Western Alliance Bancorporation - Columbus, OH
posted 4 days ago
About the position
Western Alliance Bank's (WAB) Business Information Security Office is responsible for analyzing and conducting assessments of insider related threats and vulnerabilities identified by the WAB Insider Risk Program, including policy violations, system alerts, and other reported threats to the confidentiality, integrity, and availability of information assets. The role will coordinate investigations involving a variety of highly technical and/or business functional stakeholders across the WAB enterprise. This is key to ensuring the proactive management of insider-related risk services in compliance with Western Alliance Bank policies, standards, and frameworks. This individual will work as part of a matrixed team of cybersecurity professionals in a structure designed to help them succeed in delivering best-in-class security to this stakeholder group.
Responsibilities
- Facilitate/conduct investigations by analyzing and verifying information through various investigative techniques, internal resources, forensics, and Insider threat tools such as Data Loss Prevention, Endpoint Detection and Response, Network Traffic Analysis & Deceptive Technology to detect malicious lateral movement & privilege escalation in On-prem and Cloud environment.
- Provide actionable Insider threat analysis for remediation on all escalations.
- Triage Insider Threat alerts within SLA guidelines.
- Collaborate with internal teams to drive insider threat program continuous improvement.
- Assess and make recommendations for improvement and refinement of use cases, software tools, and other risk reduction methods used to improve the insider threat program.
- Proven experience using analytical and data visualization tools to automate the analysis and provide insights of large dataset and correlate with Elastic SIEM and other sources of information and conduct investigative works into anomalies against established baselines to identify the root cause of an incident or suspicious event.
- Stay current with the latest cyber threats, attacks, and vulnerabilities, and updated with evolving and emerging attack techniques and methods.
- Maintain and update related insider threat documentations such as IT Standards and Standard Operation Procedures and carry out activities specified in these artifacts.
- Participate in various cybersecurity exercises such as cyber tabletop and BCP.
Requirements
- Bachelor's degree from a four-year college or university and eight (8) or more years of related experience and/or training; or a combination of experience and education.
- Work related experience must consist of an information security experience as an insider threat analyst, or security engineer, or a similar role, preferably with insider threat management experience in a Financial Institution environment.
- Hands on experience with investigative and/or insider threat tools, such as UEBA, DLP, EDR, Computer Forensics, Monitoring, Elastic SIEM, Incident Response, Databases, or data visualization tools in On-prem and Cloud environment.
- Understanding and/or working knowledge of insider threats in the Dark and Deep Web underground forums.
- Strong practical experience in cybersecurity: CMU Insider Threat Framework, MITRE ATT&CK Framework, Cyber kill chain, TTP, threat intelligence, malware triage.
- Strong understanding of Different Attacks on system, network, applications.
- Relevant industry certifications such as Elastic SIEM certification, CERT, CFE, CFCE, CISSP, GCIH, SANS, GIAC.
- Possess strong analytical skills, self-motivated, detail oriented and team player.
- Willing to learn and work in a collaborative manner with peers and team.
- Good interpersonal and communication skills.
- Able to work under pressure during critical situations.
- A passion for cybersecurity and data security.
Benefits
- Competitive salaries
- Ownership stake in the company
- Medical and dental insurance
- Time off
- Great 401k matching program
- Tuition assistance program
- Employee volunteer program
- Wellness program
