Talent.com
serp_jobs.error_messages.no_longer_accepting
Insider Threat Engineer (Baltimore)

Insider Threat Engineer (Baltimore)

ClearanceJobsBaltimore, MD, United States
job_description.job_card.variable_days_ago
serp_jobs.job_preview.job_type
  • serp_jobs.job_card.full_time
job_description.job_card.job_description

Insider Threat Engineer

Leidos is seeking a highly skilled and experienced Insider Threat Engineer to support and maintain an enterprise-wide insider threat detection and response program at the Social Security Administration (SSA). This position focuses on advancing the agency's capabilities in user activity monitoring, automation, data loss prevention, and technical threat detection to prevent unauthorized disclosures, fraud, and abuse. The candidate will be instrumental in delivering analytical and engineering support to the Insider Threat Program Management Office (PMO) and may be required to deliver and receive sensitive briefings within SSA secured spaces such as the SCIF or approved alternate secure locations. Join a high-performing cybersecurity team responsible for safeguarding the agency's data and supporting the SSA's mission to serve over 65 million Americans monthly.

If this sounds like a mission you want to be a part of, keep reading! TEAM CULTURE Your passion and values might be a good fit for our teams if you answer yes to the following questions :

  • Are you looking for a company that puts employees first, with a focus on career, flexibility, and well-being?
  • Do you enjoy collaborating with colleagues and teammates and believe that the best ideas are fostered in an inclusive environment?
  • Are you searching for a team with a strong sense of ownership, urgency, and drive for daily mission success?
  • Are you comfortable with proactive outward communication and technical leadership?
  • Do you enjoy being a catalyst, solving complex problems, and providing innovative solutions?
  • Do you have the flexibility, creativity, and resilience to pivot the mission for success?
  • Do you have the courage to make tough ethical decisions with pride, transparency, and respect?

MENTORSHIP & CAREER GROWTH Our teams are dedicated to supporting new team members in an environment that celebrates knowledge sharing and mentorship. Experienced team members will be assigned to new hires for one-on-one mentoring, collaborative reviews, and coaching on customer engagement to help each new hire successfully onboard and demonstrate their skills. Projects and tasks are assigned in a way that leverages your strengths and will help you further develop your skillset.

KEY RESPONSIBILITIES Every position we take is more rewarding when you know the why behind it. Know your work makes a difference to support those who need it most. If your passion is enabling life changing service to those around, you this is the place for you. Find you passion in a team environment where all members are valued regardless of contractor or employee status.

Technical Engineering and Automation

  • Engineer, implement, and maintain User Activity Monitoring (UAM) and Data Loss Prevention (DLP) solutions, ensuring continuous visibility into user behavior and sensitive data usage.
  • Configure, maintain, and optimize Trellix endpoint security and DLP capabilities for insider threat use cases.
  • Experience leveraging Trellix DLP to detect and investigate insider threat behaviors, including sensitive data exfiltration, unauthorized file transfers, and anomalous user activity.
  • Automate detection, alerting, and reporting processes using Python, Ansible, or JSON to increase efficiency and accuracy.
  • Integrate UAM and DLP solutions with other enterprise cybersecurity tools (e.g., SIEM, SOAR, EDR, Trellix platform).
  • Develop dashboards and reports that highlight key insider threat indicators, anomalous activity, and program performance metrics.
  • Perform SOC related activities including monitoring, triaging, and investigating insider threat and DLP alerts to support timely detection and response.
  • Basic understanding in networking, cybersecurity principles, and experience with common security tools (e.g., firewalls, SIEM, DLP, endpoint security, vulnerability scanners).
  • Experience with Splunk for log analysis and developing use cases to support insider threat detection and reporting.
  • Demonstrated adaptability with an open mind toward learning new technologies and taking on challenging responsibilities in a dynamic environment.

    • Cyber Threat Detection & Analysis

  • Develop and refine methods to extract, analyze, and correlate data from SSA IT systems to proactively detect potential insider threats.
  • Monitor and analyze trends in cyber activity and anomalous behavior to assess risks to SSA's confidentiality, availability, and integrity.
  • Leverage feeds, incident reports, and threat briefs to assess relevance to SSA's environment and enhance the program's threat modeling capability.

    • Policy, SOP Development & Reporting

  • Prepare and present insider threat briefings to program leadership and executives, following agency writing and presentation standards.
  • Contribute to Insider Threat Work Status Reports with detailed analytics, visuals (charts / dashboards), and recommendations.

    • FOUNDATION FOR SUCCESS (Basic Qualifications)

  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field.
  • Proven experience in cybersecurity, DLP Trellix or Palo Altos, or a related area.
  • Hands-on experience with Trellix Data Loss Prevention (DLP) for monitoring, detecting, and controlling sensitive data movement across endpoints, email, and network channels.
  • Good understanding of networking and firewall fundamentals, including how monitoring tools interact across segmented architectures.
  • Familiarity with Palo Alto Networks firewalls and their logging capabilities (useful for correlating user activity across layers).
  • Strong analytical and problem-solving skills; ability to make data-driven recommendations.
  • Excellent written and verbal communication skills, particularly in conveying technical insights to leadership.
  • Must be able to obtain and maintain a Public Trust. Contract requirement.
  • Selected candidate must be willing to work on-site in Woodlawn, MD 5 days a week.

