Insider Threat Analyst with Security Clearance

---

Job description

Description Founded in 2003, IT Concepts' core values - customer-centricity, teamwork, driven to deliver, innovation, and integrity - ensure we work together to be the best, realize objectives, and make a positive impact in our communities. We intentionally created and sustain our ITC culture that embraces change, experimentation, continuous learning, and improvement. We bring our design thinking problem solving approach that challenges assumptions, prioritizes curiosity, and invites complexity to deliver innovative, efficient, and effective solutions. As we continue to grow in the support of our government customers, we are looking for driven and innovative individuals to join our team. IT Concepts is seeking a highly skilled and experienced Insider Threat Analyst Support to join our team supporting our Federal client Social Security Administration (SSA). The ideal candidate will have a strong background and expertise in Insider Threat and will undertake an agile approach to provide strategic planning support, iterative program improvements, Operations & Maintenance (O&M), and overall programmatic support services for the Office of Information Security (OIS) and its Insider Threat Program Management Officer (PMO). The candidate will collaborate with stakeholders to prioritize data sources for onboarding into risk models and gathering requirements for dashboards to provide a holistic view on operations. Services include supporting and advising the OIS insider threat PMO in the ongoing development of the insider threat products and program roadmap(s), using analytical methods to understand insider risk patterns and establish models for forecasting insider risk scenarios, and providing services to implement, execute, and maintain necessary activities in support of an OIS-wide counter insider threat program. The candidate will provide following services to support and maintain an agency-wide plan and program for insider threat awareness, response consultation, policy enhancement, continuous monitoring, and reporting requirements. During execution of their duties the candidate may be required to deliver and receive sensitive briefings within SSA secured spaces such as the SCIF at SSA or an approved alternate secured location. Responsibilities Support Insider Threat policy and procedure updates for agency, interagency, or federal intelligence community-wide support Assist with the development and implementation of new insider threat alerts to help drive operational maturity and enhance detection and mitigation of events and/or incidents indicative of an insider threat. Provide recommendations on new or amended technical indicators for implementation in insider threat detection systems (SIEM, UBA, UAM, etc.) in accordance with approved SSA policies and procedures. Identify, implement, and prioritize new potential risk indicators (PRI) into DLP, SIEM, and UBA. Collaborate with the insider threat team in the enhancement of enterprise-level Standard Operating Procedures for automation and orchestration. Provide cyber intelligence support activities as functions with other OIS intelligence partners such as supply chain and cyber threat analysis units, as analytical functions in collaboration with the SOC, or both. Provide technical expertise in cyber and insider adversary capabilities and provide assessments of the intentions of adversary groups to conduct computer network exploitation and computer network attack against U.S. private sector and government networks and information systems. Conduct analysis of over 4,000 alerts a month across DLP, UBA, and SIEM. Provide monitoring, analysis, and reporting on non-classified cyber activity, trends, and incidents that may often rise to the level of incident threats with the potential to affect the confidentiality, availability, and integrity of the SSA network, which has the potential of posing a national security risk beyond the SSA and to the entire Federal Government enterprise. Utilize findings from risk assessments and trend analysis obtained from analysis of network alerts from various sources within the enterprise and determine possible causes of such alerts. Use that analysis to assist in development of mitigation and remediation control measures. Prepare and present finalized, professional briefings and comprehensive reports on Insider Threat cases referred to the Insider Threat Program Manager in the Office of Emergency Preparedness (OSEP) and the Chief Forensic Investigator in the Office of the Inspector General (OIG) in accordance with formats established in the OIS Insider Threat SOPs and agency writing guides. Collaborate with key stakeholders such as OSEP, UBA, and DLP to identify gaps, areas of growth, and strategic initiatives to further enhance insider threat detection. Monitor external data sources (e.g., cyber intelligence vendor sites, NITTF, CISA, ODNI, NCSC) and use trend analysis and reporting to