NorthMark Strategies
Cyber Defense Engineer - Insider Threat
NorthMark Strategies, Dallas, Texas, United States, 75215
NorthMark Strategies is a multi‑strategy investment advisory firm that provides strategic advice, asset management, and value‑added professional services to investors, investment managers, and privately owned operating companies around the world. Our mission is to integrate world‑class investments, operational excellence, and exceptional talent with integrity, ability, and energy. The company offers a dynamic environment where individuals lead companies toward bold achievements by embracing innovation, technology, and differentiated business strategies.
About the Role As a Cyber Defense Engineer, you will strengthen and mature the Insider Threat Program for a rapidly growing investment firm and its affiliates. This highly technical role focuses on Microsoft Purview Insider Risk Management, Data Loss Prevention (DLP), and User and Entity Behavior Analytics (UEBA) platforms. The successful candidate designs and implements scalable policies to protect sensitive information, evolving detection and response capabilities, and aligns insider threat protections with business priorities.
Responsibilities
Architect and optimize Microsoft Purview Insider Risk Management
to detect, triage, and respond to potential insider risks while ensuring regulatory, legal, and business alignment.
Engineer and refine enterprise DLP policies
across endpoints, cloud services, and collaboration platforms to prevent data exfiltration and misuse.
Develop advanced insider threat detection use cases
by leveraging telemetry, behavioral analytics, and UEBA models.
Design, implement, and tune monitoring systems
that track user behavior, data access patterns, and abnormal workflows for proactive threat detection.
Lead technical investigations
of insider threat alerts and incidents using forensic techniques, correlation across SIEM/EDR/DLP, and behavioral context analysis.
Design, deploy, and tune DLP policies to protect sensitive data across email, endpoints, SharePoint, OneDrive, and Teams.
Enhance sensitivity labeling and auto‑labeling policies
to improve coverage and accuracy.
Maintain multi‑tenant policy consistency
while respecting regional and regulatory requirements.
Collaborate with Cyber Defense Operations analysts
to finetune alerts and reduce false positives.
Partner with HR, Legal, Compliance, Business, and IT teams
to identify sensitive and regulated data types that require monitoring and protection.
Translate business needs into actionable DLP and insider threat use cases .
Requirements and Qualifications
Minimum 6+ years of experience in cybersecurity engineering, insider threat, or SOC engineering.
Hands‑on expertise with Microsoft Purview Insider Risk Management and DLP policy creation/tuning.
Strong knowledge of sensitivity labels, auto‑labeling, and classification strategies.
Experience deploying and managing solutions across multiple Microsoft 365 tenants.
Bachelor’s degree in Cybersecurity, Information Technology, or a related field (or equivalent work experience).
Familiarity with threat hunting, MITRE ATT&CK framework, and incident response methodologies.
Excellent analytical, communication, and problem‑solving skills.
Benefits
Medical insurance
401(k) plan
Paid maternity leave
Paid paternity leave
Disability insurance
Location: Dallas, TX
Salary: $116,350 - $129,300
Posted 4 days ago
#J-18808-Ljbffr
About the Role As a Cyber Defense Engineer, you will strengthen and mature the Insider Threat Program for a rapidly growing investment firm and its affiliates. This highly technical role focuses on Microsoft Purview Insider Risk Management, Data Loss Prevention (DLP), and User and Entity Behavior Analytics (UEBA) platforms. The successful candidate designs and implements scalable policies to protect sensitive information, evolving detection and response capabilities, and aligns insider threat protections with business priorities.
Responsibilities
Architect and optimize Microsoft Purview Insider Risk Management
to detect, triage, and respond to potential insider risks while ensuring regulatory, legal, and business alignment.
Engineer and refine enterprise DLP policies
across endpoints, cloud services, and collaboration platforms to prevent data exfiltration and misuse.
Develop advanced insider threat detection use cases
by leveraging telemetry, behavioral analytics, and UEBA models.
Design, implement, and tune monitoring systems
that track user behavior, data access patterns, and abnormal workflows for proactive threat detection.
Lead technical investigations
of insider threat alerts and incidents using forensic techniques, correlation across SIEM/EDR/DLP, and behavioral context analysis.
Design, deploy, and tune DLP policies to protect sensitive data across email, endpoints, SharePoint, OneDrive, and Teams.
Enhance sensitivity labeling and auto‑labeling policies
to improve coverage and accuracy.
Maintain multi‑tenant policy consistency
while respecting regional and regulatory requirements.
Collaborate with Cyber Defense Operations analysts
to finetune alerts and reduce false positives.
Partner with HR, Legal, Compliance, Business, and IT teams
to identify sensitive and regulated data types that require monitoring and protection.
Translate business needs into actionable DLP and insider threat use cases .
Requirements and Qualifications
Minimum 6+ years of experience in cybersecurity engineering, insider threat, or SOC engineering.
Hands‑on expertise with Microsoft Purview Insider Risk Management and DLP policy creation/tuning.
Strong knowledge of sensitivity labels, auto‑labeling, and classification strategies.
Experience deploying and managing solutions across multiple Microsoft 365 tenants.
Bachelor’s degree in Cybersecurity, Information Technology, or a related field (or equivalent work experience).
Familiarity with threat hunting, MITRE ATT&CK framework, and incident response methodologies.
Excellent analytical, communication, and problem‑solving skills.
Benefits
Medical insurance
401(k) plan
Paid maternity leave
Paid paternity leave
Disability insurance
Location: Dallas, TX
Salary: $116,350 - $129,300
Posted 4 days ago
#J-18808-Ljbffr