Insider Threat & DLP Analyst

NBCUniversal’s Cyber Defense Operations team is responsible for providing operational support for the layered defense of tools and capabilities deployed at NBCUniversal to support the Threat Operations lifecycle in a highly collaborative, fast paced, and agile fashion. The Insider Threat and DLP Analyst provides expert-level contributions to NBCU’s Cyber Defense Team by protecting the company's critical assets from internal threats and reducing overall risk. This position will be looked upon as a subject matter expert (SME) in the fields of data loss prevention and insider threat escalation. This position will report to the Sr Director of Cyber Investigation and Insider Threat and will act as a member of the Insider Threat team as an individual contributor, working tickets, escalating and responding to identified insider threats and reporting findings in a clear and concise fashion. The ideal candidate would have a working knowledge of current and relevant security technologies and how to apply them to cyber investigation activities. A clear investigative methodology with a focus on preserving evidence and analyzing data to form conclusions that will steer DLP and Insider Threat analysis. Experience working in Cyber Operations, dispositioning security alerts, escalating findings for action and evaluating business intention. Experience responding to multi-faceted security issues and assisting with the coordination of subsequent enforcement activities and efforts prioritizing mission critical elements is ideal. Finally, a successful candidate will effectively communicate the findings of key Cyber investigations and services to deliver succinct and biased free summaries to the Cyber Leadership. Responsibilities: Perform highly sensitive and confidential investigations, including some digital forensic analysis, involving internal risks such as employee misconduct, intellectual property theft, embezzlement, misuse, harassment, and physical security threats. Lead proactive efforts to identify, disrupt, and protect NBCU from any internal threats that may undermine the integrity and operations of the business. Work closely with HR, legal, and compliance teams to address insider threat incidents. Monitor user activity and behavior to detect signs of potential insider threats. Investigate suspicious activities and incidents related to insider threats. Triage and Analyze DLP Alerts Contribute to the development of DLP policies, rules, and best practices. Collaborate with IT and security teams to integrate DLP controls with other security measures. Provide on call response as required for major event support Conduct high level forensic analysis of physical devices and other electronic data sources in support of internal investigations and other legal requests using forensically sound processes. Provide subject matter guidance and work collaboratively with incident response and other cyber security teams in the event of a cross-functional investigation. Drive continuous improvement across the Insider Threat team and its processes. Utilize a range of data sources, systems, and tools to collect, search, recover, sort, and organize large volumes of digital evidence during all phases of the investigative process. Develop behavior anomaly capabilities as the landscape evolves. Maintain awareness of new tactics and techniques used by insider threats and industry best practices. Assist team leadership with the development, collection, and publication of metrics that illustrate team performance and highlight obstacles thwarting team potential.