Lead Info Security Engineer Job in Principal Global Services

Responsibilities Collaborate with domestic and international business partners to understand how data is used and what protections are needed. Investigate and remediate suspected insider risk alerts in partnership with business teams with escalation to Security Operations Center as needed. Implement and manage access controls for access to sensitive data while ensuring compliance with company standards. Collect and analyze event metrics to identify trends and produce metric reporting. Conduct analysis to help determine insider control effectiveness and recommend solutions to improve data protection and insider risk. Communicate metrics and related information to a variety of internal audiences to inform where corrective action is needed to address gaps or areas of risk to meet business needs Partner with engineering team to define, build, and deliver solutions. Respond to business inquiries or problem tickets related to insider risk alerts Pursue opportunities to automate or enrich investigation and response processes. Perform reviews of activity for a given identity and determine if suspect behavior for that identity is probable. Fully document the results of identity activity reviews Identify, based on identity activity reviews, when we may have control gaps or inaccurate event data that should be filtered out. Required Skills: Knowledge of endpoint and data exploration tools (SIEM, EDM, UEBA, ELK, etc.) Use query languages/syntax to gain valuable insights from data Experience using ELK to query security logs for threat hunting Security-mindset from a risk perspective Partner with engineering team to define, build, and deliver solutions and resolve problems. Conduct analysis to help determine Insider Risk Threat effectiveness and recommend solutions to reduce Insider Risk. Generalist technical skills: comfortable with basic system administration and scripting languages, working with large data sets, and able to learn quickly when needed Inquisitive and curious tendencies! Ability to analyze quantitative and qualitative information to drive action. Excellent oral and written communication skills with ability to articulate technical and non-technical concepts. Excellent attention to detail Ability to handle multiple tasks and adjust workload based on priority Ability to design and automate your work and drive efficiency Ability to maintain confidentiality is essential! Strong analytical mindset, capable of identifying risk and vulnerabilities between controls Self-motivated to find solutions when no clear goal is presented Preferred Skills: Experience in information security, data loss, or fraud investigations Experience with data protection technologies such as DLP or CASB Demonstrated skill in scripting languages Pursue opportunities to automate or enrich investigation and response processes.