Settings

CAREERS

Insider Threat Program, Senior Threat Engineer

📁
Risk Management/Compliance
📅
63965 Requisition #
Apply for Job
Share this Job
Sign Up for Job Alerts

Insider Threat Program, Senior Threat Engineer Northern Trust is seeking motivated candidates to join our insider threat team. Our mission oriented team is responsible for protecting the confidentiality, integrity, and availability of Northern Trust people, technology, information, facilities, and reputation from malicious or unintentionally negative actions by Northern Trust partners, contractors, vendors, and trusted business partners. 


 Northern Trust has an immediate opening on the team for a motivated Insider Threat Program, Senior Threat Engineer who is up to date with the latest Insider Threat detection tools and techniques. This is a challenging yet rewarding position that provides an opportunity to leverage cutting edge technologies in pursuit of a vital mission that protects people, sensitive information/technologies, and the security posture of Northern Trust.


The work will be performed in the newly created Insider Threat Center, in Chicago This role must be able to prioritize work efforts - balancing operational tasks with longer-term strategic insider threat efforts.


Key Responsibilities

• Lead insider threat ethical hacking operations conducting in depth assessments and penetration tests against networks, endpoints, web/mobile applications, IOT devices, etc. to find design flaws and prevent insider threats from conducting malicious activity

• Triage data of anomalous events collected by User Activity Monitoring (UAM) Tools, and other data analytics tools, DLP, SIEM technologies, and sources to decipher underlying trends or uncover anomalies and discern obscure patterns and attributes of potential insider threat activity 

  • Performs independent assessments, ensuring that the processes, procedures, and designs of Northern Trust systems will be effective, functional and secure with the ability to deter, detect, and mitigate insider threats

• Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, i.e. fraud, theft, sabotage, and espionage

• Evaluates and applies insider threat (e.g. NITTF, CERT) best practices, policies and instructions to the insider threat program

• Provides guidance on potential insider threat investigations to program stakeholders on methodologies/techniques

• Collaborates with cross-functional teams of legal, privacy, human resources, cyber, and physical security functions to perform independent verification and validation analyses

• Prepares reports, presentations, research, and other program deliverables related to insider threat program assurance analyses performed Additional responsibilities will include:

• Collecting, analyzing, and interpreting qualitative and quantitative data from multiple sources for the purpose of documenting investigations, analyzing findings and provide insider threat metrics

• Experience with insider threat hunting, monitoring, investigations, techniques and technologies

• Collaborate with Insider Threat Team partners, data analytics team, and NTC3 to develop innovative Insider Threat capabilities to further enhance our proactive and reactive analytical process

Preferred Skills and Education:


• 7 years or more experience with a degree(s) in Systems Engineering, Information Systems, Business Process Engineering or other technical or behavioral degree related to the critical thinking disciplines of counterintelligence, investigations, and law enforcement o Working knowledge of interpreting and applying NIST, CERT, and NITTF standards in all program/system development life-cycle phases

o CPTE - Certified Penetration Testing Engineer or CEH - Certified Ethical Hacker

o Prior US Government (USG or USIC) experience is highly preferred

o Excellent writing and communication skills are required, and ability to interact/facilitate extremely well in group meeting/working environments.

o Expert level skills with UNIX, Linux, and/or Windows

o Ability to program effectively in at least one language such as Python, Ruby, or Java

o Great interest in both breaking and building to support insider threat operations Preferred but not required certifications:

• Insider Threat Program Manager Certification (ITPM)

• Insider Threat Vulnerability Assessor Certification (ITVA)

• Certified Counterintelligence Threat Analyst Certification (CCTA)

Previous Job Searches

My Profile

Create and manage profiles for future opportunities.

Go to Profile

My Submissions

Track your opportunities.

My Submissions

Similar Listings

United States, Illinois, Chicago

📁 Risk Management/Compliance

Requisition #: 74304

United States, Illinois, Chicago

📁 Risk Management/Compliance

Requisition #: 71919

United States, Illinois, Chicago

📁 Risk Management/Compliance

Requisition #: 74196

Reasonable Accommodation
Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the employment process, please email our HR Service Center or call 1-800-807-0302 (North America), +630-276-5353 (Asia Pacific), +44(0)207 982 4357 (Europe, Middle East and Africa) and let us know the nature of your request and your contact information.

Equal Employment Opportunity Statements
  • APAC EEO Statement
    • APAC EEO STATEMENT

      It is the policy and practice of Northern Trust to provide equal employment opportunities to all employees and applicants. Northern Trust does not discriminate on the basis of race, colour, religion or belief, nationality, ethnic or national origin, sex, marital status, sexual orientation, disability or age. All employment decisions will be made in a non-discriminatory manner in accordance with our obligations under the law and codes of practice. This includes human resources’ decisions relating to recruitment, terms and conditions of employment, transfers, promotions and access to learning and development.

  • Canada EEO Statement
    • Canada EEO STATEMENT

      Northern Trust is an Equal Opportunity Employer. Hiring and other employment decisions at Northern Trust are made without regard to race, colour, religion, sex, ancestry, national origin, ethnic origin, age, disability, citizenship, veteran status, sexual orientation, record of offences, marital status, family status, or any other characteristic protected by federal, provincial, or local law, regulation, or ordinance.

  • EMEA EEO Statement
    • EMEA EEO STATEMENT

      It is the policy and practice of Northern Trust to provide equal employment opportunities to all employees and applicants. Northern Trust does not discriminate on the basis of race, colour, religion or belief, nationality, ethnic or national origin, sex, marital status, sexual orientation, disability or age. All employment decisions will be made in a non-discriminatory manner in accordance with our obligations under the law and codes of practice. This includes human resources’ decisions relating to recruitment, terms and conditions of employment, transfers, promotions and access to learning and development.

  • USA EEO Statement
    • USA EEO STATEMENT

      It is the policy of The Northern Trust Company to afford equal opportunity in all phases of employment without regard to an individual's age, race, color, religion, creed, gender, national origin, citizenship status, marital status, pregnancy, sexual orientation, gender identity, gender expression, genetic tests and information, physical or mental disability, protected veteran status or any other legally protected status. EEO poster (U.S.)EEO is Law Poster Supplement