solutions supportive of institution information and Cybersecurity systems while identifying potential threatening behaviors through analysis of user compliance.
·Supporting information security operations, Cyber risk & intelligence, data loss and fraud protection, regulatory compliance, policy management and audits and assessment.
·Able to perform root cause analysis to identify and incorporate opportunities for continuous process improvement and future risk mitigation efforts, will be able to comprehend functionality of multiple technical tools and develop understanding of collection techniques and methodologies, recommend and develop requirements, specifications, design and procedures to satisfy security policy and planning and understand and author analytical reports identifying technical and behavioral analysis identified through independent reviews using multiple technology solutions.
·Ensures Cybersecurity needs are established and maintained for operations, security requirements, security risk assessment, information systems analysis, information systems design, information systems hardening, configuration and maintenance of other security boundary devices and vulnerability scanning, incident response, disaster recover, and operations continuity planning.
·Able to provide analytical support for security policy development and analysis identifying countermeasures associated with responsibilities.
·Engineer, implement, and maintain information technology solutions and associated Cybersecurity controls directly supporting the Insider Threat Program.
·Directly support the Insider Threat Program and focus on operational collection methods while performing studies through analysis and provide decision support for potential program enhancements in direct support of guidance derived from contractual requirements outlined in 32 CFR Part 117, National Industrial Security Program Operating Manual (NISPOM), Executive Order (E.O.) 13587, and the National Insider Threat Task Force (NITTF) Maturity Guidelines.
·Through the analytical and behavioral analysis collected through technological solutions, initiate response actions supporting daily operations and compliance to GTRI Information Systems and Cybersecurity policies.
·Provides technical assistance to include the support of unclassified networks and additional duties as required.
Required Minimum Qualifications
5 years of related experience with a Bachelor's degree in Computer Engineering, Electrical Engineering, Computer Science, or Information Assurance/Security or related field.
Solid technical understanding of cybersecurity concepts, standards, guidelines, and principles.
Experience with open-source intelligence (OSINT) tools and data sources in the execution of insider threat inquiries and investigations.
Experience using one or more Security Information and Event Management (SIEM) tools.
Experience using one or more endpoint detection and response (EDR) tools.
Experience using one or more Cybersecurity Asset Management (CSAM) tools.
Experience using one or more insider threat tools.
Ability to complete identified Insider Threat Program training requirements prior to obtaining access to Insider Threat Program information.
Excellent written and oral communication skills.
One or more intermediate cybersecurity certifications such as: Certified Ethical Hacker (CEH), PenTest+, Certified Threat Intelligence Analyst (CTIA), GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Enterprise Defender (GCED), GIAC Certified Forensic Analyst (GCFA), GIAC Certified Incident Handler (GCIH) or equivalent.
Preferred Qualifications
Active Secret Clearance or higher - highly preferred.
Master's degree.
8 years of equivalent work experience.
Expert technical understanding of cybersecurity concepts, standards, guidelines, and principles.
Experience using open-source intelligence (OSINT) tools and data sources in the execution of insider threat inquiries and investigations.
Experience in with Splunk applications, tools, and add-ons, including ES and SOAR.
Experience with CrowdStrike Falcon, Identity Threat Protection, FalconX, and Falcon Recon endpoint detection and response (EDR) suite of tools.
Experience using Axonius Cybersecurity Asset Management (CSAM) tools.
Experience with DTEX, Code 42 Incydr, or Fulcrum insider threat tools.
One or more advanced cybersecurity certifications such as: Offensive Security Certified Professional (OSCP), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or equivalent.
Global Counter Insider Threat Professional (GCITP), Insider Threat Program Manager Professional (ITPM), or Insider Risk Management Measures of Effectiveness certifications (IRM-MoE).
qualifications:
Experience level: Experienced
Minimum 5 years of experience
Education: Bachelors (required)
skills:
Network SecurityEqual Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.At Randstad Digital, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact HRsupport@randstadusa.com.Pay offered to a successful candidate will be based on several factors including the candidate's education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad Digital offers a comprehensive benefits package, including health, an incentive and recognition program, and 401K contribution (all benefits are based on eligibility).This posting is open for thirty (30) days.
+++++++++++++++
? Looking for more jobs like this? Find more at
CareerOneStop, sponsored by the U.S. Department of Labor Employment and Training Administration.
(SKINTGA)
+++++++++++++++