Job Description :
This job is responsible for insider threat analysis, insider risk categorization, and cyber behavior for the organization. Leverages the organization’s security technology to collect, parse, and report on both the general and organizationally specific behaviors. Consults with internal and external resources, partnering with stakeholders across the organization to assist the business with making informed decisions. As part of delivery, the position will assist leadership to ensure sustainability through our organizational change management methodology and security behavior engagement. Supports the development of dashboards, scorecards, forecasting, trending, tracking results, and executive presentations.
- Develop, implement, and continuously improve a proactive program to identifying internal threats.
- Establish close relationships with business stakeholders outside of the security discipline, working closely with privacy, physical security, fraud, legal, human resources and senior leadership.
- Perform predictive analysis of behavior, anomalies, and concerns to identify internal threats.
- Execute campaigns designed to improve enterprise security posture.
- Continually enhance insider risk program to increase efficiencies and measure program effectiveness and report accordingly on progress.
- Utilize change management methodologies to mitigate identified security risks.
- Provide insider threat support to security operations and incident response teams in advance of and during cyber security incidents.
- Ensure clear lines of communication including but not limited to; transparency to the business on upcoming security initiatives, identifying impact to the business and to consumers, helping shape remediation, and developing external and internal communications.
- Ensure the education and awareness program is aligned with the Information Security Program, Policies and Standards.
- Other duties as assigned or requested.
- Bachelor’s Degree in Business Education, Marketing or Information Systems
- Six (6) years relevant, progressive experience
- Master’s Degree in Business Administration or Business Management
- 3 years in IT or IT Security Focus
- 3 years of Insider Threat Program focus
- 3 years with Human Intelligence (HUMINT) OR as an Open-source Intelligence Analyst
- 3 years of Insider Risk Analysis
- 3 years as a Security Operations Center Analyst
LICENSES or CERTIFICATIONS
- Security + OR
- GSEC OR
- CISSP OR
- CERT Insider Threat
- Change Management
- Presentation Delivery
- Analytical and Logical Reasoning/Thinking
- Communication Skills
- Cyber Security
- User Behavior
- Continuous Improvement
Language (Other than English):
0% – 25%
PHYSICAL, MENTAL DEMANDS and WORKING CONDITIONS
Teaches / trains others regularly
Travel regularly from the office to various work sites or from site-to-site
Works primarily out-of-the office selling products/services (sales employees)
Physical work site required
Lifting: up to 10 pounds
Lifting: 10 to 25 pounds
Lifting: 25 to 50 pounds
Disclaimer: The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job.
Compliance Requirement: This job adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies.
As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company’s Handbook of Privacy Policies and Practices and Information Security Policy.
Furthermore, it is every employee’s responsibility to comply with the company’s Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements.
Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, religion, sex, national origin, sexual orientation/gender identity or any other category protected by applicable federal, state or local law. Highmark Health and its affiliates take affirmative action to employ and advance in employment individuals without regard to race, color, religion, sex, national origin, sexual orientation/gender identity, protected veteran status or disability.
EEO is The Law
Equal Opportunity Employer Minorities/Women/ProtectedVeterans/Disabled/Sexual Orientation/Gender Identity (http://www1.eeoc.gov/employers/upload/eeoc_self_print_poster.pdf)
We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact number below.
For accommodation requests, please contact HR Services Online at HRServices@highmarkhealth.org
California Consumer Privacy Act Employees, Contractors, and Applicants Notice