Senior Cyber Security Analyst 21-0260 at Relativity
- Applies innovative solutions to address insider threat risk through automated analytics and security awareness training.
- Triages data of anomalous events collected by user behavior analytics (UBA), user activity monitoring (UAM), DLP, SIEM technologies and other tools to decipher underlying trends or uncover anomalies and discern obscure patterns and attributes of potential insider threat activities.
- Performs root cause analysis to identify and incorporate opportunities for continuous process improvement of Relativity’s security awareness culture and insider threat risk mitigation efforts.
- Automates reporting of insider threat investigations and security awareness metrics to senior Relativity leadership and acts as subject matter expert (SME) spokesperson for all technical aspects of insider risk research and analysis.
- Enhances the security awareness culture by leading all aspects of Relativity’s automated security awareness training such as monthly phishing for HVT, new hires and for all Relativians in a manner that aligns with the evolving threat landscape.
- Develops insider threat workflows and rules by working in conjunction with the other teams, utilizing Relativity’s next generation artificial intelligence tool - Trace.
- Builds and accelerates the development of intent-based access control assessments (IBAC) utilizing Trace with a focus to mitigate insider threat risk and any issues that could compromise Relativity’s data integrity or security.
- Must demonstrate knowledge of tactics, techniques and procedures associated with malicious insider threat activity.
- Analytical thinker with the ability to leverage data analysis to solve problems.
- Interpersonal skills to provide superior service and build strong partnerships with other Security Leaders, People Teams, Functional Leaders (HR, Legal, Operations, IT).
- Outstanding work ethic with a passion for Cyber Security.
- Certifications: One of more of the following certifications are preferred (GCFA, GCIA, GCIA, GCIH, GCFA, GNFA, GREM, OSCP, or CEH)
- Strong cyber incident response skills
- Strong Splunk signature development skills
- Deep understanding of human centric risk
- Understanding of infection mechanisms, malicious behavior, exploitation techniques, and mitigating controls.