GuidePoint Security
Sr. Insider Threat Analyst - Mid-Atlantic region (Remote - EST)
GuidePoint Security, Herndon, Virginia, United States, 22070
Sr. Insider Threat Analyst - Mid-Atlantic region (Remote - EST)
GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation’s top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best‑fit solutions that mitigate risk.
Primary Duties and Accountabilities
Identify and respond to insider threat security events.
Respond to, analyze, and triage alerts from DLP, UEBA, and other monitoring tools.
Characterize and analyze information from enterprise cyber security tools to identify anomalous activity and potential threats.
Coordinate with enterprise‑wide cyber defense staff to validate network alerts.
Analyze security incidents for trends and patterns to uncover anomalies, identify gaps, and propose risk mitigation solutions.
Manage incident response and investigative leads, including notification and escalation. Coordinate with physical security, legal, and HR teams as required.
Develop insider threat use cases and tune DLP and UEBA rules and policies.
Identify and integrate new data sources to detect insider threat activity.
Perform security reviews, cyber defense trend analysis, and open‑source research.
Identify vulnerabilities in security architecture or controls and recommend changes to resolve or mitigate risk.
Analyze insider events to identify patterns and develop mitigation strategies.
Conduct open‑source research about industry trends and developments in protecting company assets and countering insider threats.
Prepare timely written reports summarizing significant industry insider events to draw lessons that can be incorporated into the insider threat program.
Assist in the development of policy, processes, procedures, and associated metrics.
Produce and deliver insider threat awareness briefings, debriefings, and training activities.
Minimum Qualifications
Bachelor’s degree in computer science, cybersecurity, or related 4‑year technical degree with 5+ years of experience in IT or cybersecurity, or equivalent combination of education and work experience.
Skill in collecting data from a variety of cyber defense resources and ability to interpret information collected to recognize threats.
Knowledge of DLP, UEBA, and logging applications; and skill tuning policies within these tools.
Knowledge of incident response and handling methodologies.
Knowledge of computer networking concepts and protocols, and network security methodologies.
Knowledge of host/network access control mechanisms.
Knowledge of operating systems.
Knowledge of scripting languages.
Knowledge of cyber‑attack stages and techniques used by malicious insiders.
Knowledge of security controls frameworks and ability to assess organizational security posture against these frameworks.
Skill in conducting trend analysis.
Benefits
Remote workforce primarily (U.S. based only, some travel may be required for certain positions; working on‑site may be required for federal positions).
Group medical insurance options: Zero deductible PPO plan (GuidePoint pays 90% of the premium for employees and 70% for family plans) or high deductible health plan with HSA (GuidePoint pays 100% of the employee’s premiums and 75% for family plans; GPS will contribute in one lump sum: $500 per employee annually / $1,000 per family annually).
Group dental insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans.
12 corporate holidays and a flexible time off (FTO) program.
Healthy mobile phone and home internet allowance.
Eligibility for retirement plan after 2 months at open enrollment.
Pet benefit option.
#J-18808-Ljbffr
Primary Duties and Accountabilities
Identify and respond to insider threat security events.
Respond to, analyze, and triage alerts from DLP, UEBA, and other monitoring tools.
Characterize and analyze information from enterprise cyber security tools to identify anomalous activity and potential threats.
Coordinate with enterprise‑wide cyber defense staff to validate network alerts.
Analyze security incidents for trends and patterns to uncover anomalies, identify gaps, and propose risk mitigation solutions.
Manage incident response and investigative leads, including notification and escalation. Coordinate with physical security, legal, and HR teams as required.
Develop insider threat use cases and tune DLP and UEBA rules and policies.
Identify and integrate new data sources to detect insider threat activity.
Perform security reviews, cyber defense trend analysis, and open‑source research.
Identify vulnerabilities in security architecture or controls and recommend changes to resolve or mitigate risk.
Analyze insider events to identify patterns and develop mitigation strategies.
Conduct open‑source research about industry trends and developments in protecting company assets and countering insider threats.
Prepare timely written reports summarizing significant industry insider events to draw lessons that can be incorporated into the insider threat program.
Assist in the development of policy, processes, procedures, and associated metrics.
Produce and deliver insider threat awareness briefings, debriefings, and training activities.
Minimum Qualifications
Bachelor’s degree in computer science, cybersecurity, or related 4‑year technical degree with 5+ years of experience in IT or cybersecurity, or equivalent combination of education and work experience.
Skill in collecting data from a variety of cyber defense resources and ability to interpret information collected to recognize threats.
Knowledge of DLP, UEBA, and logging applications; and skill tuning policies within these tools.
Knowledge of incident response and handling methodologies.
Knowledge of computer networking concepts and protocols, and network security methodologies.
Knowledge of host/network access control mechanisms.
Knowledge of operating systems.
Knowledge of scripting languages.
Knowledge of cyber‑attack stages and techniques used by malicious insiders.
Knowledge of security controls frameworks and ability to assess organizational security posture against these frameworks.
Skill in conducting trend analysis.
Benefits
Remote workforce primarily (U.S. based only, some travel may be required for certain positions; working on‑site may be required for federal positions).
Group medical insurance options: Zero deductible PPO plan (GuidePoint pays 90% of the premium for employees and 70% for family plans) or high deductible health plan with HSA (GuidePoint pays 100% of the employee’s premiums and 75% for family plans; GPS will contribute in one lump sum: $500 per employee annually / $1,000 per family annually).
Group dental insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans.
12 corporate holidays and a flexible time off (FTO) program.
Healthy mobile phone and home internet allowance.
Eligibility for retirement plan after 2 months at open enrollment.
Pet benefit option.
#J-18808-Ljbffr