Insider Threat Analyst III

Overview

Abacus Technology is seeking an Insider Threat Analyst to provide technical support for the AFCENT Network Operations and Security Center (NOSC) at Lackland AFB. This is a full-time position.

Responsibilities

• Work with the AFCENT Insider Threat working group to establish a mature Insider Threat management capability, capable of detecting and reporting Insider Threats to relevant parties including (but not limited to) Commanders, Law Enforcement, Mental Health, Cybersecurity, Counter-Intelligence, Security, Civilian and Military personnel management, and Legal.
• Support the AFCENT Insider Threat office and Office of Special Investigations (OSI) in their execution of the Command Insider Threat program.
• Conduct Insider Threat Operations by leveraging available host, network, intelligence, and dynamic data acquisition technologies in order to identify, characterize, and counter Insider Threats.
• Employ User Activity Monitoring (UAM) capabilities to detect anomalous insider activity.
• Conduct auditing and data collection in support of Insider Threat cases and investigations.
• Provide on-site support and on-call response to operate, maintain, and audit UAM tools for all network locations provided by the Authorizing Official (AO).
• Perform analysis of findings developed by OSI and supporting organizations during insider threat operations.
• Develop metrics and trends to identify internal cyber threat actors attempting to commit espionage or attempting to compromise IS located at all network locations under the AOs responsibility.
• Conduct tuning of UAM tools IAW DoD, OSD, and Air Force guidance.
• Work with Cybersecurity Engineering personnel to O&M of UAM tools.
• Provide relevant data and briefing support to the Command Insider Threat office.
• Participate and provide support to the AFCENT Insider Threat working group.
• Work with the AFCENT Insider Threat Working Group to identify thresholds and create Insider Threat triggers.

Qualifications

5+ years experience in security. Bachelor's degree in a related field. Additional years of experience may be substituted for degree requirements. Must hold the ITIL v3 or v4 Foundations certification or be able to obtain the certification within 60 days of hire. Must be detail oriented and possess the ability to work in a multi-disciplined environment with an adaptive personality. Strong analytical and communication skills. Must be a team player able to work professionally and collaboratively with the government customer and other contract members of the project team. Must be able to provide support in a 24/7/365 environment including occasionally covering shifts outside of the assigned shift and/or providing after hours, weekend, or holiday support as needed on a rotational basis. Must be able to travel to CONUS sites to provide TDY support. Must be a US citizen and hold a current Secret clearance.

Applicants selected will be subject to a U.S. government security investigation and must meet eligibility requirements for access to classified information.

EOE/M/F/Vet/Disabled