Insider Threat Engineer
β - Featured Role | Apply direct with Data Freelance Hub
This role is for an Insider Threat Engineer with a 6-month contract in Woodlawn, MD, offering a pay rate of "$XX/hour." Required skills include UAM solutions, Splunk proficiency, and automation with Ansible/Python. A bachelor's degree and Public Trust clearance are mandatory.
π - Country
United States
π± - Currency
$ USD
-
π° - Day rate
-
ποΈ - Date discovered
August 13, 2025
π - Project duration
Unknown
-
ποΈ - Location type
On-site
-
π - Contract type
Unknown
-
π - Security clearance
Unknown
-
π - Location detailed
Woodlawn, MD
-
π§ - Skills detailed
#Monitoring #Data Pipeline #"ETL (Extract #Transform #Load)" #Data Ingestion #Computer Science #Compliance #Security #Cybersecurity #Leadership #Firewalls #Ansible #JSON (JavaScript Object Notation) #Documentation #Python #Automation #Splunk #Logging
Role description
Dice is the leading career destination for tech experts at every stage of their careers. Our client, International Software Systems, Inc, is seeking the following. Apply via Dice today!
Key Required Skills:
Technical Engineering and Automation, Cyber Threat Detection & Analysis, Policy, SOP Development & Reporting
Position Description:
Technical Engineering and AutomationContribute to Insider Threat Work Status Reports with detailed analytics, visuals (charts/dashboards), and recommendations.
β’ Engineer, implement, and maintain User Activity Monitoring (UAM) solutions, ensuring continuous visibility into user behavior and privileged activity.
β’ Build and maintain Splunk dashboards to visualize UAM data, insider threat indicators, and program metrics.
β’ Automate repetitive tasks and data pipelines using Ansible, Python, or JSON to enhance detection, alerting, and reporting efficiency.
β’ Support integration of UAM with other enterprise cybersecurity tools and platforms (e.g., SIEM, DLP, EDR, SOAR).
β’ Collaborate with the SOC, forensic analysts, and cyber threat intel units to enrich UAM data with contextual intelligence.
β’ Cyber Threat Detection & Analysis
β’ Develop and refine methods to extract, analyze, and correlate data from SSA IT systems to proactively detect potential insider threats.
β’ Monitor and analyze trends in cyber activity and anomalous behavior to assess risks to SSA's confidentiality, availability, and integrity.
β’ Leverage feeds, incident reports, and threat briefs to assess relevance to SSA's environment and enhance the program's threat modeling capability.
β’ Collaborate with internal partners such as the cyber threat intelligence, supply chain risk, and forensic investigation teams to share findings and develop holistic mitigations.
β’ Policy, SOP Development & Reporting
β’ Assist with the enhancement and documentation of enterprise-wide Standard Operating Procedures (SOPs) related to Insider Threat use cases and detection logic.
β’ Prepare and present insider threat briefings to program leadership and executives, following agency writing and presentation standards.
Skills Requirements:
FOUNDATION FOR SUCCESS (Basic Qualifications)
β’ Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field.
β’ Proven experience in cybersecurity, insider threat analysis, or a related area.
β’ Demonstrated experience deploying and managing User Activity Monitoring (UAM) solutions in production.
β’ Proficiency in Splunk including dashboard development, data ingestion, and search optimization.
β’ Hands-on skills with Ansible, Python, and JSON for automation and data parsing.
β’ Solid understanding of networking and firewall fundamentals, including how monitoring tools interact across segmented architectures.
β’ Familiarity with Palo Alto Networks firewalls and their logging capabilities (useful for correlating user activity across layers).
β’ Strong analytical and problem-solving skills; ability to make data-driven recommendations.
β’ Excellent written and verbal communication skills, particularly in conveying technical insights to leadership.
β’ Must be able to obtain and maintain a Public Trust. Contract requirement.
β’ Selected candidate must be willing to work on-site in Woodlawn, MD 5 days a week.
FACTORS TO HELP YOU SHINE (Required Skills) These skills will help you succeed in this position:
β’ Demonstrated experience deploying and managing User Activity Monitoring (UAM) solutions in production.
β’ Ability to make decisions based upon analysis of documentation.
β’ Experience with endpoint monitoring tools, SIEM/SOAR integrations, and identity-based risk scoring.
β’ Working knowledge of DLP, EDR, or behavioral analytics platforms in support of insider threat detection.
