CI&I Data Exfiltration Investigator - Tewksbury, MA
About The Position
As a CI&I Data Exfiltration Investigator, you will possess and demonstrate extensive knowledge, training, and experience as it relates to identification and investigation of potential insider threats (InT) within the realm of data exfiltration. You will possess in-depth experience with User Activity Monitoring (UAM), SPLUNK (SIEM) and Endpoint DLP. While your primary focus will be within the data exfiltration arena, you must also possess and demonstrate extensive knowledge of CI principles, have an expert level understanding of potential InT indicators and behaviors, with the ability to rapidly triage and assess multitude of cyber-related behaviors with the objective of distinguishing between actual threats and false positives. Conduct other investigations as necessary, may be required to assist CI&I Investigations Team.
Requirements
- Experience with User Activity Monitoring (UAM), SPLUNK (SIEM) and Endpoint DLP, or similar tools that are utilized in Insider Threat (InT) identification and mitigation.
- Experience with identifying, collecting and analyzing data/metrics for leadership.
- Experience with computer operating systems, computer networking and computer vulnerabilities.
- Experience with Microsoft Office and O365.
- Typically requires: A University Degree or equivalent experience and minimum 8 years prior relevant experience, or An Advanced Degree in a related field and minimum 5 years experience
Nice To Haves
- Certification by a federal credentialing counterintelligence or investigative agency.
- Prior Law Enforcement Experience.
- Hands-on experience with investigations involving CI, SCI, SAP, and/or ITAR/EAR violations.
- Familiarity with DoD Manual 5205.07 Volumes 1 thru 4.
- Familiarity with DoD 5200.01 Volumes 1 thru 3, and incident reporting process in accordance with DoD 5200.01 volume 3.
- 32 CFR Part 117 National Industrial Security Program Operating Manual
- Familiarity with Computer Forensics methodologies and techniques.
Responsibilities
- Operate independently providing expert-level data exfil investigative capabilities that include, but not limited to:
- ndependently plan and conduct Data Exfiltration investigations that result in sound outcomes/determinations, capable of withstanding judicial/administrative scrutiny into noncompliance with Customer regulatory requirements, Company policies and procedures, and violations of the law.
- Write detailed, highly professional reports summarizing investigative steps/actions.
- Conduct a wide range of employee interviews, to include challenging subject interviews of those suspected of wrongdoing.
- Ensure all relevant case artifacts (unless prohibited) are securely stored in the Resolver Case Management System.
- Closely collaborate with other CI&I members, GSS colleagues, and cross-functional partners.
- Collaborate with and provide timely feedback to our partners in Enterprise Services (ES) as it relates to the refinement of tools and processes used in identifying potential indicators of concern.
- For matters involving culpability of cleared employees, ensure cognizant FSOs are provided with necessary investigative details for required adverse information reporting obligations.
Benefits
- medical
- dental
- vision
- life insurance
- short-term disability
- long-term disability
- 401(k) match
- flexible spending accounts
- flexible work schedules
- employee assistance program
- Employee Scholar Program
- parental leave
- paid time off
- holidays
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
