What does a successful Cyber Security Insider Threat Senior Analyst do at Fiserv?
You will provide application oversight, analysis, tuning, policy and rule management for the Insider Threat UEBA platform and identify use-cases; integrate data sources to identify insider risk activity
You will also perform deep analysis of large data sets and trends, identifying tuning, monitoring and control opportunities and partner with other Cyber Stakeholders to improve the security posture of the firm as it relates to insider risk/aid in maturing the Enterprise Insider Threat Program.
What you will do:
- Provide oversight of the Insider Threat UEBA application including rule-tuning, analysis, custom policy creation and related metrics & analytics
- Partner with Cyber Engineering on the management and maintenance of the system/application as it relates to tuning & rules
- Identify & prioritize use-cases, new detections (and improvements); identifying new data sources and correlations
- Partner with detection engineering on playbook automation and enhanced detection
- Reduce false positives and while improving fidelity of alerts and utilize network monitoring, data analytic, and other tools (UEBA/SEIM/DLP) to identify anomalous activity, initiate investigations and decipher underlying trends
- Perform security reviews, cyber defense trend analysis and open-source research, partnering with Threat Intelligence on emerging risks
- Develop and maintain ITP performance measures, metrics, trends and risk metric-indicators
What you need to have:
- 5+ years’ experience in Insider Threat UEBA platforms, Machine Learning /Risk Score methodologies/concepts, SIEM, SOAR, Case Management
- 3+ years’ experience in EDR, NDR, DLP, CASB solutions and in conducting trend analysis
- 2+ years’ experience in security principles on identity & access management, network security, endpoint security, vulnerability management and Application Security
- 2+ years’ experience in collecting data from a variety of cyber defense resources and ability to interpret information collected to recognize threats and in incident response/handling methodologies and computer networking protocols, and network security methodologies.
- 1+ years’ experience in global data protection privacy regulations
- Bachelor’s degree or an equivalent combination of education, work, and military experience along with active C6 security clearance or ability to obtain one post-hire
What would be great to have:
- 2+ years’ experience in technical investigations, HUMIT, Counter-Intelligence, and/or law enforcement and training and/or experience with financial crimes
- 2+ years’ experience in data science and analytics solutions applicable to the insider threat detection space
- 1+ years’ experience in programming, scripting and query languages such as Python, bash, SQL
- Certifications such as CMU CERT ITPM/ ITVA, CCITP, CISM, CDPSE or similar
#LI-RM
R-10343395