Information Security - Insider Threat Analyst
If you are a current Motorola Solutions employee, please click this link to apply through your Workday account.Company Overview
Motorola Solutions is there for our customers when everything is on the line. In extreme moments — when a hurricane lands or when a fire breaks out. And in everyday moments — when a package arrives just in time for the holiday or when a child doesn’t miss the school bus home.
We unify voice, data, video and analytics in one integrated ecosystem to enable individuals, businesses and communities to work together in more powerful ways. To help people make better decisions, act confidently and be their best in the moments that matter. Bring your passion, potential and talents to Motorola Solutions and connect with a career that matters.
Department OverviewOur IT organization isn’t just here to support our business. We’re here to reinvent it – by changing the way our customers, partners and employees interact with our company. To do that, we’re looking for people who bring great ideas and who make our partners’ ideas better. Intellectually curious advisors (not order takers) who focus on outcomes to creatively solve business problems. People who not only embrace change, but who accelerate it.
Job Description
MSI has a global and dynamic environment; threats to its information systems can come from many sources, both external and internal to the organization. MSI’s Internal Response team focuses on using out of the box thinking and machine learning to detect abnormal data security issues caused by inadvertent or intentional actions of personnel (employees, contractors, and partners). This role offers someone with an inquisitive mind the opportunity to sort out patterns from the noise and then rigorously investigate the findings. Ultimately, the insider threat analyst will contribute to a world class program to help keep MSI’s data secure so MSI can facilitate critical communications and help customers around the world be their best in the moments that matter.
MSI values collaboration, transparency, diversity, and continual innovation. Professional development is encouraged and supported. We are creating a team with a wide variety of skills, from technical expertise to investigative tenacity and interpersonal insight. Our team is made up of individuals who want to grow, try new ideas, and most of all, stop adversaries from harming our organization.
Summary:
Identify, investigate, and mitigate insider threats and external threats within MSI and produce Threat Reports (investigative leads) that document issues on computer misuse and various violations of policies; access and integrate information from MSI’s network monitoring tools and other data analytics tools/sources; and apply advanced technical, behavioral, and investigative solutions to ensure that MSI data remains secure.
Perform forensic analysis of digital information, gather and handle evidence using industry best practices.
Prepare case evidence and incident reports.
Work on special projects, as assigned.
May provide guidance and work leadership to less-experienced technical staff members.
Define behavioral analytic use cases to identify abnormal activity for investigation by Incident Response teams.
Document and adhere to a consistent detection mythology to ensure a defensible and consistent approach to identifying abnormal activity.
Coordinate with legal, privacy, and human resource partners on the intention and scope of the Insider Threat Program
Collaborate with Information Security teams on the development and operational use of Behavior Analytics platform (UBA).
Support automation efforts to streamline detection and response actions for incidents.
Help define operational metrics to define and measure the operational state of the Insider Threat program
Develop reports and metrics for leadership across Legal, Human Resources, and Office of Ethics and Compliance
Ability to analyze and understand technical information; author clear and concise reports and presentations
Skills and attributes for success:
Self-driven, creative, and can operate independently and improve the team as a whole
Security and investigative mindset
Continuously learning and identifying ways to advance MSI’s Internal Response team
Strong written and verbal communications, attention to detail, interpersonal and networking skills
Strong collaborative skills and proven ability to work with a diverse team of security professionals
Knowledge of Insider Threat Behavioral Models
Big-data platform implementation
Requirements:
Must be a U.S. citizen
Experience conveying complex information in simple, succinct explanations
Exceptional attention to detail
Comfort with ambiguity, and a self-starter capable of working cross-functionally with engineering, policy, legal, and other teams
Ability to work in a fast-paced, operational environment, including non-standard work hours in response to Information Security incidents
Excellent written communication skills and the proven ability to understand and present nuanced, complex technical information and metrics to both technical and nontechnical audiences
Desired:
Experience analyzing internal abuse, internal fraud, data loss prevention, or counterintelligence matters
Knowledge and experience using SIEM, User Behavioral Analytics, or Data Loss Prevention (DLP) products to execute complex search queries and generate reports
Experience conveying complex information in simple, succinct explanations
Forensics investigations and methodologies
Proficiency scripting in Python
One or more years working in Incident Response
Familiarity with GDPR and data privacy policies
Big-data platform implementation
Incident response/Security Operations Center background
Basic understanding of scripting languages
Basic Requirements
Bachelor’s Degree in Information Security or related degree
4+ years of experience in insider threat detection, audit, analysis, or investigative systems and procedures.
Able to obtain a Secret security clearance
Vaccine Requirement
Motorola Solutions is a U.S. Federal contractor and must comply with the recent U.S. Government Executive Order requiring that Federal contractors ensure that their U.S. employees are fully vaccinated against COVID-19 by January 4, 2022. Accordingly, Motorola Solutions requires all US employees, even those working from home, to be fully vaccinated unless entitled to a reasonable accommodation based on a qualified medical condition or religious belief.
If you are unable to be fully vaccinated due to a qualified medical condition or religious belief, you will be required to apply for a reasonable accommodation prior to moving forward with the recruitment process. As a part of this process you will be required to provide information or documentation about the reason you cannot be vaccinated. If your request for an accommodation is not approved, an offer for employment will not be made.
Travel RequirementsNone
Relocation ProvidedNone
Position TypeExperienced
Referral Payment PlanYes
Our U.S. Benefits include:
- Incentive Bonus Plans
- Medical, Dental, Vision benefits effective Day 1
- 401K with Company Match and Day 1 vesting
- 9 Paid Holidays
- Generous Paid Time Off Packages
- Employee Stock Purchase Plan
- Paid Parental & Family Leave
- and more!
EEO Statement
Motorola Solutions is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran's status, or, any other protected characteristic.