Experience Inc. Jobs

Job Title: Insider Risk Engineer Location: CityScape What you'll do: Western Alliance Bank's (WAB) Business Information Security Office is responsible for analyzing and conducting assessments of insider related risks and vulnerabilities identified by the WAB Insider Risk Program, including policy violations, system alerts, and other reported threats to the confidentiality, integrity, and availability of information assets. The role will coordinate investigations involving a variety of highly technical and/or business functional stakeholders across the WAB enterprise. This is key to ensuring the proactive management of insider-related risk services in compliance with Western Alliance Bank policies, standards, and frameworks. This individual will work as part of a matrixed team of cybersecurity professionals in a structure designed to help them succeed in delivering best-in-class security to this stakeholder group. Facilitate/conduct investigations by analyzing and verifying information through various investigative techniques, internal resources, forensics, and Insider Risk tools such as Data Loss Prevention, Endpoint Detection and Response, Network Traffic Analysis & Deceptive Technology to detect malicious lateral movement & privilege escalation in On-prem and Cloud environment. Identify the technical requirements for accessing data for insider risk analysis. Provide actionable Insider risk analysis for remediation on all escalations. Facilitate Triage of potential Insider Risk events with cross-functional partners. Collaborate with internal teams to drive Insider Risk program continuous improvement. Assess and make recommendations for improvement and refinement of use cases, software tools, and other risk reduction methods used to improve the Insider Risk Program. Create analytical and data visualization tools to automate the analysis of large dataset and correlate with other sources and apply advanced analytics to identify insider anomalies. Develop insider risk indicators that fuse data from multiple sources. Design, Build, and Maintain operational data store for insider risk and security program data in secure manner and according to industry best practices and regulatory requirements. Develop and implement software and data applications in both our existing stack (SQL Server on Azure VM, Python on Azure Linux VM) and coding for our planned future state (Azure SQL, Azure Linux VM, Master Data Management, etc.). Stay current with the latest cyber threats, attacks, and vulnerabilities, and updated with evolving and emerging attack techniques and methods. Maintain and update related insider risk documentations such as IT Standards and Standard Operation Procedures and carry out activities specified in these artifacts. Participate in various cybersecurity exercises such as cyber tabletop and BCP. What you'll need: Bachelor's degree from a four-year college or university and ten (10) or more years of related experience and/or training;or a combination of experience and education. Work related experience must include security experience as an insider risk/threat analyst, or security engineer, or a similar role in a Financial Institution environment. Hands on experience with investigative and/or insider risk tools, such as UEBA, DLP, EDR, Computer Forensics, Monitoring, Elastic SIEM, Incident Response, Databases, or data visualization tools in On-prem and Cloud environment. Proven experience using analytical and data visualization tools to automate the analysis of large dataset and correlate with other sources of information. Understanding and/or working knowledge of insider risks in the Dark and Deep Web underground forums. Working knowledge of Azure, Azure SQL and serverless compute environments. Experience developing Restful APIs, SQL data warehouses or data marts involving the extraction, transformation, and loading