Junior Insider Threat Analyst

When you join Verizon

Verizon is one of the world's leading providers of technology and communications services, transforming the way we connect across the globe. We're a diverse network of people driven by our shared ambition to shape a better future. Here, we have the ability to learn and grow at the speed of technology, and the space to create within every role. Together, we are moving the world forward - and you can too. Dream it. Build it. Do it here.

What you'll be doing...

Verizon is looking for an innovative and driven analyst to support the insider threat program. This role is responsible for supporting a 24x7x365 geographically dispersed team who detects, analyzes, and responds to suspicious activities and potential insider threats. In this role, you will be responsible for maturing and enhancing our existing insider threat defense capabilities by collaborating on efforts to design and implement improved processes and technologies within Verizon's unique security landscape. You will work closely with key cross-functional stakeholders to develop a program tailored to utilizing proactive and mitigating measures to detect and respond to potential threats to Verizon's infrastructure, employees, and intellectual property.

This role is a part of Verizon Cyber Defense's Insider Threat Operations (ITO) team under the Chief Information Security Office (CISO). The mission of the ITO team is to protect Verizon by preventing, detecting, and investigating all insider threats by malicious or negligent employees, contractors and vendors with minimal disruption to the line of business.

• Supporting the day-to-day operations for insider threat investigations by performing insider threat examinations and ensuring the case management and alert development life cycles are followed or adjusted when necessary.
• Conducting continuous enterprise-wide insider threat monitoring with ability to review end user activity and identify threats from SEIM dashboards and tool consoles.
• Performing accurate and complete investigations and ensuring tasks like case follow up, lessons learned, and case studies are conducted and socialized with appropriate stakeholders.
• Reacting well under pressure when gathering and conducting in-depth analysis and examination on any supporting evidence or artifacts.
• Exercising discretion and professionalism when conducting user-based analysis.
• Following and maintain documentation, which provide a visual depiction of various insider threat operations workflows to support an innovative program and bolster overall security practices.
• Prioritizing and communicate project statuses accurately and within required timeframes.
• Assisting with the development of global insider threat use cases surrounding data exfiltration, internal fraud, privilege escalations, as well as IT sabotage for desktops, laptops, servers, mobile, virtual and multi-cloud environments.
• Researching industry trends and best practices in order to ensure alerting and case management processes are evolving with the cybersecurity field.
• Promoting an environment of collaboration and individual accountability when it comes to problem-solving, decision-making, and process improvement.

Where you'll be working...

In this remote role, you'll work from home with occasional in-person trainings and meetings.

What we're looking for...

You'll need to have:

• Bachelor's degree or one or more years of work experience.
• One or more years of experience in writing security reports for insider threat investigations.

Even better if you have one or more of the following:

• Experience in implementation of cybersecurity, network defense, and investigative frameworks (such as NIST CSF, ISO 27000 series, MITRE ATT&CK, Lockheed Martin Cyber Kill Chain, etc.) into network defense processes.
• Knowledge of SOC or similar environment methodology, including threat monitoring, intrusion detection, analysis, threat determination, incident handling and remediation tracking.
• Experience in defending against insider threats by leveraging tools like UEBA and DLP.
• Experience in interpreting data from network security tools and infrastructure technologies such as SIEM, firewall, proxies, IPS/IDS devices, full packet capture (FPC), and email platforms.
• Knowledge of the cyber threat landscape, including types of adversaries, campaigns, and the motivations that drive them.
• Experience in working with analysis techniques, identifying indicators of compromise, threat hunting, and identification of intrusions and potential incidents.
• Experience in integrating subject profiling and criminal examination best practices into investigative procedures to supplement technical evidence.
• Understanding of system development life cycle (waterfall & agile) experience.
• Certifications like: CERT's ITPM, Network+, Security+, CISSP, CFE, and/or Six Sigma Greenbelt or Lean certification.

If Verizon and this role sound like a fit for you, we encourage you to apply even if you don't meet every "even better" qualification listed above.

22CyberOPS

Equal Employment Opportunity

We're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our page to learn more.