Senior Risk Analyst
Senior Risk Analyst
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Job Description Summary
The Senior Risk Analyst within the Cyber Data Protection team will be responsible for responding to cyber data protection incidents as part of the SOC. Responsible for the detection design and testing of analytic frameworks processes procedures and controls. Responsible for threat identification indicator development data movement analytics data collection and analysis and identification of anomalous patterns of data movement. Participate in threat hunting and threat modelling activities.Job Description
Roles and Responsibilities
In this role you will:
Lead the development and execution of the detection analytics capabilities within the Insider Threat program including risk scoring models thresholds baselines key indicators and reporting.
Maintenance of a comprehensive response escalation process and procedures including the investigative processes.
Perform daily response operations that may involve occasional non-traditional working hours - act as escalation points where necessary.
Review of daily alerts triage violations raise cases and lead co-ordination of incidents across business and partner teams.
Improve state of our insider program and platforms by configuring and updating policies building the knowledge base metrics management and maturity overall.
Drive projects and work streams within the Insider Threat program including appropriate risk mitigation activities in the Data Protection space.
Lead log ingestion and threat modelling activities in partnership with application owners and analytics platform teams co-relate data and build policies to identify insider threats.
Create dashboards alerts and reporting in the analytics platform to identify trends risk indicators and highlight areas to address risk.
Participate in threat hunting activities support triage work and case management with appropriate teams.
Support relevant SOC tooling platforms infrastructure code and automation processes.
Education Qualifications
Bachelors degree in computer science or STEM Majors (Science Technology Engineering and Math) with advanced experience.
DesiredCharacteristics
Technical Expertise: (Hands-on)
Experience in anomaly detection data analytics behaviour analytics.
Experience detecting and responding to cyber incidents in a complex Information Technology environment.
Detailed understanding of Insider Threats DLP (Data Loss Prevention) Data-level Security and associated tactics.
Experience in a technical SOC (Security Operations Centre) environment.
Strong MS Sentinel experience (or other SIEM tools) in advanced reporting and alerting queries and data modelling.
Experience with UEBA tools (Ex. Securonix MS Purview etc.) highly beneficial.
Training in Information Security specific disciplines (CISSP Security SSCP SANS CERT CMU-SEI CEH certifications etc.).
IT infrastructure background including familiarity with:Applications Operating systems Cloud (Azure) Networks Databases Cryptography Identity & Access Management Proxies etc.
Experience with host-based detection and prevention suites host-centric tools for forensic collection and analysis and Network Security Monitoring tools.
Scripting and coding skills (Ex. PowerShell Bash Python Regex etc.).
Experience in working with Agile methodologies.
Leadership:
Strong interpersonal analytical organizational written and verbal communication skills.
Demonstrated ability to communicate and lead in a team-based setting.
Experience in large global environments spanning multiple time zones.
Providing mentorship to junior team members.
Ability to influence across organizations.
Personal Attributes:
Needs to be a self-starter.
Independent learner curious.
Successfully track multiple streams of work to completion.
#LI-TM1
Additional Information
Relocation Assistance Provided: No
Required Experience:
Senior IC
Employment Type
Full-Time
