Sr User & Entity Behavior Analytics (UEBA) Analyst - Santa Ana, California | CareerCircle
Job thumbnail

Sr User & Entity Behavior Analytics (UEBA) Analyst

TEKsystems

02/21/2022

Posting ID: JP-002660117

×Not Interested
Save Job
Pin drop icon
Santa Ana, California
Full Time
Share:Facebook iconTwitter iconLinkedin icon

Description:

The User & Entity Behavior Analytics (UEBA) Analyst is a cybersecurity professional with experience identifying threats, vulnerabilities and exploitations, processing, analyzing and operationalizing cybersecurity intelligence, as well as other threat indicators in order to enhance detection and prevention of insider threats within the client's environment. In addition to this technical proficiency, the UEBA Analyst demonstrates excellent communication skills to include the ability to explain technical data relevance succinctly to the IAM Manager and Director, as well as other leadership team members.

Job Description

- The Sr UEBA Analyst will play a key role in developing and utilizing the risk-based scoring capability

- Collaborate with UEBA vendor support and cybersecurity engineers to best configure UEBA tools based on access and behavior

- Support Global Insider Threat Program (GITP) analytics, Identity & Access Management standards, and interpretive cybersecurity intelligence efforts in order to identify, monitor, or remediate Tactics, Techniques, privilege access exposure, and procedures used by potential or actual insider threats

- Utilize tools and processes to share intelligence information and support GITP investigations by collaborating with other information security teams

- Provide actionable insights, guidance, and subject matter expertise to the GITP UEBA Leadership

- Utilize cybersecurity intelligence to improve hunt and lead generation efforts through threat modeling

- Participate in proactive hunting exercises and searching for known indicators of malicious activity

- Coordinate with Data Loss Prevention, security operations, and incident response staff to tune and improve detection capabilities or to aid in investigations or respond to incidents

- Continue to enhance and tune the UEBA program to strengthen the privilege access management under the information security program

- Creates technical documentation and manages document lifecycle to support IAM Center of Excellence development and management

- Resolves provisioning/de-provisioning problems to obtain proper operations across all platforms

- Provide excellent customer service to all areas of the company; provide department interface with various teams within the client in support of information security initiatives. Maintain strict confidentiality in all matters dealing with information security.

- Required to perform duties outside of normal work hours based on business needs

Job Complexities & Impact

- Works on problems of moderate scope where analysis of situations or data is required

- Exercises judgment within defined policies, standards, and procedures to determine appropriate action

- Follows department processes and standards and may make recommendations to modify and/or streamline to drive maturity

- For any given problem scope takes the initiative to drive towards a solution and works to achieve set objectives

Supervision Received or Extended

- No responsibility for the supervision of others. Works under the general supervision of managers and senior leadership.

- Actively contributes to driving results for the IAM team and works towards achieving team goals and objectives. Uses subject matter expertise and collaborates with team members to drive successful outcomes.

- Willing to become a mentor to lesser experienced team members to achieve a greater outcome as a team and mutual growth

Skills:

IAM, Analysis & Problem Solving, Cloud Platforms, written and verbal skills

Additional Skills & Qualifications:

- Bachelor’s Degree or higher preferably in Information Technology, Information Security, Computer Science related field or any combination of equivalent education, experience, and formal training that allows you to meet the requirements of this job.

- Knowledge of the below industry expertise is preferred but not required

- An understanding of the intelligence cycle

- SANS SEC460: Threat and Vulnerability Assessment

- SANS SEC487: Open-Source Intelligence Gathering and Analysis

- SANS FOR578: Cyber Threat Intelligence

- Or any other Insider Threat related certification

- Additional UEBA-related industry certifications preferred but not required

About TEKsystems:

We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.

The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.

Contact Information

Recruiter: Jean Chambers

Phone: (410) 579-3072

Email: jchambers@careercircle.com

Related Courses

Blog