Insider Threat Consultant
- Employer
- Northern Trust
- Location
- Pune, India
- Salary
- Competitive
- Closing date
- Oct 5, 2024
View moreView less
- Job Function
- Accounting/Audit/Tax
- Industry Sector
- Finance - General
- Employment Type
- Full Time
- Education
- Bachelors
You need to sign in or create an account to save a job.
About Northern Trust:
Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.
Northern Trust is proud to provide innovative financial services and guidance to the world's most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world's most sophisticated clients using leading technology and exceptional service.
Summary
Reporting into the Head of Insider Threat Risk Management, the Insider Threat Risk Lead will play an essential role in maturing Northern Trust's ability to prevent, detect, and remediate insider threat activity. The Lead will conduct technical analysis of security event data and investigations into violations of company policy utilizing a broad suite of security operations tools. The lead will utilize technical expertise to identify risks and trends, while supporting program stakeholders and business representatives in enhancing security controls.
The key responsibilities of the role include:
• Develop detection rules aimed at detecting or preventing insider threat activities, within security tools such as Security Information & Event Management (SIEM), User Entity & Behavior Analytics (UEBA), Data Loss Prevention (DLP), and cloud security technologies
• Lead investigations into violations of Northern Trust's Acceptable Use Policy and ensure all investigations comply with corporate policies and applicable regulatory frameworks
• Utilize technical skillset to conduct incident response and investigations (e.g., digital forensics, OSINT, data analysis)
• Develop and present meaningful metrics to identify trends and measure control effectiveness
• Conduct risk assessments and controls validation testing to identify opportunities to strengthen control environment
• Lead formal interviews pertaining to sensitive investigations
• Establish and manage close relationships with program stakeholders and business representatives
Knowledge and Skills
• Hands-on experience performing monitoring, tuning, and/or writing detection rules in tools such as Security Information & Event Management (SIEM), User Entity & Behavior Analytics (UEBA), Data Loss Prevention (DLP), and cloud security technologies
• Experience performing digital forensics, incident response, OSINT, data analysis, and/or threat hunting
• Familiarity with script/query languages such as KQL, PowerShell, and/or Python
• Experience conducting risk assessments and/or controls validation testing
• Project or program management experience
• Formal investigative interviewing and/or report writing experience
• Familiarity with cybersecurity frameworks (e.g. NIST) and data privacy concepts
• Strong understanding of computer operating systems, networking protocols, and IT infrastructure/cloud technologies
• Demonstrated ability to work well in both an individual contributor and team capacity, in particular with multi-national teams
Experience
• Any combination of equivalent education, experience, or training that allows you to meet the qualifications of this job
• A minimum of 9 to 12 years of professional experience performing in-depth security operations analysis of insider or external cyber threat activity, data loss, or related investigations
• Technical or investigative certifications such as EnCE, GCFE, CISSP, GCIH, or CRISC are a plus
Working with Us:
As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas.
Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose.
We'd love to learn more about how your interests and experience could be a fit with one of the world's most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater
Reasonable accommodation
Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com .
We hope you're excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people.
Apply today and talk to us about your flexible working requirements and together we can achieve greater.
Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.
Northern Trust is proud to provide innovative financial services and guidance to the world's most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world's most sophisticated clients using leading technology and exceptional service.
Summary
Reporting into the Head of Insider Threat Risk Management, the Insider Threat Risk Lead will play an essential role in maturing Northern Trust's ability to prevent, detect, and remediate insider threat activity. The Lead will conduct technical analysis of security event data and investigations into violations of company policy utilizing a broad suite of security operations tools. The lead will utilize technical expertise to identify risks and trends, while supporting program stakeholders and business representatives in enhancing security controls.
The key responsibilities of the role include:
• Develop detection rules aimed at detecting or preventing insider threat activities, within security tools such as Security Information & Event Management (SIEM), User Entity & Behavior Analytics (UEBA), Data Loss Prevention (DLP), and cloud security technologies
• Lead investigations into violations of Northern Trust's Acceptable Use Policy and ensure all investigations comply with corporate policies and applicable regulatory frameworks
• Utilize technical skillset to conduct incident response and investigations (e.g., digital forensics, OSINT, data analysis)
• Develop and present meaningful metrics to identify trends and measure control effectiveness
• Conduct risk assessments and controls validation testing to identify opportunities to strengthen control environment
• Lead formal interviews pertaining to sensitive investigations
• Establish and manage close relationships with program stakeholders and business representatives
Knowledge and Skills
• Hands-on experience performing monitoring, tuning, and/or writing detection rules in tools such as Security Information & Event Management (SIEM), User Entity & Behavior Analytics (UEBA), Data Loss Prevention (DLP), and cloud security technologies
• Experience performing digital forensics, incident response, OSINT, data analysis, and/or threat hunting
• Familiarity with script/query languages such as KQL, PowerShell, and/or Python
• Experience conducting risk assessments and/or controls validation testing
• Project or program management experience
• Formal investigative interviewing and/or report writing experience
• Familiarity with cybersecurity frameworks (e.g. NIST) and data privacy concepts
• Strong understanding of computer operating systems, networking protocols, and IT infrastructure/cloud technologies
• Demonstrated ability to work well in both an individual contributor and team capacity, in particular with multi-national teams
Experience
• Any combination of equivalent education, experience, or training that allows you to meet the qualifications of this job
• A minimum of 9 to 12 years of professional experience performing in-depth security operations analysis of insider or external cyber threat activity, data loss, or related investigations
• Technical or investigative certifications such as EnCE, GCFE, CISSP, GCIH, or CRISC are a plus
Working with Us:
As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas.
Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose.
We'd love to learn more about how your interests and experience could be a fit with one of the world's most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater
Reasonable accommodation
Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com .
We hope you're excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people.
Apply today and talk to us about your flexible working requirements and together we can achieve greater.
Sign in to create job alerts
Sign in or create an account to start creating job alerts and receive personalised job recommendations straight to your inbox.
Create alert