Insider Risk Engineer - Cyber

Software Resources has an immediate, direct hire job opportunity for an Insider Risk Engineer - Cyber with a major corporation in Phoenix, AZ.

4 days per week on-site, Friday Remote.
Must Haves:

• Insider risk experience
• User Entity Behavior Analytics (UEBA)
• Must be able to integrate API with the tool and build the API
• Cyber Security experience and development expertise.
• C# .net, Python, API Development
• CISSP CISM Desired but not required
• No front End
• More API Backend candidate.
• UEBA Tools:
  • Gurucul
  • Securonix
  • Exabeam
  • Teramind
  • Splunk UBA
  • Microsoft Sentinel
  • Rapid7
  • LogRhythm
  • OpenUBA
  • Graylog
  • Wazuh
  • Apache Metron
  • HELK
  • Apache Spot
  • CrowdStrike Falcon
  • Palo Alto Cortex
  • ActivTrak
  • XSOAR
  • SIEM
  • SEIM
  • XSIAM

As a Insider Risk Engineer - Cyber you'll work both independently and as part of a cohesive team to manage and provide ownership of innovative threat detection, security audit, and logging solutions. You'll take the lead to communicate, collaborate and justify cyber recommendations to a broad base of stakeholders throughout the IT, Cyber and Audit department. Our Insider Risk Program is a strategic initiative within the Security Risk & Compliance function, supporting the bank's growth into a Large Financial Institution. It focuses on identifying, preventing, and mitigating risks to the bank and its customers that may arise from inadvertent or intentional actions by employees, contractors, or third parties.

As the Insider Risk Engineer, you'll be a key member of a multidisciplinary team that partners closely with Data Security, the Security Monitoring Center, Privacy, Legal, and HR, among others. You'll manage the full stack (front end and back end) of applications utilized to help prevent, detect and respond to insider risk events of interest. You'll own the review and development of new processes and technologies to enhance the program's ongoing maturity. Additionally, you'll lead the continuous review and improvement of the defense, auditing, access standards, tactics, and techniques to meet regulatory guidelines as well as owning the resiliency of insider risk applications and platforms via routine disaster recovery exercises. You'll partner with vendors routinely to optimize insider risk products, as well as ensure costs/licenses do not exceed expectations, while maintaining capacity planning to ensure quality and value delivery of insider risk program objectives.

• Proactively identify and fix issues to improve backend service scalability, resiliency, and fault tolerance. Respond to insider risk events of interest in a timely manner alongside team members and key stakeholders. Respond to audit inquiries and ensure processes and procedures are within regulatory guidelines.
• Foster the highest level of engineering practices and follow relevant company procedures, in addition to being held accountable for relevant documentation.
• Design and implement advanced detection logic to surface subtle behavioral anomalies indicative of insider risk across diverse data sources.
• Continuously refine and tune Insider Risk policies to reduce false positives and improve signal-to-noise ratio in alerting workflows.
• Engineer scalable data pipelines to ingest, normalize, and correlate identity, access, and activity data for risk modeling.
• Collaborate with security monitoring, threat intelligence and modeling teams to incorporate contextual enrichment and behavioral baselines into Insider Risk analytics.
• Prototype and evaluate emerging technologies (e.g., ML models, graph analytics) to enhance Insider Risk detection capabilities.
• Revisit Insider Risk tooling architecture design routinely with vendor and peers to either or all: minimize cost, optimize performance, scale, and meet new requirements.

What You'll Need:

• 6 years of related experience in IT--Security, IT--App Support, IT--Development or similar field.
• Bachelor's degree in related field required.
• Previous leadership experience preferred.
• Advanced knowledge of general Financial Services or Banking is preferred.
• Advanced to expert experience with and knowledge of Linux, Python, PowerShell, SIEM and Bash. Solid understanding of authentication protocols SAML, SSO, and LDAP. Solid understanding of concepts regarding SIEM, SOAR, Firewall, Proxies, SSL/TLS, Secure Mail Gateways, Application Firewalls, NAC, Vulnerability Scanners, and EDR.
• Advanced experience with logging infrastructure concepts: syslog; log parsing; log de-duping; methods for log pulling; RFC 5424; CEF Format; JSON; key value pair format; log enrichment; log maintenance; log troubleshooting.
• Solid understanding of load balancers, DNS, SMTP, etc. for troubleshooting application functionality.
• Advanced experience of NIST, MITRE and Administration of either or all of an IT Automation platform, SOAR, Firewall, IAM platform, SIEM, cloud cyber defense platform etc.
• Hands-on experience deploying and operating a User & Entity Behavioral Analytics (UEBA) platform in a mid-large sized corporation, preferably in Financial Services.
• Expertise building Application Program Interfaces (APIs) from source systems of record to bring technical and non-technical indicators into the UEBA.
• Intermediate - Advanced ability to query and extract data from security monitoring systems (e.g., SIEM, EDR, NDR, etc.) for performing Insider Risk analysis.
• Experience correlating UEBA signals with identity, access, and data movement logs to detect anomalous behavior.
• Familiarity with government and industry best practice frameworks for managing Insider Risk (e.g., Carnegie Mellon, SIFMA, MITRE, NIST, etc.).
• Ability to translate behavioral indicators into risk scoring models and escalation thresholds.
• Experience working cross-functionally with Legal, HR, and Compliance teams to investigate and respond to Insider Risk cases.
• Advanced speaking and writing communication skills.

Benefits you'll love:
We offer all the important things you'd want like competitive salaries, an ownership stake in the company, medical and dental insurance, time off, a great 401k matching program, tuition assistance program, an employee volunteer program, and a wellness program. In addition, you'll have the opportunity to bolster your business knowledge, learning the ins and outs of how successful companies operate and manage their finances, giving you invaluable hands-on experience to help grow your career!

If this position fits interests you, we encourage you to apply.