The Consortium, Inc.

Senior Security Analyst -Ad hoc queries, SPLUNK

The Consortium, Inc. - Rockville, MD, United States

Our client is looking for a Senior Security Analyst. This position will play a key role in all analytical aspects, including anomaly detection and categorization, strategic guidance assigned to infrastructure, and assistance in risk strategies. The position will also include analytical support and statistical insight for standardized and ad-hoc reports.
Essential Job Functions:
Reviewing alerts triggered from insider risk, data loss and UEBA consoles and determining if the risk is real or normal work. Perform ad-hoc searches using Security Incident and Event Management (SIEM) (Splunk) Dashboards, and User and Entity Behavior Analytics (UEBA), User Activity Monitoring (UAM) and Data Loss Prevention (DLP) tools looking for additional insider risk issues. Create reports of insider risk and/or data loss incidents and present findings to management. Provide feedback and suggestions on improving the analysis and rules used for user behavior analysis.
• Identifies gaps in information insights that may help with detecting and assessing insider concerns
• Helps identify and obtain log information and other contextual data for use in insider threat detection and assessments
• Received alerts from key stakeholders throughout the organization on anomalous activity (information systems, physical and behavioral)
• Support insider risk prevention, including supporting the security education, awareness, and training efforts.
Other Job Functions:
• Perform other duties and responsibilities as assigned.

Essential Education/Experience Requirements:
• At least one (1) year of professional experience with B.S degree in computer science or at least three (3) years of experience to include:
• Knowledge and use of DLP Tools.
• Knowledge and use of UEBA Tools.
• Knowledge and use of SIEM and/or logging tools and the ability to perform complex ad-hoc queries.
• Must be proactive, and have the ability to work independently/efficiently, as well as the ability to work collaboratively with cross-functional teams
• Must be able to learn quickly and apply new tools and techniques
• Attention to detail
• Strong written and verbal technical communication skills.
Preferred Skills and Education:
• Insider threat experience a plus
• Knowledge of Splunk Programing Language (SPL) that support queries a plus
• Knowledge of PowerBI a plus


For consideration, please submit your resume as a MS Word attachment to

 The Consortium

"Combining Talent with Technology"


Posted On: Thursday, October 27, 2022
Compensation: up to $55/hour W-2

Apply to this job