IT Security - Fusion Center Team Lead

  • MPN Diversity Recruiters
  • Atlanta, GA, USA
  • 546 views
Full Time Consultant Engineering Information Technology Internet Software Development

Job Description

Employer: Client Confidential (Fortune 500) c/o MPN Diversity Recruiters

Job Type: Full-Time, Direct Hire by Client

Job Location: Atlanta, GA

 

POSITION SUMMARY:

A leading U.S. energy company seeks an IT security professional to join an Insider Threat Fusion Center in a technical leadership role. The candidate will directly support the company’s efforts to address real and potential insider threats to the company’s facilities, personnel, technology, operations, and brand. The selected candidate will serve as the Fusion Center Team Lead charged with: 1) managing the analytical work of the team, 2) advancing technical capabilities, and 3) coordinating programmatic elements with other company stakeholders.  

The Team Lead will leverage his/her background in leading others, managing technology/cybersecurity projects, program management, and cyber-physical threat analysis to identify and track potential insider threat activity, primarily using digital data sources. The successful applicant should have a demonstrable track record of successfully teaming with other organizational components to identify and mitigate risk in both the technology and human domains. The Team Lead will deliver clear and concise assessments, briefings, and reports to partners and executive leadership. The Team Lead will also need to understand operational risks at the corporate level and develop relationships across the company that will support coordinated response strategies based on the company’s Insider Threat Mitigation Program plan. The position will report to the Manager of Advanced Threat Hunting and Deterrence within the Threat Management and Intelligence Department.  

RESPONSIBILITIES: 

  • Spend about 50% of his/her time leading the Fusion Center Team in performing threat analysis, documenting and presenting findings, and improving existing methodologies for technical threat assessment
  • Spend about 50% of his/her time managing the programmatic aspects of the Fusion Center, including IT projects to create new capabilities
  • Lead the day-to-day operations of the Insider Threat Fusion Center
  • Lead the deployment of innovative data correlation tools and practices
  • Lead efforts to monitor and track activity that crosses risk thresholds and conduct inquiry to classify activity for further investigation and resolution
  • Understand and utilize relevant data sets, analytic techniques, and visualization tools to assimilate and interpret sources from across the company and identify potential insider threat behavior
  • Compare analytic results against known tactics, techniques and procedures historically associated with advanced insider threats
  • Communicate alerts on potential insider activity to cross-functional teams
  • Coordinate with working-level representatives to Fusion Center from key organizations such as human resources, general counsel, compliance, etc. for information sharing, situational awareness and determination of responsive action on insider threats
  • Lead the implementation of workflows for insider threat evaluations
  • Lead the production of defined-scope threat assessments to assist in mitigating identified insider vulnerabilities
  • Manage data loss prevention (DLP) capabilities to mitigate corporate risk
  • Provide operational and programmatic briefings to management
  • Support definition, monitoring, and reporting of effectiveness metrics on an ongoing basis

REQUIREMENTS:  

Minimum

  • BA/BS in computer science, technology, engineering or security-related field or equivalent experience
  • Minimum of five (5) years of relevant professional security experience, or three (3) years with Master’s degree
  • Independent thinker with strong analytical and problem-solving skills
  • Prior team leadership in a technology environment
  • Experience leading the enterprise deployment of new analytic tools in an IT environment
  • Understanding of best practices for detecting and classifying insider threats
  • Familiarity with behaviors and indicators, both physical and information systems-related, associated with insider threats
  • Demonstrated expertise using multiple analytic methodologies, programs, and tools in support of cyber and human threat analysis

Preferred Qualifications

  • Experience in security operations center environment
  • Experience communicating with senior stakeholders inside and outside the company
  • Insider Threat or Information Security certification such as ITPM or CISSP
  • Familiarity with insider threat-focused tool sets
  • Knowledge of best practices for tuning cybersecurity technologies to maximize probability of insider threat detection while minimizing false positives
  • Experience using DLP and User Behavioral Analytics (UBA) tools
  • Familiarity with global threats to the energy sector

How to Apply

***Qualified candidates only ****

 

Hiring Company is a Fortune 500 equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.

Education Requirements

Bachelor's Degree

Requisition Number

2007694