Insider Threat And Dlp Analyst

Summary

Join NBCUniversal's Cyber Defense Operations team as an Insider Threat and DLP Analyst. Protect critical assets from internal threats and reduce overall risk. Serve as a subject matter expert in data loss prevention and insider threat escalation. Conduct sensitive investigations, monitor user activity, and analyze DLP alerts. Collaborate with various teams to address incidents and improve processes. This fully remote position offers competitive compensation and benefits.

Requirements

• 4+ years’ experience in computer forensics, investigations, or similar information security discipline
• Working knowledge and proven experience with current DLP and Insider Threat best practices and methodologies
• Demonstrated expertise in both working in and handling extremely confidential investigations
• Experience with forensic technologies such as EnCase, FTK, AXIOM, and Cellebrite (or the like)
• Experience with emerging cloud technology services and their effect on data security considerations
• Understanding of methods of internal and external data movement and exfiltration
• Ability to navigate a complex global network as part of the investigative research process
• Strong understanding of enterprise email systems including Office 365 and MS Exchange
• Experience in DLP/Insider Threat Investigations (Corporate/Law Enforcement/Government/Military)
• Experience with enterprise level SIEM and/or DLP tools such as Splunk, DataDog, LogRhythm, and EDR/UEBA tools like Crowdstrike, Carbon Black, or Exabeam (or the like)
• Bachelor of Science in Computer Science, Information Systems, Software Engineering, Criminal Justice, or any combination of education and relevant experience

Responsibilities

• Perform highly sensitive and confidential investigations, including some digital forensic analysis, involving internal risks such as employee misconduct, intellectual property theft, embezzlement, misuse, harassment, and physical security threats
• Lead proactive efforts to identify, disrupt, and protect NBCU from any internal threats that may undermine the integrity and operations of the business
• Work closely with HR, legal, and compliance teams to address insider threat incidents
• Monitor user activity and behavior to detect signs of potential insider threats
• Investigate suspicious activities and incidents related to insider threats
• Triage and Analyze DLP Alerts
• Contribute to the development of DLP policies, rules, and best practices
• Collaborate with IT and security teams to integrate DLP controls with other security measures
• Provide on call response as required for major event support
• Conduct high level forensic analysis of physical devices and other electronic data sources in support of internal investigations and other legal requests using forensically sound processes
• Provide subject matter guidance and work collaboratively with incident response and other cyber security teams in the event of a cross-functional investigation
• Drive continuous improvement across the Insider Threat team and its processes
• Utilize a range of data sources, systems, and tools to collect, search, recover, sort, and organize large volumes of digital evidence during all phases of the investigative process
• Develop behavior anomaly capabilities as the landscape evolves
• Maintain awareness of new tactics and techniques used by insider threats and industry best practices
• Assist team leadership with the development, collection, and publication of metrics that illustrate team performance and highlight obstacles thwarting team potential

Preferred Qualifications

• Self-starter with a sense of urgency who takes ownership and responsibility for service delivery
• Works independently with minimal guidance while also working collaboratively with the team to achieve strategic goals
• Professional, clear, and concise communication to both technical and non-technical audiences
• Excellent analytical ability, sharp attention to detail, creative problem solving, and consultative skills
• Proven organizational skills (time management and prioritization)
• Position requires access to highly sensitive confidential material; integrity and discretion are mandatory
• GIAC Certified Forensic Analyst - GCFA
• GIAC Certified Forensic Examiner - GCFE
• Certified Forensic Computer Examiner - CFCE
• Certified Information Systems Security Professional - CISSP

Benefits

• Medical, dental and vision insurance
• 401(k)
• Paid leave
• Tuition reimbursement
• A variety of other discounts and perks