Vacancy caducado!
The Department of the Navy established the Insider Threat Program in 2018 to prevent, detect, deter, and mitigate the impact of threats to Navy personnel, facilities, information, equipment, networks, and systems posed by individuals entrusted with access to or knowledge of the Navy’s critical assets and key resources. Under the direction of the Deputy Chief of Naval Operations for Information Warfare, the Navy Insider Threat Program is focused on acquiring and maintaining information protection technologies and associated support capabilities that enable the Department of the Navy to detect, analyze, and coordinate the mitigation of insider threats.Red Gate supports the Navy Insider Threat Program by providing both executive- and basic-level services. Executive-level support includes short-term projects, special studies, strategic analyses, and senior leadership briefings. Basic-level support includes analytical, technical, programmatic, and financial management support; research and data collection; policy support; and other ad hoc tasks and assignments. The Information Assurance/Hub and User Activity Monitoring (UAM) Analyst provides analytic support in gathering, integrating, assessing, and referring information concerning potential insider threats that informs and enables effective response/mitigation by command, investigative, and other authorities to protect Navy personnel, information, and resources.ResponsibilitiesServe as a member of a government-led Insider Threat Fusion Cell/Analysis Team, with a focus on information assurance, computer network defense, and information security.Collect and analyze information received from deployed agents on the Insight Anomaly Detection System.Assist in the development and management of insider threat detection programs.Perform one or more of the following functions: information assurance, cyber threat analysis, incident response, intrusion detection, network/computer forensics, data loss prevention, enterprise audit analysis, and/or audit/anomaly threat detection.Conduct information technology audits, incident response, and/or network monitoring at the enterprise level using automated security tools.Assist in the development and implementation of cyber, information assurance, security, and insider threat collection, analysis, and production tradecraft.Assist in the integration and analysis of multiple relevant security data sources.Assist in generating analysis reports and briefing other team members and/or senior management on analytical findings.Develop insider threat and counter-insider threat tactics, techniques, and procedures, and supporting documentation.Conduct security audit scans on software and hardware in the performance of assigned duties.Provide training, as requested, on the use of government audit/anomaly threat detection technology.Receive automated UAM/audit data and alerts from sensors deployed on the Navy’s classified and unclassified networks, conduct initial analysis, and provide feedback on data collected to detect cyber and insider threats.Maintain and report weekly, monthly, quarterly, and annually on metrics associated with analytic operations.Perform analyses of audit data and alerts to identify anomalous/suspicious activity, possible policy or security violations and the individuals responsible, other network or systemic risks presenting an avoidable opportunity for a malicious insider to exploit, and potential insider threats.Document and forward findings to a government reviewer for further action.Provide final analysis and assessment results to the government and assist the government in resolving identified discrepancies.Coordinate with applicable points of contact across the client organization to resolve audit alerts as required by documented standard operating procedures for monitoring, detection, response, and reporting.Collaborate with government leads to develop dashboards, filters, and audit policy triggers for audit capabilities and assist in refining triggers based on the analysis of evolving anomaly event activities across Navy classified and unclassified networks.Support government team leads by engaging with other organizational elements to maintain awareness of known Advanced Persistent Threats, the evolution of cybersecurity and insider threat technology and methodology, and other related focus areas that could impact operational mission objectives.Work with other team members and departments within the client organization to conduct security scans and implement standard technical installation guides and manual test procedures to test and document results pertaining to the security posture of the system.Evaluate existing system policies, modify policies to achieve program objectives, and/or develop new policies.Capture, document, develop and deliver lessons learned related to program operations, including technical/programmatic gaps, identifying successes and failures, and recommended solutions.Assist in the development of business processes and workflows (technical or functional), standard operating procedures, and other program documentation.Employ current best practices and state-of-the-art cyber, information assurance, security, and insider threat tactics, techniques, and procedures.Participate in meetings, working groups, system demonstrations, and conferences as needed.Provide briefings and presentation materials, conference or meeting materials, technical memoranda, and administrative reports.Work with multiple organizations within the Navy responsible for systems control, integration, testing, security, and maintenance, as well as appropriate privacy and legal authorities and external partners.Provide weekly status reports to government team leads, including work performed during the week, accomplishments, plan for work to be performed during the upcoming week, identification and discussion of any risks or issues related to assigned tasks, and target delivery dates of associated products.
Vacancy caducado!