Technical Insider Threat Analyst with Security Clearance

Technical Insider Threat Analyst PKH Enterprises is seeking qualified individuals to support both government and private-sector clients in the development and implementation of insider threat and asset protection programs. Qualified candidates must have a strong working knowledge of insider threat program elements, digital forensics, governance models and overall program management support operations. Responsibilities:

• Use industry standard digital forensic utilities (standalone & enterprise) to perform collections and analyses of mobile devices and digital media in support of Insider Threat investigations.

• Properly preserve evidence, maintain chain of custody and produce forensic reports.

• Effectively communicate analysis results to stakeholders to include technical staff and leadership.

• Install, maintain, and recommend forensic hardware and software within a forensic lab environment while following established configuration management processes.

• Research and develop scripts, methods or indicators to enhance forensic processes for identifying insider threat activity.
• Use SIEM utilities to identify potential insider threat activity.

• Assist with evaluation of existing insider threat program elements.

• Assist with development of Standard Operating Procedures, workflows, process guides and playbooks.

• Assist with evaluating and recommending technical and non-technical solutions to detect and respond to potential insider threats.

• Assist with evaluating and establishing program elements to support insider threat prevention, detection and response.

• Assist in developing strategies for protecting critical assets.

• Provide support in developing business cases, resource planning, budget justifications and other documents in support of client insider threat programs.

• Assist with developing and operationalizing program performance metrics and reporting mechanisms in support of client insider threat programs.
• Evaluate technical products for their use in Insider Threat Programs and define specific program implementation use cases.
• Understand technology implementation to improve operating capability to support program maturity.
• Flexible and adaptable self-starter with strong relationship building skills.

• Strong problem-solving skills and qualitative reasoning in high pressure situations.

• Ability to independently prioritize and complete multiple tasks with minimal or no supervision. Minimum Qualifications:

• Bachelor's degree or equivalent

• 5 years of experience in federal program support or related experience

• 5 years of combined professional experience performing insider threat analyst, and digital media forensic analysis with industry standard commercial and open-source tools in Federal Government, DOD or Law Enforcement.

• Familiarity with SIEM platforms.

• Familiarity with using case management systems.

• Familiarity with User Activity Monitoring (UAM) tools.

• Active Top Secret Clearance required. Preferred Qualifications:

• 5-10 years of professional experience in relevant fields including digital forensics, IT security, and investigations.

• At least one of the following recognized digital forensics certifications (EnCE, ACE, CCE, GCFA, GCFE)

• Working knowledge of User Activity Monitoring (UAM) tools.

• Strong Working knowledge of SIEM utilities.