Insider Threat Hunt Analyst at Northern Trust

Chicago, Illinois, United States

Not SpecifiedCompensation

Mid-level (3 to 4 years)Experience Level

Full TimeJob Type

UnknownVisa

Financial Services, BankingIndustries

3+ years of experience in cybersecurity, preferably in Insider Threat, Digital Forensics, Threat hunting, or incident response
Proficiency in writing and tuning detection logic in SIEM platforms (e.g., Splunk, Sentinel, Elastic)
Strong understanding of cybersecurity principles, including SIEM, IDS/IPS, and endpoint detection and response (EDR) solutions
Strong technical background in log analysis, data correlation, and behavioral analytics
Working knowledge of the MITRE ATT&CK framework
Excellent problem-solving skills and attention to detail

Conduct proactive threat hunts focused on potential insider threats using endpoint, network and cloud log data
Develop and refine insider threat detection use cases
Create and deploy insider focused threat detection rules
Recommend improvements to insider monitoring, alerting and automation
Collaborate with cross-functional teams on insider risk scenarios
Stay informed on the latest insider threat trends, tactics and techniques