Insider Threat Detection Engineer
Insider Threat Detection Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Hello I am Kishore Mandaloju from TechnoGen Inc. we are collaborated with US based Clients and working for different positions from past many years and placed many of the consultants. I am currently looking for Insider Threat Detection Engineer
for one of our clients. Below is the job description for your review Please let me know if you would be interested and please attach your updated resume at kishore.m@
Role: Insider Threat Detection Engineer
Location: Woodlawn MD - Onsite
Duration: Long Term Contract
Key Skills:
User Activity Monitoring UAM Splunk Ansible Python or JSON SOP Development and Documentation Working knowledge of DLP EDR or behavioral analytics platforms Experience with endpoint monitoring tools SIEM/SOAR integrations and identity-based risk scoring Network Firewall Knowledge Technical Engineering and Automation Cyber Threat Detection & Analysis Policy SOP Development & Reporting
Position Description:
Technical Engineering and Automation
Engineer implement and maintain User Activity Monitoring (UAM) solutions ensuring continuous visibility into user behavior and privileged activity.
Build and maintain Splunk dashboards to visualize UAM data insider threat indicators and program metrics.
Automate repetitive tasks and data pipelines using Ansible Python or JSON to enhance detection alerting and reporting efficiency.
Support integration of UAM with other enterprise cybersecurity tools and platforms (e.g. SIEM DLP EDR SOAR).
Collaborate with the SOC forensic analysts and cyber threat intel units to enrich UAM data with contextual intelligence.
Cyber Threat Detection & Analysis
Develop and refine methods to extract analyze and correlate data from Clients IT systems to proactively detect potential insider threats.
Monitor and analyze trends in cyber activity and anomalous behavior to assess risks to Clients confidentiality availability and integrity.
Leverage feeds incident reports and threat briefs to assess relevance to Clients environment and enhance the programs threat modeling capability.
Collaborate with internal partners such as the cyber threat intelligence supply chain risk and forensic investigation teams to share findings and develop holistic mitigations.
Policy SOP Development & Reporting
Assist with the enhancement and documentation of enterprise-wide Standard Operating Procedures (SOPs) related to Insider Threat use cases and detection logic.
Prepare and present insider threat briefings to program leadership and executives following agency writing and presentation standards.
Contribute to Insider Threat Work Status Reports with detailed analytics visuals (charts/dashboards) and recommendations.
Skills Requirements:
FOUNDATION FOR SUCCESS (Basic Qualifications)
Bachelors degree in Cybersecurity Information Technology Computer Science or a related field.
Proven experience in cybersecurity insider threat analysis or a related area.
Demonstrated experience deploying and managing User Activity Monitoring (UAM) solutions in production.
Proficiency in Splunk including dashboard development data ingestion and search optimization.
Hands-on skills with Ansible Python and JSON for automation and data parsing.
Solid understanding of networking and firewall fundamentals including how monitoring tools interact across segmented architectures.
Familiarity with Palo Alto Networks firewalls and their logging capabilities (useful for correlating user activity across layers).
Strong analytical and problem-solving skills; ability to make data-driven recommendations.
Excellent written and verbal communication skills particularly in conveying technical insights to leadership.
Must be able to obtain and maintain a Public Trust. Contract requirement.
FACTORS TO HELP YOU SHINE (Required Skills)
These skills will help you succeed in this position:
Demonstrated experience deploying and managing User Activity Monitoring (UAM) solutions in production.
Ability to make decisions based upon analysis of documentation.
Experience with endpoint monitoring tools SIEM/SOAR integrations and identity-based risk scoring.
Working knowledge of DLP EDR or behavioral analytics platforms in support of insider threat detection.
Experience working in a classified environment and delivering briefings in SCIF settings.
Understanding of NIST 800-53 and related to Insider Threat Programs.
HOW TO STAND OUT FROM THE CROWD (Desired Skills)
Showcase your knowledge of modern development through the following experience or skills:
Experience with federal regulatory requirements and compliance standards related to cybersecurity.
Knowledge of programing Splunk automation network and firewall operations.
Familiarity with security tools and technologies used for threat detection and analysis.
Security certifications (e.g. CISSP CISM CEH CompTIA Security) are a plus.
Education:
Bachelors degree with 7 years of experience
Must be able to obtain and maintain a Public Trust. Contract requirement.
Thanks & Best Regards
Kishore Mandaloju
TechnoGen Inc.
kishore.m@
Employment Type
Full-time
