Mid-Level Insider Threat Management Analyst
AstraZeneca
AstraZeneca is a global, science-led biopharmaceutical business and our innovative medicines are used by millions of patients worldwide.
Location: Macclesfield
The Enterprise Technology Services (ETS) team is accountable for all Security, IT Operations, Infrastructure, and End User Services and Technologies. This group ensures that our IT Services are seamless and secure, and that technology is delivered efficiently, effectively, and agilely, with a strong focus on experience.
Introduction To Role
Cybersecurity Defence Operations (CSDO), which sits within ETS, is fundamental to enterprise information security and responsible for detecting, analysing, and responding to real or potential security incidents. The Insider Threat Management (ITM) Analyst specializes in the collection and analysis of incidents to proactively identify and mitigate potential data breaches at AstraZeneca.
Accountabilities
1. Utilize the SIEM solution to analyse incidents from diverse sources, generating actionable insights including rapid alerts, dashboards, and reports.
2. Monitor and investigate alerts generated by ITM systems to support investigations to determine the root cause and severity of potential data breaches.
3. Continuously monitor user activities and data transfer patterns to detect deviations from normal behaviour that may indicate insider threat activities.
4. Implement anomaly detection mechanisms to automatically identify suspicious user behaviour and generate alerts for further investigation.
5. Collaborate with relevant support teams to gather data to support investigations into potential security incidents, insider threat, data loss and legal discovery requests.
6. Generate reports and metrics on ITM incidents, trends, and effectiveness of controls for management and stakeholders.
Essential Skills & Experience
1. Significant experience in Insider Threat Management.
2. Degree in Information Security, Cyber Security (or relevant experience).
3. Familiarity with Security Technologies (Endpoint Detection, SIEM, Office 365 product, etc.).
4. Familiarity with Data Loss Prevention (DLP) and Insider Threat Management tools such as ZScaler, Microsoft Purview, Amazon Macie, etc.
5. Adaptability and a willingness to learn new technologies and methodologies to stay ahead of evolving threats and prevention strategies.
6. Integrity and professionalism in handling sensitive information and maintaining confidentiality throughout investigations and incident response activities.
7. Superb communication and interpersonal skills to collaborate effectively with cross-functional teams and communicate technical concepts to non-technical audiences/key partners.
8. A natural curiosity towards investigative analysis, with a proactive approach to uncovering potential incidents and a proclivity to delve deeper into the root causes of security incidents, enabling comprehensive understanding and effective resolution.
9. Excellent written and verbal communication skills.
Desirable Skills & Experience
1. A background in either Cybersecurity Operations, eDiscovery, DLP, or Access Management.
2. Experience with DLP controls and collaboration with stakeholders to develop and implement new DLP policies and procedures tailored to organizational requirements.
When we put unexpected teams in the same room, we unleash bold thinking with the power to inspire life-changing medicines. In-person working gives us the platform we need to connect, work at pace, and challenge perceptions. That's why we work, on average, a minimum of three days per week from the office. But that doesn't mean we're not flexible. We balance the expectation of being in the office while respecting individual flexibility.
At AstraZeneca, when we see an opportunity for change, we seize it and make it happen, because any opportunity, no matter how small, can be the start of something big. Protecting the people, processes, and technologies required to develop and deliver life-changing medicines is about being entrepreneurial - finding those moments and recognizing their potential.
Ready to make an impact?
Apply now!
Date Posted: 07-Feb-2025
Closing Date: 21-Feb-2025
Our mission is to build an inclusive and equitable environment. We want people to feel they belong at AstraZeneca and Alexion, starting with our recruitment process. We welcome and consider applications from all qualified candidates, regardless of characteristics.
#J-18808-Ljbffr