    • FACTORS TO HELP YOU SHINE (Required Skills)

  • Experience in using Splunk ES or enterprise Splunk is a plus.
  • Ability to make decisions based upon analysis of documentation.
  • Experience with endpoint monitoring tools, SIEM / SOAR integrations, and identity-based risk scoring.
  • Working knowledge of DLP, EDR, or behavioral analytics platforms in support of insider threat detection.
  • Experience working in a classified environment and delivering briefings in SCIF settings.
  • Understanding of NIST 800-53 and related to Insider Threat Programs.

    • HOW TO STAND OUT FROM THE CROWD (Desired Skills) Showcase your knowledge of modern development through the following experience or skills :

  • Experience with federal regulatory requirements and compliance standards related to cybersecurity.
  • Knowledge of programming, Splunk automation, network and firewall operations.
  • Familiarity with security tools and technologies used for threat detection and analysis.
  • Security certifications (e.g., CISSP, CISM, CEH, CompTIA Security+) are a plus.

    • At Leidos, we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customers' success. We empower our teams and contribute to our communities. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. Our Mission, Vision, and Values guide the way we do business. Every position we take is more rewarding when you know the why behind it. Know your work makes a difference to support those who need it most. If your passion is enabling life changing service to those around, you this is the place for you. Find your passion in a team environment where all members are valued regardless of contractor or employee status. We are excited for you to take your place in our Leidos Family. Are you an US citizen, US resident, or Visa candidate and think you might fit? We recommend you apply and start the conversation today! Join us in supporting our SSA contracts in Woodlawn, Maryland. At Leidos, we don't want someone who fits the moldwe want someone who melts it down and builds something better. This is a role for the restless, the over-caffeinated, the ones who ask, what's next? before the dust settles on what's now. If you're already scheming step 20 while everyone else is still debating step 2 good. You'll fit right in.

    serp_jobs.job_alerts.create_a_job

    Insider Threat Engineer • Baltimore, MD, United States

    Job_description.internal_linking.related_jobs
    • serp_jobs.job_card.promoted
    FIPS Certified Security Engineer

    FIPS Certified Security Engineer

    VirtualVocationsArlington, Virginia, United States
    serp_jobs.job_card.full_time
    A company is looking for a Security Engineer, FIPS / CC (Mobile Devices).Key Responsibilities Lead the end-to-end validation process for IT products, including security assessments and documentatio...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
    • serp_jobs.job_card.promoted
    Security Engineer - Application Security

    Security Engineer - Application Security

    VirtualVocationsBaltimore, Maryland, United States
    serp_jobs.job_card.full_time
    A company is looking for a Security Engineer - Application & AI Security (REMOTE).Key Responsibilities Build and deploy security controls across web applications, data pipelines, and AI systems; ...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_1_day
    • serp_jobs.job_card.promoted
    Information Security Engineer

    Information Security Engineer

    VirtualVocationsRockville, Maryland, United States
    serp_jobs.job_card.full_time
    A company is looking for an Information Security Engineer to join their Information Security and Technology team.Key Responsibilities Drive decision-making for platform and application security a...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
    • serp_jobs.job_card.promoted
    Information Security Specialist II

    Information Security Specialist II

    Oceaneering International, Inc.Hanover, MD, United States
    serp_jobs.job_card.full_time
    Oceaneering Technologies (OTECH) develops, manufactures, and operates customized marine systems, shipboard equipment, subsea vehicles, and engineered solutions for commercial and U.Oceaneering Aero...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_1_day
    • serp_jobs.job_card.promoted
    Threat Hunter

    Threat Hunter

    VirtualVocationsBaltimore, Maryland, United States
    serp_jobs.job_card.full_time
    A company is looking for a Threat Hunter to proactively identify and mitigate threats using advanced SPL queries in Splunk. Key Responsibilities Develop SPL queries to detect IOCs, anomalies, and ...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
    • serp_jobs.job_card.promoted
    Insider Threat Engineer

    Insider Threat Engineer

    Leidos IncBaltimore, MD, United States
    serp_jobs.job_card.full_time
    Leidos is seeking a highly skilled and experienced.Social Security Administration (SSA).This position focuses on advancing the agency's capabilities in user activity monitoring (UAM), automation,.D...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
    • serp_jobs.job_card.promoted
    Security Engineer

    Security Engineer

    VirtualVocationsArlington, Virginia, United States
    serp_jobs.job_card.full_time
    A company is looking for a Security Engineer to join their cybersecurity team.Key Responsibilities Administer and maintain identity providers and manage endpoint protection platforms Monitor and...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
    • serp_jobs.job_card.promoted
    FIPS 140 Security Engineer

