PeopleTec Insider Threat Analyst (#899054) in Colorado Springs, Colorado

PeopleTec is currently seeking an Insider Threat Analyst to support ourColorado Springs, CO location.PeopleTec is currently seeking an experienced, talented Insider ThreatAnalyst with active Top Secret clearance and currently SCI eligible. The idealcandidate will have a solid understanding of incident response, insiderthreat investigations, forensics, cyber threats and information security.Additionally the ideal candidate is familiar with insider threat monitoringsoftware, host-based forensic tools, intrusion detection systems,intrusion analysis functions, security information event management(SIEM) platforms, endpoint threat detection tools, security operationsticket management and the ability to help create insider threat focuseddashboards, reports and workflow diagrams. The selected candidate willconduct advanced security event analytics, insider threat monitoring, loganalysis, host-based forensics (as required), incident response, andcase management. The analyst will gather, integrate, review, assess,and respond to information derived from all-source indicators to includesystem information, counterintelligence, cybersecurity,contractor/civilian/military personnel management, anti-terrorism riskmanagement, law enforcement, and any specifically tasked monitoring asdirected. Strong written and verbal communications skills are a MUST.Required Skills/Experience:Must have experience as an all source analyst supporting tactical and/orstrategic levels.Must have Subject Matter Expert (SME) experience in the following areas:Insider Threat, User Activity Monitoring, Counterintelligence, PersonnelSecuriStrong analytical and technical skills in Computer Network DefenseOperations, ability to lead efforts in Incident Handling (Detection,Analysis, Triage), Hunting (anomalous pattern detection and contentmanagement) and Malware Analysis.The ability to conduct technical analyses of user activity data and alerts toidentify reliable indicators of insider threats.Previous hands-on experience with a Security Information and Event Monitoring(SIEM) platform and log management systems that perform log collection,analysis, correlation, and alerting.Work with Threat Intelligence team members to refine alerts based on triageresults and current events (as allowed).Experience with Cyber Security, Insider Threat, and Policy ViolationInvestigations, and conducting supporting investigations.Conduct threat analysis, provide assessments of threats andvulnerabilities, produce investigative leads, uncover policy violations,assess risk posed by trusted insiders, and oversee the data collectioneffort on subject networks using provided tools.Ability to develop rules, filters, views, signatures, countermeasuresand operationally relevant applications and scripts to support analysis anddetection efforts.Conduct data analysis of insider threat auditing and monitoring softwaresystems to detect, identify and refer threats to the appropriate entities,including reviews of Intelligence Information Reports (IIRs) and othersources providing related information gathering for a centralized analysis,reporting, and response capability.Provide input to leadership when vulnerabilities are identified.Ability to work on-call during critical incidents or to support coveragerequirements (including weekends and holidays when required).Proficiency in report writing a technical writing sample and technical editingtest will be required if the candidate has no prior published intelligenceanalysis reporting, excellent verbal and written communications skills andability produce clear and thorough security incident reports and briefings.Travel: 5% (or less)Must be a U.S. CitizenAn active DoD Top Secret/SCI (or Top Secret with SCI eligibility)clearance is required to perform this work. Candidates are required to have anactive Top Secret/SCI (or Top Secret with SCI eligibility)clearance uponhire, and the ability to maintain this level of clearance during theiremploymeEducation Requirements:S