Information security/Cyber security(Splunk+Jira+ SQL)

Role & responsibilities

Job Description:

Reporting to the Sr. Manager Insider Risk, the Investigations Analyst is a member of a team responsible for the ongoing assessment, triage and investigation of Insider Risk events within the UEBA platform.

The Investigations Analyst is responsible for the identification of events involving training integrity matters, Data Loss, misuse of network access or breaches of the Acceptable Use Policy.

The Investigations Analyst will work directly with the Sr. Manager of Insider Risk to assess and escalate incidents identified and collaborate with stakeholder to remediate the issues identified. The Investigation Analyst will also support ethics investigations by identifying and collecting digital forensic evidence within various platforms as required.

Accountabilities

Identify, assess, and escalate findings relating to insider risk events involving misuse of PwC assets, data exfiltration, mass deletion or aggregation of data. A key area of focus will be on training integrity alerting within the risk tool, which looks at behaviours consistent with answer sharing as well as technical investigation support. Work with the Sr. Manager, Insider Risk to escalate and remediate positive findings, recommend strategic security solutions and security control improvements specific to enhancing the identification of data security events.

Major Responsibilities

Provide 3 -5 major responsibilities of the role and identify key activities within each area. Indicate the percentage (%) of time normally spent on each major responsibility with the total equaling 100%.

Investigation Management (70%)

Review, triage and investigation system alerts for Training Integrity matters

Review, triage and investigation endpoint alerts in the Insider Risk platform

Monitor and assess potential Data Loss incidents as they arise

Assess, summarize, and escalate potential breaches to management

Assisting with related queries into high-risk employees for potential data loss, nefarious activities

Assist with the development of other operational/project documentation

Provide support to other teams within the broader Risk Management, as needed

Document incidents in PwCs case management system

Participate in annual audit and compliance testing

Generate monthly/quarterly reports and create dashboards for leadership

Support Ethics investigations related to monitoring and evidence collection

Project Management (20%)

Manage Insider Risk platform and write Jira script for correlation rules as required

• Develop and improve processes and procedures for data protection activities

Provide support on ad-hoc project work

Other Tasks and Responsibilities as assigned (10%)

Assist with special projects for the team as required