Full-Time Insider Threat & DLP Analyst

NBCUniversal's Cyber Defense Operations team supports the layered defense of tools and capabilities. The Insider Threat and DLP Analyst protects critical assets from internal threats and reduces risk. This role is a subject matter expert (SME) in data loss prevention and insider threat escalation.

Reports to: Sr Director of Cyber Investigation and Insider Threat

Responsibilities:

• Perform sensitive investigations (digital forensic analysis, employee misconduct, IP theft, etc.)
• Proactively identify, disrupt, and protect from internal threats
• Work with HR, legal, and compliance teams on insider threat incidents
• Monitor user activity for potential insider threats
• Investigate suspicious activities
• Triage and analyze DLP alerts
• Contribute to DLP policies, rules, and best practices
• Integrate DLP controls with other security measures
• Provide on-call response
• Conduct forensic analysis of physical devices and data
• Provide subject matter guidance to incident response and other teams
• Drive continuous improvement
• Utilize data sources and tools for digital evidence collection
• Develop behavior anomaly capabilities
• Stay updated on insider threat tactics and best practices
• Assist leadership with performance metrics and obstacles

Basic Requirements:

• 4+ years experience in computer forensics, investigations, or information security
• Working knowledge and experience with DLP and Insider Threat best practices
• Expertise in confidential investigations
• Experience with forensic technologies (EnCase, FTK, AXIOM, Cellebrite)
• Experience with emerging cloud technologies
• Understanding of internal and external data movement/exfiltration
• Understanding of enterprise email systems (Office 365, MS Exchange)
• Experience in DLP/Insider Threat Investigations
• Experience with enterprise SIEM and DLP tools (Splunk, DataDog, LogRhythm, EDR/UEBA)
• Bachelor's degree in Computer Science, Information Systems, etc.

Desired Characteristics:

• Self-starter with a sense of urgency
• Strong communication (technical and non-technical)
• Strong analytical ability, attention to detail, problem-solving skills
• Strong organizational skills
• Integrity and discretion
• GIAC Certified Forensic Analyst - GCFAGIAC Certified Forensic Examiner - GCFECertified Forensic Computer Examiner - CFCECertified Information Systems Security Professional - CISSP

Additional Requirements:

• Fully Remote
• Company sponsored benefits

Salary Range: $100,000 - $130,000

Hiring Process: In-person interviews may be required.

What is the last date for applying to the job?

Which countries are accepted for this remote job?