This job has expired and you can't apply for it anymore. Start a new search.
TIAA logo
Company Name:
Approximate Salary:
Not Specified
Charlotte, North Carolina
United States
Position type:
Experience level:
Education level:

Sr Insider Threat Cyber Analyst - Veterans Welcome

Job DescriptionCOMPANY OVERVIEW: As long as there are people who make the world a better place, we'll keep making a difference for them. Since 1918, it has been TIAA's mission to serve those who serve others. It is this mission and the values we embrace that make us a different kind of financial services organization. When you work here at TIAA, you're not just in it for yourself. You are part of something bigger. A collective mission to make a difference - a collective mission we make our own. To be difference makers. For more information about TIAA, visit our website. POSITION SUMMARY: The Senior Insider Threat Cyber Analyst within the Cyber Investigations organization will report into the Manager of the Insider Threat Unit. This person will support the establishment and execution of the insider threat program, including utilization of forensic and data mining tools to collect, search, recover, and organize electronic information in all phases of an investigations related to litigation, employee investigations, incident response and cyber security events. They will conduct user activity and network monitoring based on the results of data analysis, or specific inquiries from stakeholders including Human Resources, Internal Audit and other investigative partners. The Analyst must be able to identify potential data leaks and determine if information constitutes a violation any TIAA policies related to Personal Identifiable Information (PII) or Intellectual Property (IP). Evaluate user activity to determine if the activity is within the user's day to day responsibility or potentially an abuse of privilege or unauthorized. KEY RESPONSIBILITIES AND DUTIES: Further the design and maturation of TIAA's Insider Threat program Develop and deliver stakeholder presentations which further the awareness and understanding of the insider threat program and capabilities Propose and execute program initiatives, and collaborate with key stakeholders to create business value Receive, evaluate and initiate the processing of cyber forensic investigations Search and seizure of physical and logical evidence Imaging of hard disk drives and other digital storage media Digital forensic examination and analysis Recovery of deleted files and folders, internet history, deleted emails, identification of attached devices, analysis of event logs and proxy logs Network packet capture and analysis User activity monitoring Develop strategies to improve the efficiency and consistency of service delivery Provision of report and statements in clear unambiguous language Maintain a strong focus on case logs, repeatability and chain of custody Identification of root cause in partnership with peer groups on remediation of control gaps/failures Interact with and lead discussions with executives across different functions and lines of business Maintain an awareness of industry challenges and advancements in order to add value to existing technologies and processes used within the team Mentor junior analysts Potential travel (occasional) related to investigative needs.QUALIFICATIONS:Required Skills: Bachelor's degree or equivalent combination of 8 years' experience and education/certifications Minimum 4-7 years of overall experience in Cybersecurity Minimum 3 years' experience working with enterprise solutions for searching, monitoring, and analyzing machine-generated big data or similar SIEM tools (ie. Splunk, ArcSight, LogRhythm, FireEye, CrowdStrike) Possess one or more of the following certifications: CFCE, CCE, EnCE, ACE, GCFA, CISSP, CFE or similar IT security certifications Desired Skills (Preferred, not required): Strong knowledge of User Behavior Analytical concepts and products 3-5+ years in computer forensic investigations Insider Threat program experience as a focus area within Cybersecurity Working knowledge of Data Loss Prevention controls (e.g. Symantec, McAfee, Websense) Proven ability to self-direct project outcomes, with minimal supervision, to achieve program goals. Working knowledge of conducting a forensics investigation Hands on experience with an Incident Management Tool (RSA Archer, ServiceNow) Hands on experience with user activity monitoring tools such as ObserveIT, Veriato 360 or similar product Experience with databases, SQL, and data visualization tools Experience with Windows, MacOS, Linux, iOS Ability to build consensus and cooperation as well as the ability to interact, influence, and negotiate with leadership within the firm. Ability to navigate and work effectively across a complex organization. Experience in financial services including Retirements, Retail/Commercial banking, or another other financial institution line of business (Brokerage, Insurance, or Asset Management) Good understanding of data privacy laws and experience interacting with Legal and Compliance professionals Equal Employment Opportunity is not just the law, it's our commitment. Read more about the Equal Employment Opportunity Law.If you need assistance applying due to being visually or hearing impaired, please email Careers Help.This organization is an equal employment opportunity (EEO) employer, dedicated to maintaining a work environment free of bias, harassment, discrimination and retaliation. As an EEO employer, this organization expressly prohibits discrimination, harassment, and retaliation on the basis of race, creed, ethnicity, color, age, religion, sex, sex stereotype, pregnancy (including childbirth, breastfeeding or related medical conditions where applicable), sexual orientation, gender, gender identity, gender expression, transgender, marital status, national origin, ancestry, physical or mental disability, requesting a reasonable accommodation based on mental or physical disability, medical condition (as defined by applicable law), genetic history and information, citizenship status, military or veteran status, or any other status protected by federal, state, or local law or ordinance or regulation (collectively referred to here as \"protected characteristics\").* 2016 Teachers Insurance and Annuity Association of America (TIAA), 730 Third Avenue, New York, NY 10017C23921
Associated topics: active sci clearance, active ts sci, artillery, counterintelligence, department of homeland security, northrop grumman, rocket fire direction specialist, security, threat, ts

More Jobs Like This