Technical Supporter

Technical Insider Threat Analyst PKH Enterprises is seeking qualified individuals to support both government and private-sector clients in the development and implementation of insider threat and asset protection programs. Qualified candidates must have a strong working knowledge of insider threat program elements, digital forensics, governance models and overall program management support operations. Responsibilities: • Use industry standard digital forensic utilities (standalone & enterprise) to perform collections and analyses of mobile devices and digital media in support of Insider Threat investigations. • Properly preserve evidence, maintain chain of custody and produce forensic reports. • Effectively communicate analysis results to stakeholders to include technical staff and leadership. • Install, maintain, and recommend forensic hardware and software within a forensic lab environment while following established configuration management processes. • Research and develop scripts, methods or indicators to enhance forensic processes for identifying insider threat activity. • Use SIEM utilities to identify potential insider threat activity. • Assist with evaluation of existing insider threat program elements. • Assist with development of Standard Operating Procedures, workflows, process guides and playbooks. • Assist with evaluating and recommending technical and non-technical solutions to detect and respond to potential insider threats. • Assist with evaluating and establishing program elements to support insider threat prevention, detection and response. • Assist in developing strategies for protecting critical assets. • Provide support in developing business cases, resource planning, budget justifications and other documents in support of client insider threat programs. • Assist with developing and operationalizing program performance metrics and reporting mechanisms in support of client insider threat programs. • Evaluate technical products for their use in Insider Threat Programs and define specific program implementation use cases. • Understand technology implementation to improve operating capability to support program maturity. • Flexible and adaptable self-starter with strong relationship building skills. • Strong problem-solving skills and qualitative reasoning in high pressure situations. • Ability to independently prioritize and complete multiple tasks with minimal or no supervision. Minimum Qualifications: • Bachelor's degree or equivalent • 5 years of experience in federal program support or related experience • 5 years of combined professional experience performing insider threat analyst, and digital media forensic analysis with industry standard commercial and open-source tools in Federal Government, DOD or Law Enforcement. • Familiarity with SIEM platforms. • Familiarity with using case management systems. • Familiarity with User Activity Monitoring (UAM) tools. • Active Top Secret Clearance required. Preferred Qualifications: • 5-10 years of professional experience in relevant fields including digital forensics, IT security, and investigations. • At least one of the following recognized digital forensics certifications (EnCE, ACE, CCE, GCFA, GCFE) • Working knowledge of User Activity Monitoring (UAM) tools. • Strong Working knowledge of SIEM utilities.