Business Analyst II

Business Analyst II

The Senior Analyst, Insider Threat, position is part of the Cyber Security Cyber Fraud team managing insider threat investigations globally while providing technical expertise to global incident response associates to help manage, identify, remediate, and mitigate cyber security incidents. This role is an individual contributor role working closely with other teams within
*** to properly respond to Cyber Security incidents and to protect
*** from Insider Threat attacks.

Key responsibilities include:

• Support the Met-CIRT Tier II in their daily fraud monitoring, insider threat, and other related activities.
• Review, triage, escalate, and respond to fraud and security events and incidents.
• Maintain awareness of emerging threats, especially those targeting the financial services industry.
• Partner with global working teams, gather the security requirements and recommend security products, services and/or procedures to enhance productivity and effectiveness.
• Partner with other teams and Tier II on user behavior analytics within our Security Information and Event Management.
• Perform Insider threat monitoring, analyzing and escalating to HR, Legal, Compliance, and other key stakeholders.
• Work with other teams within
  *** on privacy incidents escalated to Fraud team.
• Conduct investigations utilizing User Behavioral Analytics (UBA) tools and designated SIEM, internal resources, and conversations/interviews with persons of interest.
• Maintain Runbooks and Standard Operating Procedures (SOPs) for Insider Threat monitoring and Cyber Fraud Monitoring.
• Provide leadership and training to junior analysts.

Essential business experience and technical skills required:

• Bachelor's degree or higher in computer science, information systems or related field, or equivalent work experience.
• 5+ years of combined IT and Cyber Security related work experience.
• Experience analyzing raw log files (i.e. firewall, IDS, PCAP, system logs, web application), performing data correlation, and using SIEM or log management tools.
• Strong understanding of network protocols, TCP/IP fundamentals, and security infrastructure, command line tools, and regex.
• Familiar with eDiscovery tools, processes and procedures.
• Experience with data analytics tools to include PowerBI, User Behavioral Analytic tools, and Security Information and Event Management (SIEM) systems.
• Experience with Fraud, DLP, and insider threat.
• Relevant industry certifications such as CISSP, CCNA-Security, Security+, GIAC, and Six Sigma.

Preferred:

• Strong experience with Splunk or other Data Analytics tools.
• Experience using SIEM or other log management tools.
• Experience with machine learning techniques and big data analysis to implement automation solutions.
• Fraud monitoring experience and ability to interact with employees globally.