Usability Engineer for Security Investigations (BC)
Job Location: Jersey City, N.J.
Major Financial Firm
NO REMOTE WORK AND NO RELOCATION ASSISTANCE
MUST BE A US CITIZEN OR GREEN CARD HOLDER, MUST HAVE BACHELOR’S DEGREE
This position requires the ability to proactively work with others across the Enterprise to develop processes associated with User Behavior Analytics. The Analytics Specialist will collect investigative information, a broad array of log data, and knowledge of endpoint forensics to build and refine the capabilities of our enterprise UBA tool. The Analytics Specialist will be tasked with other forensic activities relevant to User Behavior Analytics. The successful candidate will possess strong technical and interpersonal skills, will provide technical subject matter expertise and will have proven ability to handle multiple high-profile matters and work under pressure with minimal supervision.
Partner with Information Security team to serve as primary investigations-focused data analytics and UBA platform architect. Lead highly sensitive, complex, and confidential investigations into incidents of data loss and intellectual property theft, technology misuse, conflict of interest, and other types of matters. Actively work with partners across numerous cybersecurity and investigative focus areas. Perform real-time incident handling, including forensics collections and intrusion correlations and tracking.
Over 5 years professional experience, including at least two years of insider threat, UBA, or high-tech investigation program experience. Experience configuring and utilizing user and/or entity behavior analytics (UBA/UEBA) platforms. Knowledge of mainstream desktop/server operating systems (UNIX, Windows, OSX, Linux) and file systems (NTFS, exFAT, FAT, HFS/HFS+, APFS, EXT2/3/4). Excellent analytical and problem-solving skills. Excellent written and oral communication skills. Industry-accepted certifications (EnCE, CCE, GCFE, GCFA, GCFN, GCIH, GREM, CFCE, etc.). Bachelor's degree.
Advanced knowledge and experience using Splunk to execute complex search queries and generate reports. Advanced understanding of enterprise networking concepts and protocols. Experience with Data Loss Prevention concepts and tool sets. Experience with analysis of security events from multiple sources including but not limited to events from Security Information Monitoring (SIEM) tools, network and host based intrusion detection systems, firewall logs, system logs (Unix and Windows), mainframes, mid-range, applications, and databases. Advanced understanding of common server, desktop, and mobile operating systems (Windows, OSX, Linux) and corresponding file systems (NTFS, FAT, HFS+, EXT, iOS, Android, etc.). Experience with Microsoft’s Protection Center and the greater Office 365 architecture. Experience with endpoint detection and response software.
Please contact Brian Clark at firstname.lastname@example.org
110K + Bonus
Recruiter LinkedIn Page