Our Deloitte Enterprise Performance team is at the forefront of enterprise technology, working across finance, supply chain, and IT operations to deliver holistic performance improvement and digital transformation. Join our team of strategic advisers and architects, differentiated by our industry depth to collaborate with leading solution providers and leverage your experience in strategy, process design, technology enablement, and operational services to enable heart-of-the-business solutions.

QUALIFICATIONS

Required:

• Bachelor’s Degree
• Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.
• Active TS/SCI security clearance required
• 4+ years of Intelligence/Investigation work experience in but not limited to the following areas: any/all of the intelligence disciplines, insider threat investigations, technical investigations, Cybersecurity ex: CSSP, financial fraud investigations
• Ability to be on site 100% of the time in San Antonio, Texas.
• Ability to travel 25%, on average, based on the work you do and the clients and industries/sectors you serve

Information for applicants with a need for accommodation: https://www2.deloitte.com/us/en/pages/careers/articles/join-deloitte-assistance-for-disabled-applicants.htm

As a Project Delivery Specialist II on the project, you will:

• Assist in maturing an operational User Activity Monitoring cell, including the development of playbooks and workflows for monitoring potential insider risks.
• Implement federal government and industry standards and best practices regarding insider threat programs
• Assist in the creation of a Gap Analysis on current User Activity Monitoring tools used in support of Insider Threat programs and make recommendations on industry best practices
• Conduct day-to-day analysis of complex and technical data sources to identify actions, behaviors, or incidents that may be indicative of risky activity or an insider threat/risk.
• Develop and improve insider threat modeling that leverages multiple streams of security information i.e. Security Information and Event Management (SIEM), User Behavior Analytics (UBA), Data Loss Prevention (DLP), User Activity Monitoring (UAM), and automated solutions in place
• Routinely brief program leadership and key stakeholders regarding anomalous behavior, case development, and key findings leading to successful incident mitigation.
• Leverage industry-leading interpersonal skills to coordinate with client’s business and technology leaders to develop and maintain programmatic solutions to insider threats.
• Lead and assist in the investigation of all incidents involving anomalous behavior/insider threats.