|Published||September 17, 2022|
Insider Threat Specialists
EOE Statement We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law.
Insider Threat Specialists: Planning/Design/Implementation- Lead and collaborate on design and development of USPS CISO Insider Threat Program from conception through implementation.- The candidates will be a program management expert (not an intel analyst) within the Cyber Insider Threat arena with understanding of how to plan, identify stakeholders, develop a program and team.- The Candidates will hold strong skills in project management, communication, collaboration, and strategy development and written business case and proposal development. Lean management & RMM a plus.- Candidate will provide input to, facilitate and coordinate the roadmap and standup of the Insider Threat Program for USPS through (but not limited to) the following activities:#1 - Develop and Submit Insider Threat DAR: Sections include Business Case, Justification, ROI, etc.#2 - Develop Program; Identify and Engage Stakeholders and identify RACI (board Members; Legal, CIO, HR, Audit Teams, Unions/Labor, Communications, USPIS, etc.), Plan and document, Assemble the team, Train the team, Develop and incorporate Governance and Oversight; Develop Communications plan; Launce program; Audit the program#3 - Confirm/Develop Policies: Review policies for Insider Threat including Internal and External requirements, accountability and enforcement guidelines, BYOD rules, Social Media, Web Surfing, transfer of work materials, Remote access, Passwords, and Privileged Access, termination policies, etc.; Develop policies for Insider Threat Team/Analysts#4 - Develop Process: Training and Awareness; Develop process for Insider Threat Team including which types of alerts to evaluate (what is a credible threat?) , reporting, response and remediation steps#5 - Assess/Implement Technology: Review existing technology capabilities and limitations; Develop Baseline of normal Network Device Behaviors; Implement User Behavior Analytics tool#6 - Assess/Integrate Risk Management: Conduct a Risk assessment including trade secrets, salary data, proposal data, proprietary data, sponsor or Government National Security data, strategic plans, Personally Identifiable Information (PII), and your IT systems and servers, etc.; Identify Critical Assets and ensure plan is in place for each; Integrate Insider Threat into Enterprise Risk Assessments#7 - Perform Audit and Monitoring: Ensure access and logging to all identified Critical Assets; Monitor and Respond to Suspicious or Disruptive Behavior; Proactively identify and support management of Negative Environmental issues; Monitor User Activity and Implement User Behavior Analytics activities
CSOC has a need to staff Two (2) Resources in the CISO Insider Threat function within its area. While USPS CISO CSOC has multiple Insider Threat capabilities, it requires development of a formal program. The resources will develop the program from start to finish.EXPERIENCE LEVEL:Bachelors degree in an engineering/cyber discipline with at least 10+ years of professional experience; or equivalent experience/combined education; or 7 years of professional experience with a related Masters degree. PLUS2 years of leadership experience with planning and managing security engagements.EDUCATION:Bachelors and ten (10) years or more experience; or Masters and seven (7) years or more experience ; PhD or JD and four (4) years or more experienceCERTIFICATIONS: (One or more required)-CompTIA Net+-CompTIA A+-CompTIA Security +-CPTE - Certified Penetration Testing Engineer or CEH - Certified Ethical Hacker-CISSP, CISSP-ISSEP, CISSP-ISSAP, CISSP-ISSMP preferred-CISA - Certified Information Systems Auditor
Benefits We offer a comprehensive benefit package that includes 3 weeks paid time off, 2 weeks Holiday pay, medical/dental coverage, STD, LTD, Life Insurance, AD&D, 401k with up to 4% match, and end of year profit sharing paid out in 401k.
Number of Openings 2
Req Number INF-18-00006
Location Raleigh, North Carolina
This position is currently accepting applications.