Insider Threat Operations Center (ITOC) Analyst

Sentar is proud to be an employee-owned company fostering a culture of empowerment collaboration and innovation. Sentar is dedicated to developing the critical talent that the connected world demands to create solutions to address the convergence of cybersecurity intelligence analytics and systems engineering. We invite you to join the team where you can build innovate and secure your career.

Sentar is seeking an Insider Threat Operations Center (ITOC) Analyst!

Role Description:

The Insider Threat Operations Center (ITOC) Analyst / Technical Lead supports enterprise Insider Threat programs by conducting technical analysis of user activity data and alerts to identify indicators of malicious negligent or risky insider behavior. This role supports civil workplace counterintelligence and law enforcement inquiries and investigations while ensuring protection of legal rights civil liberties and privacy.

At the Analyst level the role focuses on alert triage behavioral analysis reporting and investigative support. At the Technical Lead level the role provides operational leadership quality control prioritization stakeholder coordination and strategic oversight of Insider Threat operations.

This position works closely with Defensive Cyber Operations (DCO) teams Operations Watch Officers subscriber Insider Threat Program Managers and U.S. Government partners to ensure effective compliant and mission-aligned Insider Threat detection and response..

Duties and Responsibilities
Common Responsibilities (All Levels)

• Conduct technical analysis of user activity data and alerts to identify potential insider threat indicators
• Triage alerts by correlating insider threat data with additional data sources to assess risk and intent
• Develop hypotheses and perform behavioral analysis using available tools and datasets
• Support directed requests in support of civil workplace counterintelligence or law enforcement investigations
• Incorporate complex data flows and contextual information into analysis and investigative assessments
• Produce concise accurate and timely analytical reports for Insider Threat stakeholders and leadership
• Present analytical findings to team members and management in a clear actionable manner
• Refine alerts based on triage results current threat activity and operational feedback
• Contribute to development and improvement of Insider Threat processes procedures and documentation
• Collaborate with Operations Watch Officers and analysts to support investigations campaigns and events

Required Skills

• Strong understanding of insider threat analysis and user activity monitoring
• Experience analyzing host-based data and behavioral indicators
• Ability to synthesize complex data into clear analytical conclusions
• Strong written and verbal communication skills
• Ability to operate with discretion and sound judgment in sensitive investigative environments
• Ability to work independently and collaboratively in a team environment

Desired Skills

• Bachelors degree from an accredited institution
• One (1) or more years of scripting or programming experience within the last three (3) years including languages such as PowerShell Python Ruby Shell/Bash Java C/C C# Perl or PL/SQL
• Knowledge of data science techniques such as anomaly detection and machine learning
• Expert-level understanding of insider threat indicators user activity data and behavioral analysis
• Familiarity with foreign intelligence entity tactics techniques and procedures
• Experience working in multi-tenant or service provider environments
• Experience supporting Department of Defense or Intelligence Community Insider Threat programs

Qualifications:

Clearance Level:

• Minimum of a Secret Clearance with ability to obtain Top Secret/Sensitive Compartmented Information (TS/SCI)

Experience:

• Analyst: Minimum of three (3) years of experience supporting Department of Defense or Intelligence Community Insider Threat programs
• Subject matter expertise with Executive Order 13587 Director of National Intelligence National Counterintelligence and Security Center Insider Threat Task Force standards and Department of Defense Insider Threat regulations and guidance (Technical Lead level)

Certifications:

• Department of Defense (DoD) 8570 Information Assurance Technical Level II

Minimum qualifications:

• U.S. Citizenship required.
• Demonstrated experience leading or overseeing insider threat operations.
• Knowledge of user activity monitoring host-based data analysis and alert triage.
• Strong analytical leadership and communication skills.

Travel:

• Up to 10% travel may be required

Preferred Qualifications:

• Minimum of one year of scripting or programming experience in PowerShell Ruby Python Shell/BASH Java C/C C# Perl PL/SQL or other related languages within the last three years.
• Knowledge of data science techniques such as anomaly detection and machine learning.
• Expert-level understanding of insider threat analysis user activity data and host-based data analysis.
• Experience with the modus operandi of foreign intelligence entities international threat organizations and associated cyber capabilities and operations.
• Bachelors Degree from an accredited university.

Highly desired

• Experience in support of Department of Defense (DoD) or Intelligence Community (IC) Insider Threat programs and subject matter expertise in:
  • Executive Order (E.O.) 13587
  • Director of National Intelligence (DNI) National Counterintelligence and Security Center (NCSC) Insider Threat Task Force Standards
  • DoD regulations and guidance regarding Insider Threat
• Experience working in a multi-tenant or service provider environment

Benefits at Sentar:

Our unique ownership model attracts top talent giving employees the freedom to take initiative and drive meaningful addition to cultivating a thriving and inclusive work environment Sentar offers an extensive benefits package designed to support the well-being of employees and their families. Employee ownership is the foundation of our culture promoting participation teamwork and accountability while ensuring long-term financial security and a commitment to excellence.

• Voluntary Medical Dental Vision with Health Savings or Flexible Spending Plan options
• Voluntary Life Critical Illness Accident and Long Term Care insurance options
• Group Term Life Short-Term and Long-Term Disability is provided by Sentar to all qualifying employees
• Generous 401(k) match
• Competitive PTO plan that graduates quickly with years of service
• Other leave programs; holiday schedule along with bereavement maternity jury and military duty
• Mental health awareness programs
• Tuition reimbursement
• Professional development reimbursement
• Recognition and Awards programs

If you are not ready to apply for this position submit your resume here to join our talent community. Well keep you updated occasionally on new job opportunities.

Sentar is an Affirmative Action and Equal Opportunity Employer M/F/Vets/Persons with Disabilities

Our culture is one of inclusivity and support. Sentar is proudly an Equal Opportunity and VEVRAA Federal Contractor Employer M/F/Vets/Persons with Disabilities. Follow these links to learn more about your rights: EEO Is the Law Poster; EEO Is Law Supplement; and Pay Transparency.

We want you to build your career at Sentar so if you are an individual with a disability and require a reasonable workplace accommodation applying for a job or at any point in the employment process contact the Recruiting Manager at . Please indicate the specifics of the assistance needed. Thank you for considering Sentar in your employment search.

Build Innovate Secure Your Career at Sentar.