Full-Time Insider Threat & DLP Analyst

NBCUniversal's Cyber Defense Operations team supports the Threat Operations lifecycle in a highly collaborative, fast-paced, and agile fashion. The Insider Threat and DLP Analyst protects critical assets from internal threats and reduces risk. This position acts as a subject matter expert in data loss prevention and insider threat escalation.

Responsibilities:

• Perform highly sensitive investigations (digital forensics), involving internal risks (misconduct, theft, misuse, harassment).
• Proactively identify, disrupt, and protect NBCU from internal threats.
• Collaborate with HR, legal, and compliance teams.
• Monitor user activity to detect insider threats.
• Investigate suspicious activities.
• Triage and analyze DLP alerts.
• Contribute to DLP policies and best practices.
• Integrate DLP controls with other security measures.
• Provide on-call response (major events).
• Conduct forensic analysis of physical devices and electronic data.
• Provide subject matter guidance to incident response teams.
• Drive continuous improvement across the Insider Threat team.
• Utilize data sources and tools to collect/analyze digital evidence.
• Develop behavior anomaly capabilities.
• Maintain awareness of insider threat tactics and industry best practices.
• Assist team leadership with metrics and obstacles.

Basic Requirements:

• Minimum 4 years' experience in computer forensics, investigations, or similar security discipline.
• Working knowledge of current DLP and Insider Threat best practices.
• Expertise in handling confidential investigations.
• Experience with forensic technologies (EnCase, FTK, AXIOM, Cellebrite).
• Experience with cloud technology services and data security considerations.
• Understanding of data movement and exfiltration.
• Understanding of enterprise email systems (Office 365, MS Exchange).
• Experience in DLP/Insider Threat Investigations.
• Experience with enterprise SIEM and/or DLP tools (Splunk, DataDog, LogRhythm, EDR/UEBA).
• Bachelor's degree in relevant field (Computer Science, Information Systems, etc.).

Desired Characteristics:

• Self-starter, ownership, urgency.
• Independent/collaborative work style.
• Clear communication (technical and non-technical).
• Strong analytical, attention-to-detail, problem-solving, and consultative skills.
• Strong organizational skills.
• Integrity and discretion.

Certifications (desired):

• GIAC Certified Forensic Analyst (GCFAG)
• GIAC Certified Forensic Examiner (GCFE)
• Certified Forensic Computer Examiner (CFCE)
• Certified Information Systems Security Professional (CISSP)

Additional Requirements:

• Fully remote position.
• Occasional travel (less than 10%).

Salary range: $100,000 - $130,000

What is the last date for applying to the job?

Which countries are accepted for this remote job?