Insider Threat (Delivery Center- Remote)

risks

• Implement federal government and industry standards and best practices regarding insider threat programs, including development and maintenance of programmatic gap analyses and implementation roadmaps

• Assist in the creation of a Gap Analysis on current tools used for the Insider Threat program and make recommendations on industry best practices

• Conduct day-to-day analysis of complex and technical data sources to identify actions, behaviors, or incidents that may be indicative of risky activity or an insider threat/risk.

• Develop and maintain a convergence model for insider threat mitigation that reduces risk to client's personnel and assets, both overall and within the client's regional operating divisions

• Develop and improve insider threat modeling that leverages Security Information and Event Management (SIEM), User Behavior Analytics (UBA), Data Loss Prevention (DLP), User Activity Monitoring (UAM), and automated solutions in place.

• Assist in the oversight of the implementation, tuning, and maturation of User Activity Monitoring (UAM).

• Routinely brief program leadership and key stakeholders regarding insider threat inquiries, case development, and key findings leading to successful incident mitigation.

• Leverage industry-leading interpersonal skills to coordinate with client's business and technology leaders to develop and maintain programmatic solutions to insider threats.

• Lead and assist in the investigation of all incidents involving insider threats.

The team

Deloitte's Government and Public Services (GPS) practice - our people, ideas, technology and outcomes-is designed for impact. Serving federal, state, & local government clients as well as public higher education institutions, our team of more than 15,000 professionals brings fresh perspective to help clients anticipate disruption, reimagine the possible, and fulfill their mission promise.

At Deloitte, we believe cyber is about starting things-not stopping them-and enabling the freedom to create a more secure future. Cyber Strategy, Defense and Response (SDR) focuses on helping federal clients design and implement transformational enterprise security programs with an emphasis on defending against, recovering from, and mitigating major cyberattacks. If you're seeking a career that increases cyber awareness, utilizes risk management programs, and develops strategies for cyber defense and response, then the Cyber SDR offering at Deloitte is for you.

Qualifications

Required:

• Bachelor's degree required.
• Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.
• Must be able to obtain and maintain the required clearance for this role.
• Ability to travel 15%, on average, based on the work you do and the clientsandindustries/sectorsyou serve
• 4+ years of investigations or intelligence work experience involving insider threat investigations, technical investigations, financial fraud investigations, and/or counterintelligence.
• 1+ years of experience in a leadership role
• 3+ years of experience with common Insider Threat tools (SIEM, UEBA, DLP, etc.)
• 2+ years of experience directly supporting an Insider Threat program
• Technical UEBA experience is required. Proficiency with tools such as Splunk (UBA, ES and SOAR), Tanium, Trelix DLP, Microsoft Defender ATP, and Microsoft Azure Security & Compliance Center