HealthEquity
Insider Threat and DLP Principal Analyst
HealthEquity, Draper, Utah, United States, 84020
Insider Threat and DLP Principal Analyst Job Locations
US-Remote
Overview
We areCONNECTING HEALTH AND WEALTH.Come be part of remarkable.
How you can make a difference
The Insider Threat Mgr is responsible for leading the Insider Threat, Data Loss Prevention, and Incident Response programs. A deep understanding of insider threat management, including program planning, risk identification, and operational execution is essential to this role. This role also requires proven expertise in developing and leading insider threat teams, crafting effective communication strategies, and implementing comprehensive security programs that safeguard organizational assets and data.
What you'll be doing Lead and collaborate on the maturity of the Insider Threat Program, Data Loss Prevention (DLP) Program, and Incident Response Program, with a focus on SOAR automation to streamline response processes. Review and update DLP and Incident Response policies, recommending modifications to enhance automated detection and response capabilities through SOAR. Develop strategies to prevent insider threat behavior, data leakage, or incidents by leveraging automated detection and response systems. * Develop roadmaps for continuous improvement of the Insider Threat, DLP, and Incident Response Programs, ensuring SOAR automation is fully integrated into detection and remediation processes. Build processes for evaluating DLP alerts and automating response workflows using SOAR, including incident classification, automated responses, and coordination with key stakeholders. * Review current technology capabilities, identify gaps in the DLP, Insider Threat, and SOAR ecosystems, and build a business case for new technologies if necessary. Evaluate new technologies and tools to improve DLP monitoring, insider threat detection, and incident response capabilities. Conduct analytical and critical thinking to assess DLP-related incidents, leveraging SOAR tools to identify trends, automate response actions, and recommend mitigation strategies. * Provide advice and expert guidance on data security issues and SOAR integration, focusing on automating the remediation of insider threats and external adversaries. Build and implement processes and technologies to detect and respond to high-risk insider and data activities, either accidental or malicious. Design reporting mechanisms for potential or actual DLP violations, insider threats, and automated incident responses * Coordinate and collaborate with the SOC, IT, Help Desk, Fraud, Corporate Physical Security Risk teams, and Business Units (BUs) to mitigate risks and automate responses through SOAR for identified risks. Develop technical support documents, summaries, reports, presentations, and other materials related to DLP, SOAR integration, and Incident Response. * Conduct regular risk assessments on critical assets, including trade secrets, PII, proprietary data, and IT systems, ensuring logging, monitoring, and automated responses are in place for all identified critical assets. Monitor and respond to suspicious or disruptive behaviors related to data loss or insider threats, ensuring incidents are automatically detected, escalated, and remediated using SOAR tools. * Present briefings to leadership and key stakeholders on emerging risks, SOAR-driven efficiencies, and program performance. Develop a DLP and SOAR training curriculum for team members, ensuring proficiency in utilizing SOAR tools for automated detection, escalation, and remediation workflows. Collaborate with law enforcement, industry experts, internal stakeholders, and external peers to enhance the Insider Threat and DLP detection models, SOAR-driven response techniques, and incident response automation. * Oversee daily operations and management of the DLP Program, SOAR-based response... For full info follow application lin k.
US-Remote
Overview
We areCONNECTING HEALTH AND WEALTH.Come be part of remarkable.
How you can make a difference
The Insider Threat Mgr is responsible for leading the Insider Threat, Data Loss Prevention, and Incident Response programs. A deep understanding of insider threat management, including program planning, risk identification, and operational execution is essential to this role. This role also requires proven expertise in developing and leading insider threat teams, crafting effective communication strategies, and implementing comprehensive security programs that safeguard organizational assets and data.
What you'll be doing Lead and collaborate on the maturity of the Insider Threat Program, Data Loss Prevention (DLP) Program, and Incident Response Program, with a focus on SOAR automation to streamline response processes. Review and update DLP and Incident Response policies, recommending modifications to enhance automated detection and response capabilities through SOAR. Develop strategies to prevent insider threat behavior, data leakage, or incidents by leveraging automated detection and response systems. * Develop roadmaps for continuous improvement of the Insider Threat, DLP, and Incident Response Programs, ensuring SOAR automation is fully integrated into detection and remediation processes. Build processes for evaluating DLP alerts and automating response workflows using SOAR, including incident classification, automated responses, and coordination with key stakeholders. * Review current technology capabilities, identify gaps in the DLP, Insider Threat, and SOAR ecosystems, and build a business case for new technologies if necessary. Evaluate new technologies and tools to improve DLP monitoring, insider threat detection, and incident response capabilities. Conduct analytical and critical thinking to assess DLP-related incidents, leveraging SOAR tools to identify trends, automate response actions, and recommend mitigation strategies. * Provide advice and expert guidance on data security issues and SOAR integration, focusing on automating the remediation of insider threats and external adversaries. Build and implement processes and technologies to detect and respond to high-risk insider and data activities, either accidental or malicious. Design reporting mechanisms for potential or actual DLP violations, insider threats, and automated incident responses * Coordinate and collaborate with the SOC, IT, Help Desk, Fraud, Corporate Physical Security Risk teams, and Business Units (BUs) to mitigate risks and automate responses through SOAR for identified risks. Develop technical support documents, summaries, reports, presentations, and other materials related to DLP, SOAR integration, and Incident Response. * Conduct regular risk assessments on critical assets, including trade secrets, PII, proprietary data, and IT systems, ensuring logging, monitoring, and automated responses are in place for all identified critical assets. Monitor and respond to suspicious or disruptive behaviors related to data loss or insider threats, ensuring incidents are automatically detected, escalated, and remediated using SOAR tools. * Present briefings to leadership and key stakeholders on emerging risks, SOAR-driven efficiencies, and program performance. Develop a DLP and SOAR training curriculum for team members, ensuring proficiency in utilizing SOAR tools for automated detection, escalation, and remediation workflows. Collaborate with law enforcement, industry experts, internal stakeholders, and external peers to enhance the Insider Threat and DLP detection models, SOAR-driven response techniques, and incident response automation. * Oversee daily operations and management of the DLP Program, SOAR-based response... For full info follow application lin k.