    FIPS 140 Security Engineer

    VirtualVocationsBaltimore, Maryland, United States
    serp_jobs.job_card.full_time
    A company is looking for a FIPS 140 Security Engineer to support various FIPS 140 validation projects.Key Responsibilities Conduct general security analysis and design work for product architectu...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
    • serp_jobs.job_card.promoted
    Lead IT Security Engineer

    Lead IT Security Engineer

    VirtualVocationsBaltimore, Maryland, United States
    serp_jobs.job_card.full_time
    A company is looking for a Lead IT Security Engineer.Key Responsibilities Manage and optimize the Splunk security environment for performance and efficiency Architect cybersecurity solutions and...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
    • serp_jobs.job_card.promoted
    Lead Security Engineer - Cyber Security

    Lead Security Engineer - Cyber Security

    RelativityBaltimore, MD, United States
    serp_jobs.job_card.full_time
    As a Lead Cyber Security Engineer, you will ensure the security of Relativity's network and infrastructure.In this role, the main responsibilities will be to investigate and analyze emerging threat...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
    • serp_jobs.job_card.promoted
    Insider Threat Program Senior System Engineer

    Insider Threat Program Senior System Engineer

    LeidosWashington, DC, United States
    serp_jobs.job_card.full_time
    The Digital Modernization Sector at Leidos currently has an opening for a Senior System Engineer supporting the HEITS Contract as part of the Department of Homeland Security (DHS) Insider Threat Pr...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
    • serp_jobs.job_card.promoted
    Senior Information Security Engineer

    Senior Information Security Engineer

    VirtualVocationsBaltimore, Maryland, United States
    serp_jobs.job_card.full_time
    A company is looking for a Senior Information Security Engineer who will contribute to the architecture, implementation, and ongoing support of a comprehensive, enterprise-grade security program.Ke...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
    • serp_jobs.job_card.promoted
    Network Security Engineer

    Network Security Engineer

    Office of The Chief Financial OfficerMaryland, MD, United States
    serp_jobs.job_card.full_time
    Government of the District of Columbia.Office of the Chief Financial Officer (OCFO).Network Security Engineer (INFOSEC).This position is located in the Office of the Chief Financial Officer (OCFO),...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
    • serp_jobs.job_card.promoted
    Staff Security Engineer

    Staff Security Engineer

    VirtualVocationsBaltimore, Maryland, United States
    serp_jobs.job_card.full_time
    A company is looking for a Staff Security Engineer with expertise in network and cloud security.Key Responsibilities Design, implement, and manage firewall policies and security configurations ac...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
    • serp_jobs.job_card.promoted
    Senior Engineer - Sensor Security

    Senior Engineer - Sensor Security

    VirtualVocationsBaltimore, Maryland, United States
    serp_jobs.job_card.full_time
    Engineer - Sensor Security Platform (Remote).Key Responsibilities Understand, modify, and assume ownership of complex sensor detections and response capabilities Gain expertise in the core logic...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
    • serp_jobs.job_card.promoted
    Senior Threat Research Engineer

    Senior Threat Research Engineer

    VirtualVocationsRockville, Maryland, United States
    serp_jobs.job_card.full_time
    A company is looking for a Senior Threat Research Engineer.Key Responsibilities Research novel cloud-based cyber attacks and report findings Develop threat intelligence based on malware analysis...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
    • serp_jobs.job_card.promoted
    Detection Engineer

    Detection Engineer

    VirtualVocationsWashington, District of Columbia, United States
    serp_jobs.job_card.full_time
    A company is looking for a Detection Engineer (1st Shift).Key Responsibilities Analyze EDR telemetry and alerts across various detection domains Publish threat reports with clear communication o...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
    • serp_jobs.job_card.promoted
    IAM Security Analyst

    IAM Security Analyst

    VirtualVocationsBaltimore, Maryland, United States
    serp_jobs.job_card.full_time
    A company is looking for an IAM Security Analyst.Key Responsibilities Execute user access certifications for compliance and collaborate with audit teams Enhance IAM controls and participate in d...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
    • serp_jobs.job_card.promoted
    PAM Security Engineer

    PAM Security Engineer

    VirtualVocationsBaltimore, Maryland, United States
    serp_jobs.job_card.full_time
    A company is looking for an IAM / PAM Security Engineer to implement cybersecurity strategies for protecting digital identities within a federal agency's IT environment.Key Responsibilities Imple...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
    • serp_jobs.job_card.promoted
    Information Security Training Lead

    Information Security Training Lead

    VirtualVocationsBaltimore, Maryland, United States
    serp_jobs.job_card.full_time
    A company is looking for an Information Security Training Awareness Lead to enhance cybersecurity awareness through training and outreach initiatives. Key Responsibilities Develop and implement an...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days