Insider Threat Intelligence Analyst

Northern Trust•Chicago, IL

13d

About The Position

Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service. Northern Trust is seeking an experienced Insider Threat Intelligence/Counter-Intelligence Analyst to join our Security Operations team. In this role, you will lead our insider-threat intelligence operations to proactively collect intelligence on nation-state insider threat activities and drive operations to identify potential insider threat activities to Northern Trust. The ideal candidate will have a deep understanding of nation-state espionage and cyber espionage activities and will be responsible for leading insider threat investigations.

Requirements

5+ years of experience in cybersecurity or the US Intelligence Community, preferably in Foreign Intelligence Operations, Human Intelligence (HUMINT), Cyber Espionage, and Counter-intelligence operations.
Initiate and carry insider threat investigations end-to-end.
Strong understanding of Nation-state Insider threat activities, their TTP’s, plans, intentions, and motivations.
Understanding of Nation-State Offensive Cyber Operations
Understanding of Supply-Chain risks, particularly vendors and technology attributed to nation-state intelligence activities.
Ability to drive new and complex insider intelligence projects to completion.
Communicates and presents findings to various stakeholders and consumers, to include Senior executives.

Nice To Haves

Completed and certified in an US Military or US government Source Operations Course
Experience as a Counter-Intelligence Agent or Counter-Intelligence Referent
Completed certifications from the Joint Counter-Intelligence Training Academy (JCITA)
Understanding of HUMINT Technical Operations (HUMINT Tech Ops)

Responsibilities

Identify Priority Intelligence Requirements (PIR’s) for state-sponsored espionage and insider threat activities.
Collects, analyzes, and processes intelligence reporting on state-sponsored intelligence operations targeting the US and Global Financial Sector.
Lead development of the Insider Monitoring program.
Collaborate across organizations, to include with Insider Hunting, Cyber Threat Hunting, and Insider Risk teams.
Engage with government partners and intelligence-sharing organizations.
Support Insider Hunt and Threat hunt operations to identify potential Insider Threat techniques, tactics, and procedures (TTP’s)
Support Purple Team operations to emulate nation-state insider threat TTP’s
Support Detection Engineering to tune security controls and detections for Insider Threat activity.
Supporting technical investigations and collaborates with the Insider Hunt team to identify malicious/risky behaviors to be escalated.

Benefits

Northern Trust provides a comprehensive benefits package including retirement benefits (401k and pension), health and welfare benefits (medical, dental, vision, spending accounts and disability), paid time off, parental and caregiver leave, life & accident insurance, and other voluntary and well-being benefits.
Northern Trust also provides a discretionary bonus program that may include an equity component.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume