Mid-Level Insider Threat Management Analyst
AstraZeneca
AstraZeneca is a global, science-led biopharmaceutical business and our innovative medicines are used by millions of patients worldwide.
Location: Macclesfield
At AstraZeneca, we 're dedicated to being a Great Place to Work where you are empowered to push the boundaries of science and unleash your ambitious spirit. There’s no better place to make a difference to securing medicine, patients, and society.
The Enterprise Technology Services (ETS) team is accountable for all Security, IT Operations, Infrastructure, and End User Services and Technologies. This group ensures that our IT Services are seamless and secure, delivered efficiently and effectively.
Introduction To Role
Cybersecurity Defence Operations (CSDO), which sits within ETS, is fundamental to enterprise information security and responsible for detecting, analysing, and responding to real or potential security incidents. The Insider Threat Management (ITM) Analyst specializes in the collection and analysis of incidents to proactively identify and mitigate potential data breaches at AstraZeneca.
Accountabilities
1. Utilize the SIEM solution to analyse incidents from diverse sources, generating actionable insights including rapid alerts, dashboards, and reports.
2. Monitor and investigate alerts generated by ITM systems to support investigations into potential data breaches.
3. Continuously monitor user activities and data transfer patterns to detect deviations from normal behaviour that may indicate insider threat activities.
4. Implement anomaly detection mechanisms to identify suspicious user behaviour and generate alerts for further investigation.
5. Collaborate with relevant support teams to gather data to support investigations into potential security incidents.
6. Generate reports and metrics on ITM incidents, trends, and effectiveness of controls for management and stakeholders.
Essential Skills & Experience
* Significant experience in Insider Threat Management.
* Degree in Information Security, Cyber Security, or relevant experience.
* Familiarity with Security Technologies (Endpoint Detection, SIEM, Office 365, etc.).
* Familiarity with Data Loss Prevention (DLP) and Insider Threat Management tools such as ZScaler, Microsoft Purview, Amazon Macie.
* Integrity and professionalism in handling sensitive information.
* Superb communication and interpersonal skills.
* Natural curiosity towards investigative analysis.
* Excellent written and verbal communication skills.
Desirable Skills & Experience
* A background in Cybersecurity Operations, eDiscovery, DLP, or Access Management.
* Experience with DLP controls and collaboration with stakeholders to develop and implement new DLP policies.
Ready to make an impact? Apply now!
Date Posted: 07-Feb-2025
Closing Date: 21-Feb-2025
Our mission is to build an inclusive and equitable environment. We welcome and consider applications from all qualified candidates. We offer reasonable adjustments/accommodations to help all candidates perform at their best.
#J-18808-Ljbffr