Job Description

Insider Threat Program Hunt Team Analyst (w/ active TS/SCI)

Location: Springfield, VA
Clearance: Top-Secret/SCI
Type: Full-time, Onsite

Critical Solutions is seeking an Insider Threat Program Hunt Team Analyst to support our federal customer.

This is an exciting opportunity to use your experience to support, sustain, design and evolve the database backbone of the Insider Threat Program (ITP). The ITP mission is to identify insider threats to the department by utilizing advanced analytics, monitoring, and data correlation which in turn help address and eliminate potential threat actors from compromising the Agency's mission in safeguarding the nation.

PRIMARY ROLES AND RESPONSIBILITIES:

• Examine, analyze, and search insider threat data to identify trends, patterns, and insights of potential insider threat indicators.
• Provide analytical, program support services related to the operation of UAM/ UEBA tool.
• Monitor UAM platform to identify emerging requirements related to insider threat events and coordinate across the enterprise to ensure timely response.
• Conduct further research on the UAM platform to identify patterns of concerning behavior related to a potential insider threat risk to the Agency enterprise.
• Provide proactive insider threat-based hunting across the Agency enterprise network, leveraging methodologies and behavioral analytics to detect, investigate, and mitigate anomalous activity and policy violations indicative of malicious insider behavior.
• Conduct continuous hunt operations across data and log sources, Agency platforms, EDR tools, and network traffic to identify patterns of insider threat behavior.
• Identify mitigation strategies to assist the investigative team in effectively reducing insider threat risk.
• Utilize UEBA (User and Entity Behavior Analytics) platforms and techniques to baseline user activity and detect deviations.
• Provide timely response to critical/high UAM alerts (within 4 hours during normal business hours).

BASIC QUALIFICATIONS:

• Active Top Secret/SCI or SCI eligible.
• Bachelors degree and (8)+ years of prior relevant insider threat experience or Masters with (6)+ years of prior relevant experience. Additional years of experience with requisite certifications will be considered in leu of degree.
• Minimum of 4 years demonstrated knowledge of the intelligence cycle, analytic techniques, systems, processes, and organizations.
• Minimum of 4 years demonstrated knowledge of Threat Assessment & Mitigation Strategies.
• Have excellent written and verbal skills with ability to deliver briefings to a diverse group of audiences.
• Possess knowledge of current domestic and international threats to U.S. national security interests.
• Be adept at establishing networks with relevant security, personnel, and prevention stakeholders to foster program utilization.
• Be a self-starter capable of working independently to promote program goals.
• Working knowledge of User Activity Monitoring Software (UAM) and solutions.
• Working knowledge of Cybersecurity toolsets designed to support ITP mission activities.
• Working Knowledge of Open-Source toolsets.
• Working Knowledge of Insider Threat Frameworks; Pathway to Violence & Critical Pathway.
• Current TS/SCI and Must be a US Citizen.
• Ability to obtain Agency EOD SCI and willingness to undergo CI Polygraph.

PREFERRED QUALIFICATIONS:

• Master's degree from an accredited college or university in Criminal Justice, Homeland security, Cyber Security, or related field
• Proven experience (10+ years) in Intelligence Analysis
• Experience with User Activity Monitoring products and platforms
• Proven experience (4+ years) in Threat Assessment & Mitigation
• Certified Counter-Insider Threat Professional - Fundamentals (CCITP-F)
• Certified Counter-Insider Threat Professional - Analysis (CCITP-A)
• Completion of Center for Development of Security Excellence (CDSE) Insider Threat Detection Analysis Course (ITDAC)
• Completion of Workplace Assessment of Violence Risk (WAVR-21) Workshop
• Completion of Center for Development of Security Excellence (CDSE) Curriculums; INT311.CU/INT312.CU/CI201.CU

ADDITIONAL INFORMATION:

CLEARANCE REQUIREMENT: Must possess an active DoD Top Secret Clearance In addition, selected candidate must undergo background investigation (BI) and finger printing by the federal agency and successfully pass the preceding to qualify for the position. US CITIZENSHIP IS REQUIRED.

CRITICAL SOLUTIONS PAY AND BENEFITS:

Salary range $- $. The salary range for this position represent the typical salary range for this job level and this does not guarantee a specific salary. Compensation is based upon multiple factors such as responsibilities of the job, education, experience, knowledge, skills, certifications, and other requirements.

BENEFIT SNAPSHOT: 100% premium coverage for Medical, Dental, Vision, and Life Insurance, Supplemental Insurance, 401K matching, Flexible Time Off (PTO/Holidays), Higher Education/Training Reimbursement, and more.