Job Title: Information Security Engineer
Location: Baltimore, MD
Contract to Hire
High level JD is given below:
· Good understanding of security (sec engineering or sec ops background is a plus)
· Prior understanding of SIEM and correlation rules would be helpful. Hands on SIEM configuration and customization experience helps
· Working knowledge of Data collection from Log and subsequent analysis
· Ability to create various rules based on the data collected, to identify and prevent insider threats
· Thorough understanding of security concepts, DLP concepts and end to end security incident management concepts
· DLP engineering knowledge and some DLP operations knowledge is required
· Strong BA skills is a must (requirement analysis, use case development, documentation, validation of rules, collecting inputs, doing research to understand industry best practices, ability to develop rules to identify insider threats, independent thinker and Go getter attitude
· Security Certification like CISSP helps
· Continuously evaluate changes in actors, tactics, techniques and targets to enhance threat scenarios and use cases and make recommendations to ensure technology strategy maintains pace with changing insider threatlandscape.
· Provide recommendations and facilitate changes to optimize technical controls.
· Evaluate historical events and incidents to identify trends and methods of data loss.
· Proactively analyze data, perform research and verify information to ensure the continued growth and accuracy of the Use Case Catalog.
· Assist with planning and execution of Insider Threat training.
· Execute special projects as required. Coordinate response activities with various stakeholders for ongoing monitoring, analysis, remediation, and recommend mitigation strategies.
· Support the development of Senior Management reports including metrics on Insider Threat activities.
· Develop and maintain working relationships with lines of business, and key partners and stakeholders including Technology, Cyber Analytics, Security Operations, Physical Security, Incident Management, Legal, HR and others to guide risk mitigation efforts.
· Leverage existing data mining tools and security monitoring tools to collect, search, sort, and organize large amounts of information.
· Minimum 5 years of relevant insider threat, investigative or counterintelligence experience
· Knowledge of incident response and crisis management
· Awareness of latest cybersecurity trends and developments
· Strong analytical and creative problem solving skills and experience with interpreting requirements and implementing use cases.
· Strong interpersonal and leadership skills Strong oral and written communications skills
· Demonstrated success in working closely with Technology, Security, Legal, HR, external Intelligence community, etc.
· Demonstrated expertise in working with and handling extremely sensitive materials
· Ability to work in a work in a fast paced environment including translation of complex concepts and issues into insights for Senior Management and non-technical audiences
· Ability to collect and analyze qualitative and quantitative data
· Ability to work independently on initiatives with little oversight
· Familiarity with Symantec DLP, Qlikview, Splunk, Securonix, Varonis
· Familiarity with computer system hardware and software including, operating systems, databases, interfaces, and logging.
· Bachelor's Degree or equivalent experience
· CRISC, CISSP, CISM or other relevant Information Security certification