Insider Risk Analyst Location: Falls Church, VA, US Job ID: ATR 17636 Job Description Job Title: Insider Risk Analyst Job Location: Falls Church, VA (Morrisville, NC and Eagan, MN also available) In this role, a typical day will include: - Lead or support insider risk investigations, including evidence preservation and forensic analysis. - Leverage AI/ML to quickly assess potential threats and enable proactive, informed decisions, including blocking suspicious activities like unauthorized data transfers or flagging risky user behavior. - Ability to utilize AI/ML and identify, assess, and mitigate potential security threats posed by individuals, leverage AI-driven solutions to analyze data, pinpoint risky behaviors, and generate actionable insights and recommendations for program resilience and mitigation strategies. - Facilitate and support the coordination and response to active insider threats, collaborating with counterintelligence, threat intelligence, and law enforcement teams. - Correlate behavioral, contextual, and technical indicators to identify and assess potential insider threat incidents. - Support investigations by collecting and analyzing digital evidence, documenting findings, and escalating matters to the appropriate parties. - Monitor user activity data and alerts to identify potential indicators of insider threats. Analyze system logs, network traffic, and endpoint alerts for suspicious activity. - Correlate data from multiple sources (including user and entity behavior analytics (UEBA), data loss prevention (DLP), security information and event management (SIEM) tools, and endpoint detection and response (EDR) solutions) to detect anomalies and patterns indicative of insider threats. - Develop and implement detection methods and strategies, including risk scoring and threat analysis tools, and refine alerts based on triage results, understanding of insider threats, and current events. - Work closely with internal teams such as CISO Operations, Legal, Human Resources, and Counterintelligence, as well as external partners, to address and resolve insider risk incidents. WHAT YOU’LL NEED TO SUCCEED: Education: - Bachelor's Degree in Computer Science or related technical discipline, preferred but not required. - NOTE: If resources do not have a relevant college degree, an additional 4 years of relevant work experience is required. Required Experience: - 3-5+ years of experience in analyzing technical and non-technical indicators related to insider activity, includinguser behavior, network activity, system logs, and data access patterns. - Knowledge ofAI/MLconcepts, algorithms, and applications in insiderthreat detection, including supervised and unsupervised learning, deep learning, and anomaly detection. - Proficiency in cybersecurity concepts, network protocols, operating systems, encryption, authentication mechanisms, and security tools likeSIEM, UEBA, andDLPsolutions. - Utilize AI-powered platforms likeUser and Entity Behavior Analytics (UEBA)to identify anomalous activities and patterns indicative of insider threats. - Cultivate and heighten AI/ML models to refine detection capabilities by leading the creation and tuning rules, alerts, and risk scoring models to enhance efficiency and accuracy. - Familiarity with insider threat regulations, information security reports, and relevant legal and privacy regulations. - Experience conducting internal investigations, collecting digital evidence while maintaining chain of custody, and understanding forensic analysis tools. - Strong ability to analyze complex data, identify patterns and trends, apply critical thinking and logic to evaluate evidence, and use quantitative and qualitative methods to assess risk. - Strong analytical skills to interpret large volumes of data and correlate disparate security signals. - Knowledge of incident response processes and digital forensics fundamentals related to insider threat scenarios. - Strong communication skills for cross-team coordination, reporting, and documenting of findings. - Ethical judgment and discretion, especially when