At RED GATE we do everything we can to serve our clients:
Using the right technical skills, unique methodologies, best practices, and integrated technology, we help clients implement bold solutions. New approaches to emerging and evolving threats. Non-traditional ways to overcome entrenched obstacles. Advantage through opportunity. If you have a serious challenge or problem, we can help you solve it.  The below job description provides details on how this role will help to serve our clients.

Organization Supported: The Deputy Chief of Naval Operations, Information Warfare (DCNO N2N6I SI) requires management support services to facilitate Warfighting, Manpower and Business transformation initiatives. The services are for strategic, operational & tactical level support regarding current and future Requirements Generation/Capability Development: Programmatic, Budgeting, Cost-Control: Strategic Governance and, Policy initiatives.

The Department of the Navy established the Insider Threat Program in 2018 to prevent, detect, deter, and mitigate the impact of threats to Navy personnel, facilities, information, equipment, networks, and systems posed by individuals entrusted with access to or knowledge of the Navy’s critical assets and key resources. Under the direction of the Deputy Chief of Naval Operations for Information Warfare, the Navy Insider Threat Program is focused on acquiring and maintaining information protection technologies and associated support capabilities that enable the Department of the Navy to detect, analyze, and coordinate the mitigation of insider threats.

Red Gate supports the Navy Insider Threat Program by providing both executive- and basic-level services. Executive-level support includes short-term projects, special studies, strategic analyses, and senior leadership briefings. Basic-level support includes analytical, technical, programmatic, and financial management support; research and data collection; policy support; and other ad hoc tasks and assignments. The Information Assurance/Hub and User Activity Monitoring (UAM) Analyst provides analytic support in gathering, integrating, assessing, and referring information concerning potential insider threats that informs and enables effective response/mitigation by command, investigative, and other authorities to protect Navy personnel, information, and resources.

Responsibilities

• Serve as a member of a government-led Insider Threat Fusion Cell/Analysis Team, with a focus on information assurance, computer network defense, and information security.
• Collect and analyze information received from deployed agents on the Insight Anomaly Detection System.
• Assist in the development and management of insider threat detection programs.
• Perform one or more of the following functions: information assurance, cyber threat analysis, incident response, intrusion detection, network/computer forensics, data loss prevention, enterprise audit analysis, and/or audit/anomaly threat detection.
• Conduct information technology audits, incident response, and/or network monitoring at the enterprise level using automated security tools.
• Assist in the development and implementation of cyber, information assurance, security, and insider threat collection, analysis, and production tradecraft.
• Assist in the integration and analysis of multiple relevant security data sources.
• Assist in generating analysis reports and briefing other team members and/or senior management on analytical findings.
• Develop insider threat and counter-insider threat tactics, techniques, and procedures, and supporting documentation.
• Conduct security audit scans on software and hardware in the performance of assigned duties.
• Provide training, as requested, on the use of government audit/anomaly threat detection technology.
• Receive automated UAM/audit data and alerts from sensors deployed on the Navy’s classified and unclassified networks, conduct initial analysis, and provide feedback on data collected to detect cyber and insider threats.
• Maintain and report weekly, monthly, quarterly, and annually on metrics associated with analytic operations.
• Perform analyses of audit data and alerts to identify anomalous/suspicious activity, possible policy or security violations and the individuals responsible, other network or systemic risks presenting an avoidable opportunity for a malicious insider to exploit, and potential insider threats.
  • Document and forward findings to a government reviewer for further action.
  • Provide final analysis and assessment results to the government and assist the government in resolving identified discrepancies.
• Coordinate with applicable points of contact across the client organization to resolve audit alerts as required by documented standard operating procedures for monitoring, detection, response, and reporting.
• Collaborate with government leads to develop dashboards, filters, and audit policy triggers for audit capabilities and assist in refining triggers based on the analysis of evolving anomaly event activities across Navy classified and unclassified networks.
• Support government team leads by engaging with other organizational elements to maintain awareness of known Advanced Persistent Threats, the evolution of cybersecurity and insider threat technology and methodology, and other related focus areas that could impact operational mission objectives.
• Work with other team members and departments within the client organization to conduct security scans and implement standard technical installation guides and manual test procedures to test and document results pertaining to the security posture of the system.
• Evaluate existing system policies, modify policies to achieve program objectives, and/or develop new policies.
• Capture, document, develop and deliver lessons learned related to program operations, including technical/programmatic gaps, identifying successes and failures, and recommended solutions.
• Assist in the development of business processes and workflows (technical or functional), standard operating procedures, and other program documentation.
• Employ current best practices and state-of-the-art cyber, information assurance, security, and insider threat tactics, techniques, and procedures.
• Participate in meetings, working groups, system demonstrations, and conferences as needed.
• Provide briefings and presentation materials, conference or meeting materials, technical memoranda, and administrative reports.
• Work with multiple organizations within the Navy responsible for systems control, integration, testing, security, and maintenance, as well as appropriate privacy and legal authorities and external partners.
• Provide weekly status reports to government team leads, including work performed during the week, accomplishments, plan for work to be performed during the upcoming week, identification and discussion of any risks or issues related to assigned tasks, and target delivery dates of associated products.

Required Skills/Qualifications

• Bachelor’s degree with demonstrated practical experience performing the duties and responsibilities described above (experience may substitute for education)
• At least 5 years of experience in one or more of the following areas – insider threat, all-source analysis, counterintelligence, personnel security, cybersecurity, criminal justice/investigative analysis, risk management, or security operations, preferably within the Department of Defense or other federal departments and agencies
• Certified Information Systems Security Professional or Security+ certification
• Experience using security information and event management tools (e.g., HP ArcSight and McAfee ePO Host Based Security System)
• Demonstrated knowledge of analytic processes and various research tools, systems, procedures, and methods of analyzing, compiling, reporting, and disseminating insider threat information/data; handling sensitive and protected information
• Superb oral and written communication skills

Desired Skills/Qualifications

• Completion of National Insider Threat Task Force Insider Threat Hub Operator’s Course and Department of Defense Counter-Insider Threat Professional-Analyst certification
• Information Assurance Technical or Information Assurance Management Level III certification
• Experience supporting the Department of the Navy or Insider Threat programs

The Red Gate Group, Ltd. is an Equal Opportunity/Affirmative Action Employer. The Red Gate Group, Ltd. considers applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state, or local law.  EEO is the Law