NorthMark Strategies
Insider Threat Operations Analyst:
About NorthMark Strategies
NorthMark Strategies is a multi-strategy investment advisory firm that provides strategic advice, asset management, and value-added professional services to investors, investment managers, and privately owned operating companies around the world. Our company’s mission is to integrate world class investments, operational excellence, and exceptional talent. Our values are Integrity, Ability, and Energy, and the company aims to hire individuals who possess those qualities. Our company offers a dynamic environment where individuals have the freedom to lead companies toward bold achievements by embracing innovation, leveraging technology, and fostering differentiated business strategies. We provide individuals with the opportunity to extend beyond boundaries and be in an optimal position to unlock exceptional value and drive unprecedented growth.
About the Role NorthMark Strategies (NMS) is looking for a detail-oriented and proactive Insider Threat Operations Analyst to strengthen and mature our Insider Threat Program across a multi-tenant enterprise environment. This role is responsible for reviewing and triaging insider alerts within Microsoft Purview Insider Risk Management, conducting investigations into potential data exfiltration, misuse, or anomalous user behavior, and supporting program evolution. In this role, you will be responsible for maturing and enhancing our existing insider threat defense capabilities by collaborating on efforts to design and implement improved processes and technologies within the NMS environment. You will work closely with key cross functional stakeholders to develop a program tailored to utilizing proactive and mitigating measures to detect and respond to potential threat to NMS infrastructure, employees, and intellectual property. The successful candidate will combine analytical skills with cross-functional collaboration to identify and mitigate insider risk while aligning protections with business priorities.
This role is part of NMS Cyber Defense - Insider Threat Operations team. The mission of the ITO team is to protect NMS by preventing, detecting, and investigating all insider threats by malicious or negligent employees, contractors and vendors with minimal disruption to the business.
Responsibilities Include, but Are Not Limited to:
Support day-to-day operations for insider threat investigations, ensuring the case management and alert development life cycles are followed or adjusted when necessary.
Investigate cases of potential data exfiltration, misuse of intellectual property, insider misuse, and anomalous user behavior.
Conduct insider threat monitoring with ability to review end user activity and identify threats from SIEM dashboards and tool consoles.
Identify and respond to automated alerts as well as conduct in-depth analysis and examination using all available information to find potential insider threats.
Reviewing and providing feedback to analysts about case work and escalations.
Develop and maintain documentation, which provides a visual depiction of various insider threat operations workflows to support an innovative program and bolster overall security practices.
Partner with HR, Legal, Compliance, and Business units to identify and prioritize sensitive and regulated data for monitoring.
Provide metrics and insights to support program maturity assessments and executive reporting.
Contribute to monthly reviews of insider threat detections and case trends.
Requirements and Qualifications
Minimum 2+ years of experience in cybersecurity engineering, insider threat or SOC engineering.
Bachelor’s degree in Cybersecurity, Information Technology, or a related field (or equivalent work experience)
Proficiency with Microsoft Purview (alert triage, case management, investigations).
Experience with DLP alerts and investigations, including data exfiltration scenarios.
Strong analytical, investigative, communication, and problem-solving skills.
Ability to collaborate effectively with cross-functional stakeholders (HR, Legal, IT).
NorthMark Strategies assesses market data to ensure a competitive compensation package for our employees. The base salary for this position is expected to be between $130,000 - $140,000 per year at the commencement of employment. However, base salary if hired will be determined on an individual basis, including as to experience and market location and is only part of the NorthMark Strategies total compensation package, which, depending on the position, may also include commission earnings, discretionary bonuses, short and long-term incentive packages, and company sponsored benefit programs.
#J-18808-Ljbffr
About the Role NorthMark Strategies (NMS) is looking for a detail-oriented and proactive Insider Threat Operations Analyst to strengthen and mature our Insider Threat Program across a multi-tenant enterprise environment. This role is responsible for reviewing and triaging insider alerts within Microsoft Purview Insider Risk Management, conducting investigations into potential data exfiltration, misuse, or anomalous user behavior, and supporting program evolution. In this role, you will be responsible for maturing and enhancing our existing insider threat defense capabilities by collaborating on efforts to design and implement improved processes and technologies within the NMS environment. You will work closely with key cross functional stakeholders to develop a program tailored to utilizing proactive and mitigating measures to detect and respond to potential threat to NMS infrastructure, employees, and intellectual property. The successful candidate will combine analytical skills with cross-functional collaboration to identify and mitigate insider risk while aligning protections with business priorities.
This role is part of NMS Cyber Defense - Insider Threat Operations team. The mission of the ITO team is to protect NMS by preventing, detecting, and investigating all insider threats by malicious or negligent employees, contractors and vendors with minimal disruption to the business.
Responsibilities Include, but Are Not Limited to:
Support day-to-day operations for insider threat investigations, ensuring the case management and alert development life cycles are followed or adjusted when necessary.
Investigate cases of potential data exfiltration, misuse of intellectual property, insider misuse, and anomalous user behavior.
Conduct insider threat monitoring with ability to review end user activity and identify threats from SIEM dashboards and tool consoles.
Identify and respond to automated alerts as well as conduct in-depth analysis and examination using all available information to find potential insider threats.
Reviewing and providing feedback to analysts about case work and escalations.
Develop and maintain documentation, which provides a visual depiction of various insider threat operations workflows to support an innovative program and bolster overall security practices.
Partner with HR, Legal, Compliance, and Business units to identify and prioritize sensitive and regulated data for monitoring.
Provide metrics and insights to support program maturity assessments and executive reporting.
Contribute to monthly reviews of insider threat detections and case trends.
Requirements and Qualifications
Minimum 2+ years of experience in cybersecurity engineering, insider threat or SOC engineering.
Bachelor’s degree in Cybersecurity, Information Technology, or a related field (or equivalent work experience)
Proficiency with Microsoft Purview (alert triage, case management, investigations).
Experience with DLP alerts and investigations, including data exfiltration scenarios.
Strong analytical, investigative, communication, and problem-solving skills.
Ability to collaborate effectively with cross-functional stakeholders (HR, Legal, IT).
NorthMark Strategies assesses market data to ensure a competitive compensation package for our employees. The base salary for this position is expected to be between $130,000 - $140,000 per year at the commencement of employment. However, base salary if hired will be determined on an individual basis, including as to experience and market location and is only part of the NorthMark Strategies total compensation package, which, depending on the position, may also include commission earnings, discretionary bonuses, short and long-term incentive packages, and company sponsored benefit programs.
#J-18808-Ljbffr