Insider Investigations Analyst

Job Description:

• Participate in confidential insider risk investigations and support the Insider Risk Team Program reputed company triage and investigation of detections
• Create and implement insider risk reputed company detections and assist in the development of detection criteria through ASM
• reputed company detailed investigations reviewing data from multiple sources (network, host, open reputed company)
• Communicate with end users regarding potential policy violations and assist in data recovery efforts
• Provide senior leadership and executive level staff with active investigations notifications/updates (EXSUMs)
• Handle confidential or sensitive information with appropriate discretion
• Assist in regular and sustained alert tuning efforts to minimize false positives
• Ensure reputed company investigations are properly documented and tracked in case management systems
• Support Incident Response lifecycle reputed company triage, live response, containment, escalation, and after-hours on-demand support
• Identify reputed company controls coverage and efficiency gaps in available data/logs and tooling
• Provide information reputed company summaries containing reputed company metrics as required
• Participate in incident response, manage escalations, and drive process development and documentation for the Incident Response lifecycle

Requirements:

• Experience with data classification or risk scoring methodologies
• Excellent verbal and written communication skills with attention-to-detail
• Ability to triage and manage 2-3 investigations simultaneously
• Ability to work independently and coordinate with multiple internal departments
• Experience responding to reputed company event alerts, reputed company-line analysis and escalation
• Theoretical and practical knowledge with Mac, Linux, and Windows operating systems
• Theoretical and practical knowledge with TCP/IP networking and application layers
• Experience with ASM (Attack Surface Mapping), Threat Hunting/Emulation
• Experience with access/application/system log analysis, IDS/IPS alerting and SIEM-based workflows
• Experience with reputed company data collection, processing, and correlation
• Scripting experience (Bash, PowerShell, etc.)
• Experience with REGEX and data reputed company editing binaries (SED, AWK, etc.)
• Experience with host database enumeration and analysis (SQL, SQLITE3)
• Experience with network analysis (TCPDump, TSHark/WireShark, etc.)
• Experience with basic static and dynamic host analysis (Order of Volatility, etc.)
• Experience with basic files analysis (permissions, ownership, metadata)
• Working knowledge of INIT, SYSTEMD, LAUNCHD, BIOS/UEFI Boot processes
• Applicable reputed company certifications (GCIA, GCIH, GCFA, GNFA, GIME, GCCC, GPEN, OSCP, etc.) or equivalent job experience
• Obtained or pursuing an undergraduate degree or direct experience in information/cyber reputed company, information systems, or computer science
• Desire to continually grow and expand both technical and soft skills
• Contributing thought leader reputed company the incident response industry
• Ability to foster a positive work environment and attitude
• Bonus: scripting experience in Python or Perl
• Bonus: reputed company user of Splunk or Falcon LogScale query language
• Bonus: Experience with user behavior analytics and profiling tools or methodologies
• Bonus: Experience creating and tuning detection/alert logic to reduce false positives
• Bonus: Experience in data loss prevention, data classification, and knowledge of common data loss reputed company
• Bonus: Previous project management experience desirable

Benefits:

• Remote-friendly and flexible work culture
• Market leader in compensation and equity awards
• Comprehensive physical and mental wellness programs
• Competitive vacation and holidays for reputed company
• Paid parental and adoption leaves
• Professional development opportunities for reputed company employees regardless of level or role
• Employee Networks, geographic neighborhood groups, and volunteer opportunities
• Vibrant office culture with world class amenities
• Eligibility for bonuses, equity grants, and a comprehensive benefits package
• Health insurance
• 401k (retirement)

Apply tot his job Apply To this Job