HiringCafe
Posted 2d ago

Insider Threat Analyst

@ Charles Schwab
View All Jobs
Orlando or Phoenix
$98k-$106k/yrHybridFull Time
Responsibilities:analyze data, develop rules, coordinate incidents
Requirements Summary:Experience in cybersecurity, threat analysis, and data-driven decision making; familiar with SIEM/UEBA/EDR/DLP; strong communication and analytical skills.
Technical Tools Mentioned:SIEM, UEBA, EDR, DLP, SQL
Save
Mark Applied
Hide Job
Report & Hide
Job Description

At Schwab, you’re empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us “challenge the status quo” and transform the finance industry together.

 

We are expanding our Insider Threat Operations Team. This role supports and analyzes threat detection for the Cybersecurity Defense Insider Threat program.

 

This resource will work with a team of analysts in the identification and development of new processes and techniques to analyze information with the goal of detecting risks and gaps in the areas of people, processes, and technology. This resource will also utilize understanding of Insider Threat principles to identify trends and patterns which can assist in the development of new detection rules and models.

 

The role offers a hybrid/flexible schedule, which means there’s an in-office expectation of 4 or more days per week and the flexibility to work outside the office location for the other day.

 

What you have:

 

You are discreet, thoughtful, and seek to coordinate systemic, cross functional solutions to mitigate risk. You are adept at translating complex problems into ‘byte-sized’, readily implemented (and preferably automated) solutions. You are familiar with Insider Threat technologies (such as Security Information Event Management - SIEM, User Entity Behavioral Analytics - UEBA, Endpoint Detection and Response - EDR, Data Loss Prevention - DLP) and have an understanding of investigations and/or the intelligence cycle.

Required qualifications:

  • Understanding of computer networking concepts, communication protocols, primary threat actor attack methods and tools
  • Competent in collecting, analyzing, and interpreting qualitative and quantitative data from multiple sources, documenting results, and analyzing findings to provide viable threat intelligence
  • Ability to understand and learn technical specifications, system requirements and other application design information as needed
  • Detail-oriented person who is passionate about quality and is enthusiastic about innovative technology offerings
  • Strong verbal and written communication skills and you are comfortable composing briefs and assessments for leadership
  • Familiar with analytical programming languages such as SQL
  • Ability to thrive in ambiguity and rapid change
  • Comfortable with process flow diagrams
  • Familiar with applying Agile Methods
  • Basic understanding of a variety of security and compliance policies and incident response processes
  • Experience monitoring and analyzing Data Loss Prevention (DLP) and Database Activity Monitoring (DAM) incidents to ensure compliance with company policies
  • Ability to exercise sound judgment when determining which events require follow-up response or escalation
  • Comfortable working with internal customers to respond to escalations
  • Maintaining incident documentation, analyzing incident trends
  • Experience maintaining and generating audit evidence for internal and external regulatory compliance
  • Ability to function as a technical conduit between IT and the business

 

Preferred qualifications:

  • 4 - 7 years related experience including developing requirements, designing, and executing test cases in insider threat and data loss prevention
  • Bachelor’s degree in computer science or related field