Insider Threat - Cyber Intel Analyst - Military Veterans

Company: Lockheed Martin Corporation
Location: Denver
Posted on: November 22, 2021

Job Description:

MILITARY VETERANS **Description:** This Lockheed Martin /(LM/) Cyber Intelligence Analyst position will report to the Computer Incident Response Team /(CIRT/) Insider Threat Associate Manager within Corporate Information Security /(CIS/)/. The position will be required to obtain and maintain a DOD clearance, as well as the ability to adhere to the highest standards of ethics and professional conduct/. This is a highly hands/-on technical role and candidates must be comfortable working in a dynamic and fast/-paced operational environment, which occasionally can require the flexibility to work off hours/.This role utilizes expertise in data analytics of various operating system, network, and security infrastructure logs to identify potential insider threats within the organization/. The position is responsible for developing new detections leveraging statistical analysis and machine learning, integrating those detections into an existing framework/. In addition, the position would be focused on advancing the existing framework to incorporate prediction machine learning models and striving for autonomous decision making/. This position relies on in/-depth knowledge of Splunk's Machine Learning Toolkit, and utilization of built in statistical anomaly detection/. The role will work with various teams within the organization when additional logging is needed and provide detections supporting the Insider Threat and Investigations missions/.Responsibilities include, but are not limited to, the following:/- Sustainment and maintenance of machine learning models, detections, and baselines supporting the Insider Threat mission/./- Development of additional data sets and baselines that further advance framework leveraged by the Insider Threat team/./- Development and advancements of detections leveraged by framework to build out risk awareness within the corporation/./- Development of integrations between coding platforms to support Insider Threat mission/./- Ability to work with teams outside of the Investigations group to understand broad mission sets and provide high fidelity indicators for those groups/.We are looking for candidates with a strong work ethic, capable of learning quickly, and operating independently/. Candidates must have good communication skills and have experience in forensic analysis and insider threat detection/. Domain knowledge and experience in cyber security trade craft is also welcomed/.WORK LOCATIONS FOR THIS POSITION ARE; Rockville, MD - Orlando, FL - Denver, CO/. Remote work capabilities can be discussed/. Relocation is not included/.**Basic Qualifications:**/- Ability to obtain and maintain appropriate DOD security clearance/- Bachelor's degree from an accredited college in a related discipline, or equivalent experience/combined education, with 5 years of professional experience; or 3 years of professional experience with a related Master's degree/- Demonstrated experience in data analytics, data science, and/or machine learning use case development/- Unix/Linux command line experience/- Demonstrated experience building scripts and detections utilizing different programming languages /(Python, SPL, YARA, Powershell, etc/./)/- Demonstrated experience and proficiency with SIEM tools /(Splunk, Kabana, Graylog/)**Desired Skills:**/- Demonstrated effective organizational, technical, customer service, and teaming skills/- Strong verbal and written communication skills/. Candidate must be able to effectively convey ideas and analysis findings to investigators, senior management, team members, and other people throughout the company as a Subject Matter Expert/- Demonstrated problem solving skills and self/-starter work style: Additional work experience in any of the following areas is a plus: intelligence analysis, system administration, information assurance, or network security/architecture/- Demonstrated experience in creation of custom content in Splunk /(Reports, Dashboards, Alerts/)/- Demonstrated experience in utilizing Splunk Applications /(Machine Learning Toolkit, Enterprise Security, Splunk UBA, Splunk Phantom/)/- Conceptual understanding of security issues facing enterprises including economic espionage and insider threats/- Conceptual understanding of the Lockheed Martin Cyber Kill Chain and Intelligence Driven Response/- Hold one or more certifications, such as: Splunk Certified Power User, SANS GIAC /(e/.g/. GSEC, GCFE, GCFA, GCIH/), CFCE, CCFE, ENCE, ACE, or CISSP**BASIC QUALIFICATIONS:**job/.Qualifications**Lockheed Martin is an Equal Opportunity/Affirmative Action Employer/. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status/.**Join us at Lockheed Martin, where your mission is ours/. Our customers tackle the hardest missions/. Those that demand extraordinary amounts of courage, resilience and precision/. They're dangerous/. Critical/. Sometimes they even provide an opportunity to change the world and save lives/. Those are the missions we care about/.As a leading technology innovation company, Lockheed Martin's vast team works with partners around the world to bring proven performance to our customers' toughest challenges/. Lockheed Martin has employees based in many states throughout the U/.S/., and Internationally, with business locations in many nations and territories/.**EXPERIENCE LEVEL:**Experienced Professional

Keywords: Lockheed Martin Corporation, Denver , Insider Threat - Cyber Intel Analyst - Military Veterans, Professions , Denver, Colorado