interpret the relevance and significance of information concerning active and potential insider related threats. Analyze the information to determine which security issues may have an impact on the agency. Submit the analysis using written reports with text, charts, and spreadsheets when requested by the PMO for inclusion in the Insider Threat Work Status Reports. Administrative Responsibilities: Provide weekly status report of activities conducted, number of incidents reviewed by type, and any recommendations for any additional alerts, rules, or configurations in the SSA cyber tools used in the commission of this contract. Provide updates to the SSA Task Manager regarding contract personnel status, actions that would adversely affect the completions of task as outlined in this statement of work. Requirements HS Diploma, or Bachelor's degree in Computer Science, Information Technology, or a related field. Law enforcement/ Investigations experienced preferred with HS Diploma. 5+ years of experience in law enforcement and/or investigations 2 + years of experience in cybersecurity and/or insider threat incident response that must include experience in: Experience with data loss/information protection solutions (Splunk, Trellix Microsoft O365, etc.) Identification of potential insider threat tools, tactics, and procedures (TTPs) Security data analysis from a variety of sources and tools, including contributing to DLP policy/alert creation and maintenance. 3+ years of experience using tools such as Splunk and CrowdStrike, etc. and experience in extracting data from these systems to detect potential data leaks and prepare assessments. Preferred Skills: Excellent analytical, problem-solving and presentation skills. Effective communication and interpersonal skills, with the ability to interact with stakeholders at all levels. Clearance Requirements: Must be a US Citizen Must be willing and able to get a Public Trust Clearance, as well has Secret. Benefits The Company We believe in generating success collaboratively, enabling long-term mission success, and building trust for the next challenge. With you as our partner, let's solve challenges, think innovatively, and maximize impact. As a valued member of our team, you have the unique opportunity to work in a diverse range of technology and business career paths, all while supporting our nation and delivering innovative technology solutions. We are a close community of experts that pride ourselves on creating an environment defined by teamwork, dedication, and excellence. We hold three ISO certifications (27001:2013, 20000-1:2011, 9001:2015) and two CMMI ML 3 ratings (DEV and SVC). Industry Recognition Growth Inc 5000's Fastest Growing Private Companies, DC Metro List Fastest Growing; Washington Business Journal: Fastest Growing Companies, Top Performing Small Technology Companies in Greater D.C. Culture Northern Virginia Technology Council Tech 100 Honoree; Virginia Best Place to Work; Washington Business Journal: Best Places to Work, Corporate Diversity Index Winner - Mid-Size Companies, Companies Owned by People of Color; Department of Labor's HireVets for our work helping veterans transition; SECAF Award of Excellence finalist; Victory Military Friendly Brand; Virginia Values Veterans (V3); Cystic Fibrosis Foundation Corporate Breath Award Benefits We offer great benefits - Competitive Paid Time Off, Medical, Dental and Vision Insurance, Identity Theft Protection, Legal Resources Coverage, 401(k) with company matching with NO vesting period. ITC Health benefits have a $0 premium for certain plans for eligible employees. We invest in our employees - Every employee is eligible for education reimbursement for certifications, degrees, or professional development. Reimbursement amounts may fluctuate due to IRS limitations. We want you to grow as an expert and a leader and offer flexibility for you to take a course, complete a certification, or other professional growth and networking. We are committed to supporting your curiosity and sustaining a culture that prioritizes commitment to continuous professional development. We work hard, we play hard. ITC is committed to incorporating fun into every day. We dedicate funds for activities - virtual and in-person - e.g., we host happy hours, holiday events, fitness & wellness events, and annual celebrations. In alignment with our commitment to our communities, we also host and attend charity galas/events. We believe in appreciating your commitment and building a positive workspace for you to be creative, innovative, and happy. AAEO & VEVRAA ITC is an Affirmative Action/Equal Opportunity employer and a VEVRAA (Vietnam Era Veterans' Readjustment Assistance Act) Federal Contractor. As such, any personnel decisions (hire, promotion, job status, etc.) on applicants and/or employees are based on merit, qualifications, competence, and business needs, not on race, color, citizenship status, national origin, ancestry, sexual

<!– job description page –>