Tays - Baltimore, MD

posted 14 days ago

Full-time - Mid Level
Remote - Baltimore, MD
Professional, Scientific, and Technical Services

About the position

The User Activity Monitoring Analyst at TAYS is responsible for monitoring and analyzing user activity to identify potential insider threats. This role requires expertise in ForcePoint, User Access Monitoring (UAM), and Data Loss Prevention (DLP). The analyst will conduct data triage, investigate anomalies, ensure compliance with security policies, and collaborate with the Security Operations Center to resolve incidents. The position is fully remote and requires strong analytical and communication skills.

Responsibilities

  • Conduct data triage of anomalous events collected by approved User Access Monitoring (UAM), Data Loss Prevention (DLP) and other client network and endpoint monitoring tools.
  • Monitor all types of network activity using UAM and User Behavior Analytics (UBA) tools to identify and report on viable response options.
  • Provide initial discovery and analysis of UAM alerts applying intelligence community analytic standards and critical thinking.
  • Notify designated personnel if a potential insider anomaly is detected and draft comprehensive analytical reports.
  • Process Insider Threat UAM alerts and preserve activity logs for future investigational viability.
  • Perform after action reviews of past system alerts to determine scope, urgency, and potential impact.
  • Collaborate with the agency Security Operations Center defense technicians to resolve insider threat incidents.

Requirements

  • Bachelors Degree in a technical field or relevant work experience
  • 5+ years of relevant work experience
  • 2+ years of experience with Forcepoint
  • Experience with UAM, DLP and SIEM software
  • Ability to obtain and maintain a Public Trust clearance

Nice-to-haves

  • Active Public Trust clearance
  • Prior SOC experience
  • Ability to obtain certifications in ForcePoint policy writing
  • Extensive scripting experience
  • Network Analysis
  • Microsoft Desktop Administrator or equivalent certifications
  • CompTIA Security+CE
  • CompTIA CySA+
  • CCNA Security
  • GICSP Certification
  • GSEC Certification
  • CND Certification
  • SSCP Certification

Benefits

  • Health, Dental, Vision insurance
  • 401k
  • 15 days of PTO to start
  • 11 federal holidays
  • 2 floating holidays
  • Tuition/Certification Reimbursement
  • LinkedIn Learning access
  • Quarterly team events for bonding or community service
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service