Job Responsibilities
Insider Threat Analyst is an operational role within Group Security Operations Center. The incumbent will be responsible for the continuous monitoring, analyzing, and investigating of insider threats and data leakage incidents. He/She must have good analytical and investigative skills to recognize and detect anomalous behavior.
Key Responsibilities
- To participate in the day-to-day monitoring, triaging, and investigating of potential suspected anomalous usage behavior alerts
- To work with internal teams to validate alerts within stipulated SLA
- To perform analysis on usage behavior trends to discover potentially fraudulent activities
- To perform continuous review and improvement on current monitoring operations to enhance effectiveness of monitoring
- Work with external partners to resolve issues or implement improvement to monitoring
- To gain good understanding of internal business applications to be able to analyze, recognize and identify potentially anomalous activities
- Investigate Data Loss Prevention (DLP) alerts and escalate DLP incidents in accordance to the DLP incident response and handling procedures
- Carry out DLP System Ruleset change requests in accordance to change management procedures
- Support management reporting of DLP incidents and statistics for ad-hoc and monthly reporting
- Coordinate DLP audit requests; respond to questions or reporting requirements from local authorities as required
- To work with internal cyber security teams to ensure investigations are comprehensive and to track and follow up on all escalated incidents to closure
Job Requirements
Education
- Diploma/Degree in Business Information Technology/Business Analytics from recognized academic institutions
Technical Skills and Experience
- Minimum 2-5 years of relevant experience as an insider fraud/threat analyst in a financial institution
- Excellent analytical and investigative skills
- Prior experience with analytical platforms
- Experienced with working with machine learning enabled platforms would be advantageous
- Experience with administration and operation of DLP Systems preferred
- Experience in development and fine tuning of DLP Ruleset preferred
- Knowledge of Cyber Security would be advantageous
- Relevant working experience in SOC environment and related processes will be added advantages
Soft Skills
- Good communication skills
- Strong analytical and problem-solving skills
- Ability to adhere to work processes and procedures
Other Requirements
- Ability to work independently
- Ability to work well with the rest of the team and department