Insider Threat Analyst

December 13

Apply Now

Receive Emails with Similar Jobs

RTX

WebsiteLinkedInAll Job Openings

Advanced sensors • aerospace • aerostructures • avionics • air and missile defense systems

10,000+ employees

Founded 2020

🚀 Aerospace

Description

• Perform log analysis to detect anomalies, leveraging expertise in security operations tools to monitor and safeguard sensitive data. • Utilize behavioral analytics and endpoint security solutions to identify and investigate unusual patterns. • Monitor potential data exfiltration points using data loss prevention tools and other security solutions to detect and prevent unauthorized transfers. • Apply Open-Source Intelligence (OSINT) techniques to gather and analyze publicly available information related to insider threats. • Identify insider threat trends and patterns to assist content teams in the development of new detection rules and models. • Articulate the implications of the risks relative to insider threats and educate team members, peers and stakeholders on the potential impacts. • Review data, alerts and behaviors to identify potential concerns from multiple angles, gather information and understand and articulate information gaps needed to inform decisions. • Work independently and with teams to define and complete analysis activities. • Document findings in a manner that technical and non-technical stakeholders understand and can articulate findings to leadership and peers. • Perform initial analysis on data from systems to identify unexpected or malicious activity across channels while understanding how activity fits into the threat landscape. • Assist in building processes, procedures and training for the insider threat team. • Collaborate with stakeholders to provide suggestions and feedback for validation and improvement of various tools, models, and processes. • Stay updated on the latest developments and trends in insider threats, emerging and/or advanced persistent attack vectors, and industry best practices, incorporating this knowledge into RTX’s defense strategies.

Requirements

• Typically requires a University Degree or equivalent experience and a minimum 5 years of experience, or an Advanced Degree and a minimum 3 year’s experience. • Minimum 5 years supporting a cyber insider threat program and/or a cyber incident response team, including at least 3 years with cybersecurity tools and technologies used to detect and mitigate insider threats, including, but not limited to security information and event monitoring (SIEM), user entity and behavior analytics (UEBA), user activity monitoring (UAM), data loss prevention (DLP) technologies and endpoint security solutions. • The ability to obtain and maintain a U.S. government issued security clearance is required.

Benefits

• Parental (including paternal) leave • Flexible work schedules • Achievement awards • Educational assistance • Child/adult backup care