SECURITY SPECIALIST (INSIDER THREAT)

Full Job Description

This position is part of the Defense Threat Reduction Agency.

The incumbent will be responsible for performing a variety of analytical, planning, operational, and evaluative duties associated with the Insider Threat (InTP) Program..

You may qualify at the GS-13, if you fulfill the following qualifications: A.

One year of specialized experience equivalent to the GS-12 grade level in the Federal service: Conducting independently insider threat, security, counterintelligence and/or force protection briefings to senior leadership.

Providing security, insider threat and counterintelligence support to Department of War operations and activities.

Conducting research and analysis on matters of insider threat, security, counterintelligence or force protection concern.

Conducting insider threat, security, counterintelligence and/or assessments in reference to risk management. Major Duties:

As a SECURITY SPECIALIST (INSIDER THREAT) at the GS-0080-13 some of your typical work assignments may include: Serves as a technical expert for the Insider Threat Program, responsible for the analysis of data from various sources to identify anomalous behavior and potential threats.

Utilizes User Activity Monitoring (UAM) tools, security information and event management (SIEM) systems, and other data analytic platforms to detect and flag potential insider threat indicators.

Conducts complex inquiries and preliminary investigations into potential insider threat matters.

This involves correlating data from multiple sources (e.g., personnel records, system logs, security reports, and counterintelligence data) to assess the credibility and severity of a potential threat.

Prepares detailed reports of analysis and inquiries, documenting findings and providing recommendations for further investigation or other mitigating actions.

Liaises with counterintelligence (CI) investigators, law enforcement, and other security professionals to transition cases when established thresholds are met.

Maintains deep knowledge of cyber attacker methodologies and intrusion stages to recognize patterns and correlate incident data to specific vulnerabilities.

Develops, implements, and evaluates the effectiveness of the organization's Insider Threat Program policies and procedures.

Formulates and recommends changes to policies, standards, and procedures based on new threats, technologies, or regulatory requirements.

Establishes criteria for identifying and analyzing trends in security violations and measures program effectiveness.

Serves as a subject matter expert on insider threat matters, providing authoritative advice and guidance to senior leadership, program managers, and other personnel.

Represents the organization in working groups, committees, and conferences related to insider threat.

Conducts comprehensive risk and vulnerability assessments of systems, processes, and personnel to identify potential avenues for exploitation by an insider.

Analyzes proposed changes in mission, organizational structure, or technology to assess their impact on the insider threat posture.

Recommends security controls and countermeasures to mitigate identified risks.

Coordinates with IT and cybersecurity personnel to ensure that system and network hardening techniques are in place and effective against insider threats.

Develops and delivers insider threat awareness training and education programs for the workforce.

This includes initial briefings for new personnel, annual refresher training, and specialized training for supervisors and personnel in critical or sensitive roles.

Creates and disseminates awareness materials (e.g., newsletters, posters, briefings) to promote a culture of security and vigilance throughout the organization.