IT Concepts is hiring a
User Access Management Analyst

Summary

IT Concepts is seeking a remote UAM Analyst with at least 8 years of experience and a Bachelor's Degree. The role involves data triage, investigating anomalous events, drafting reports, and collaborating with the Security Operations Center to resolve insider threat incidents. The ideal candidate should have proficiency in UAM, DLP, UBA tools, SIEM systems, and network monitoring; excellent written and verbal communication skills; familiarity with data privacy regulations, civil liberties, and security compliance; experience in incident management and documentation; and proven ability to perform after-action reviews, make recommendations for remediation, and support the development of future mitigation strategies.

Requirements

• Minimum 8 years of relevant experience is required with a Bachelor’s Degree
• 2 years of experience is required with Forcepoint
• Proficiency in UAM, DLP, UBA tools, SIEM systems, and network monitoring; strong analytical skills for triaging and investigating anomalous events
• Excellent written and verbal communication skills for drafting reports, providing notifications, and collaborating with team members
• Familiarity with data privacy regulations, civil liberties, and security compliance; experience in incident management and documentation
• Proven ability to perform initial discovery, analyze alerts, and draft detailed investigative reports
• Experience in managing highly complex IT projects, including coordinating with multiple stakeholders and ensuring timely and effective resolution of issues
• Demonstrated ability to perform after-action reviews, make recommendations for remediation, and support the development of future mitigation strategies

Responsibilities

• Conduct data triage of anomalous events collected by approved User Activity Monitoring (UAM), Data Loss Prevention (DLP) and other client network and endpoint monitoring tools
• Elevate and investigate anomalous events of concern within the boundaries of agency policies
• Monitor all types of network activity using the agency provided UAM and User Behavior Analytics (UBA) tools to identify and report on viable response options
• Provide the initial discovery and analysis of UAM alerts applying intelligence community analytic standards and critical thinking prior to submitting to the Insider Threat Project Lead for the purpose of determining the potential referral decisions/actions
• Provide timely notification to designated personnel if a potential insider anomaly is detected. Draft comprehensive analytical and investigative reports and referrals that highlight activity or behavior that may be indicative of an insider threat/risk to SSA
• Process Insider Threat UAM alerts and preserve the activity logs for potential future investigational viability and/or operational capability, ensuring the availability, compliance with data privacy and security regulations, while preserving the privacy and civil liberties of the SSA workforce
• Perform after action reviews of past system alerts, to determine scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable development of future remediation and mitigation efforts
• Collaborate with and provide expert technical support to the agency Security Operations Center defense technicians to resolve insider threat incidents and provide recommendations to address and assist with resolution of any issues identified

Preferred Qualifications

• Ability to obtain certifications in ForcePoint policy writing, extensive scripting experience, Network Analysis, Microsoft Desktop Administrator, or equivalent certifications
• Security+CE, CCNA Security, CySA+, GICSP, GSEC, CND or SSCP

Benefits

• Competitive Paid Time Off
• Medical, Dental and Vision Insurance
• Identity Theft Protection
• Legal Resources Coverage
• 401(k) with company matching with NO vesting period
• ITC Health benefits have a $0 premium for certain plans for eligible employees
• Education reimbursement for certifications, degrees, or professional development
• Virtual events and charity galas/events