Insider Threat Associate

Within GS the Insider Threatteam is responsible for identifying potential threats against the firm and its workforce from internal actors and developing strategies to mitigate those threats to protect the firms reputation workforce clients and assets. TheInsider Threat program is one of the enterprise-wide initiatives of strategic importance to GS and JPMC senior mission is to support firm-wide efforts through data-driven identification analysis research and mitigation of insider threats.

As an Insider Threats Associate within the Insider Threats Team you will be responsible for defining detecting and analyzing behavioral and technical indicators to assess risks and potential threats to the firm. You will lead the triage of insider incidents produce insider context analyses and risk assessments and develop and deliver cutting-edge enterprise-wide solutions for the detection and mitigation of insider threats. You must be a highly motivated team member with strong interpersonal and technical skills capable of working effectively amidst ambiguity and adjusting workload to meet evolving priorities. You should be comfortable operating in a fast-paced environment while collaborating with a diverse set of stakeholders and decision-makers.

Job Responsibilities

• Executing day-to-day operations and critical strategic deliverables in accordance with legal and privacy requirements and expectations.
• Work as part of the team of analysts conducting triage of events generated by detection use cases producing contextual data-driven analyses of insider incidents risk analyses and threat assessments.
• Facilitate the referral of anomalous and suspicious activity for investigation escalation of critical information to Subject Matter Experts (SMEs) and cross-functional coordination of mitigation strategies.
• Monitor internal and external intelligence sources for notable insiderevents and contribute to topological analyses of insider incidents as an assessment of risk and response actions
• Provide SME-level support on insider threat matters leveraging knowledge of insider threats cyber security and counterintelligence.
• Communicate complex problem sets in succinct and clear manner that is understandable to a variety of stakeholders audience.
• Support compliance in strengthening the firm-wide control environment.

Required qualifications capabilities and skills

• 3 years of work experience supporting an insider risk/threat program
• Direct experience performing analytical and/or investigative workas an analyst/senior analyst in industry or government.
• Experience in assessing complex threats scoping and developing mitigation strategies in coordination with cross-disciplinary global teams.
• Undergraduate degree related to Intelligence Studies Forensic Science Security Studies Computer Science Cybersecurity Data Analysis or a related field.
• Experience conducting risk assessments and in-depth multi-source research on threat actors tactics techniques and emerging trends to inform risk scenarios.
• Experience evaluating control environments and developing mitigation strategies as a solution to control gaps.
• Strong interpersonal skills written and verbal communication and experience with executive level briefing.
• Ability to think independently creative problem-solving abilities and a passion for experimenting and developing new innovative solutions to complex problems.
• Experience implementing and managing workstreams facilitating stakeholder engagement issue management and managing timely on-budget delivery of executables.
• Proficiency with MS Office suite.

Preferred qualifications capabilities and skills

• Experience in or knowledge of the private sector including but not limited to the financial industry
• Insider Threat (e.g. CERT courses CCITP GCITP FIAT etc.) Counterintelligence analytical and/or security tradecraft training and certifications
• Behavioral Science/ Behavioral Analysis/Behavioral Threat Assessment experience or training
• Experience with insider threat technical solutions and data analytics platforms including but not limited to User Activity Monitoring (UAM) and User Behavior Analytics (UBA) principles and tools rules and policy engines
• Experience with SQL data query analytical tools and visualizations