handling sensitive personnel and organizational data. Security Clearance Level: - Ability to obtain and maintain a Public Trust clearance and successfully pass a thorough Government background screening process requiring the completion of detailed forms and fingerprinting - This position has a U.S. residency requirement. The security clearance process requires the selected candidate to have resided in the U.S. (including U.S. Territories) for the last five years as follows: U.S. Citizens cannot have left the U.S. (including U.S. Territories) for longer than 6 months consecutively in the last 3 years (unless they meet certain exceptions). Non-U.S. Citizens cannot have left the U.S. (including U.S. Territories) for longer than 90 days consecutively in the last 3 years. [ Arena Technical Resources, LLC, (ATR) is an Equal Opportunity Employer (EOE) who will provide equal employment opportunity to employees and applicants for employment without regard to race, ethnicity, religion, color, sex, pregnancy, national origin, age, veteran status, ancestry, sexual orientation, gender identity or expression, marital status, family structure, genetic information, or mental or physical disability. ] First Name Required Last Name Required Email Address Required Phone Number CountryNoneAfghanistanÅland IslandsAlbaniaAlgeriaAmerican SamoaAndorraAngolaAnguillaAntarcticaAntigua and BarbudaArgentinaArmeniaArubaAustraliaAustriaAzerbaijanBahamasBahrainBangladeshBarbadosBelarusBelgiumBelizeBeninBermudaBhutanBoliviaBonaire, Sint Eustatius and SabaBosnia and HerzegovinaBotswanaBouvet IslandBrazilBritish Indian Ocean TerritoryBritish Virgin IslandsBruneiBulgariaBurkina FasoBurundiCabo VerdeCambodiaCameroonCanadaCayman IslandsCentral African RepublicChadChileChinaChristmas IslandCocos (Keeling) IslandsColombiaComorosCongoCongo-BrazzavilleCook IslandsCosta RicaCôte d'IvoireCroatiaCubaCuraçaoCyprusCzechiaDemocratic People's Republic of KoreaDenmarkDjiboutiDominicaDominican RepublicEcuadorEgyptEl SalvadorEquatorial GuineaEritreaEstoniaEthiopiaFalkland IslandsFaroe IslandsFederated States of MicronesiaFijiFinlandFranceFrench GuianaFrench PolynesiaFrench Southern TerritoriesGabonGambiaGeorgiaGermanyGhanaGibraltarGreeceGreenlandGrenadaGuadeloupeGuamGuatemalaGuernseyGuineaGuinea-BissauGuyanaHaitiHeard Island and McDonald IslandsHondurasHong KongHungaryIcelandIndiaIndonesiaIraqIrelandIslamic Republic of IranIsle of ManIsraelItalyJamaicaJapanJerseyJordanKazakhstanKenyaKiribatiKuwaitKyrgyzstanLao People's Democratic RepublicLatviaLebanonLesothoLiberiaLibyaLiechtensteinLithuaniaLuxembourgMacaoMacedoniaMadagascarMalawiMalaysiaMaldivesMaliMaltaMarshall IslandsMartiniqueMauritaniaMauritiusMayotteMexicoMonacoMongoliaMontenegroMontserratMoroccoMozambiqueMyanmarNamibiaNauruNepalNetherlandsNew CaledoniaNew ZealandNicaraguaNigerNigeriaNiueNorfolk IslandNorthern Mariana IslandsNorwayOmanPakistanPalauPanamaPapua New GuineaParaguayPeruPhilippinesPitcairnPolandPortugalPuerto RicoQatarRepublic of KoreaRepublic of MoldovaReunionRomaniaRussiaRwandaSaint BarthelemySaint Helena, Ascension and Tristan da CunhaSaint Kitts and NevisSaint LuciaSaint MartinSaint Pierre and MiquelonSaint Vincent and the GrenadinesSamoaSan MarinoSao Tome and PrincipeSaudi ArabiaSenegalSerbiaSeychellesSierra LeoneSingaporeSint Maarten (Dutch part)SlovakiaSloveniaSolomon IslandsSomaliaSouth AfricaSouth Georgia and the South Sandwich IslandsSouth SudanSpainSri LankaState of PalestineSudanSurinameSvalbard and Jan MayenSwazilandSwedenSwitzerlandSyriaTaiwanTajikistanThailandTimor-LesteTogoTokelauTongaTrinidad and TobagoTunisiaTurkeyTurkmenistanTurks and Caicos IslandsTuvaluU.S. Virgin IslandsUgandaUkraineUnited Arab EmiratesUnited KingdomUnited Republic of TanzaniaUnited StatesUnited States Minor Outlying IslandsUruguayUzbekistanVanuatuVaticanVenezuelaVietnamWallis and FutunaWestern SaharaYemenZambiaZimbabwe State/ProvinceNone City ZIP/Postal Code Resume Choose File... Required, maximum file size is 512KB, allowed file types are doc, docx, pdf, odf, and txt Message Success! Your application was successfully sent!