β’ Experience working in a classified environment and delivering briefings in SCIF settings.
β’ Understanding of NIST 800-53 and related to Insider Threat Programs.
HOW TO STAND OUT FROM THE CROWD (Desired Skills) Showcase your knowledge of modern development through the following experience or skills:
β’ Experience with federal regulatory requirements and compliance standards related to cybersecurity.
β’ Knowledge of programing, Splunk automation, network and firewall operations.
β’ Familiarity with security tools and technologies used for threat detection and analysis.
β’ Security certifications (e.g., CISSP, CISM, CEH, CompTIA Security+) are a plus.
Education:
β’ Bachelor's degree with 7+ years of experience
Must be able to obtain and maintain a Public Trust. Contract requirement.
Dice is the leading career destination for tech experts at every stage of their careers. Our client, International Software Systems, Inc, is seeking the following. Apply via Dice today!
Key Required Skills:
Technical Engineering and Automation, Cyber Threat Detection & Analysis, Policy, SOP Development & Reporting
Position Description:
Technical Engineering and AutomationContribute to Insider Threat Work Status Reports with detailed analytics, visuals (charts/dashboards), and recommendations.
β’ Engineer, implement, and maintain User Activity Monitoring (UAM) solutions, ensuring continuous visibility into user behavior and privileged activity.
β’ Build and maintain Splunk dashboards to visualize UAM data, insider threat indicators, and program metrics.
β’ Automate repetitive tasks and data pipelines using Ansible, Python, or JSON to enhance detection, alerting, and reporting efficiency.
β’ Support integration of UAM with other enterprise cybersecurity tools and platforms (e.g., SIEM, DLP, EDR, SOAR).
β’ Collaborate with the SOC, forensic analysts, and cyber threat intel units to enrich UAM data with contextual intelligence.
β’ Cyber Threat Detection & Analysis
β’ Develop and refine methods to extract, analyze, and correlate data from SSA IT systems to proactively detect potential insider threats.
β’ Monitor and analyze trends in cyber activity and anomalous behavior to assess risks to SSA's confidentiality, availability, and integrity.
β’ Leverage feeds, incident reports, and threat briefs to assess relevance to SSA's environment and enhance the program's threat modeling capability.
β’ Collaborate with internal partners such as the cyber threat intelligence, supply chain risk, and forensic investigation teams to share findings and develop holistic mitigations.
β’ Policy, SOP Development & Reporting
β’ Assist with the enhancement and documentation of enterprise-wide Standard Operating Procedures (SOPs) related to Insider Threat use cases and detection logic.
β’ Prepare and present insider threat briefings to program leadership and executives, following agency writing and presentation standards.
Skills Requirements:
FOUNDATION FOR SUCCESS (Basic Qualifications)
β’ Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field.
β’ Proven experience in cybersecurity, insider threat analysis, or a related area.
β’ Demonstrated experience deploying and managing User Activity Monitoring (UAM) solutions in production.
β’ Proficiency in Splunk including dashboard development, data ingestion, and search optimization.
β’ Hands-on skills with Ansible, Python, and JSON for automation and data parsing.
β’ Solid understanding of networking and firewall fundamentals, including how monitoring tools interact across segmented architectures.
β’ Familiarity with Palo Alto Networks firewalls and their logging capabilities (useful for correlating user activity across layers).
β’ Strong analytical and problem-solving skills; ability to make data-driven recommendations.
β’ Excellent written and verbal communication skills, particularly in conveying technical insights to leadership.
β’ Must be able to obtain and maintain a Public Trust. Contract requirement.
β’ Selected candidate must be willing to work on-site in Woodlawn, MD 5 days a week.
FACTORS TO HELP YOU SHINE (Required Skills) These skills will help you succeed in this position:
β’ Demonstrated experience deploying and managing User Activity Monitoring (UAM) solutions in production.
β’ Ability to make decisions based upon analysis of documentation.
β’ Experience with endpoint monitoring tools, SIEM/SOAR integrations, and identity-based risk scoring.
β’ Working knowledge of DLP, EDR, or behavioral analytics platforms in support of insider threat detection.
β’ Experience working in a classified environment and delivering briefings in SCIF settings.
β’ Understanding of NIST 800-53 and related to Insider Threat Programs.
HOW TO STAND OUT FROM THE CROWD (Desired Skills) Showcase your knowledge of modern development through the following experience or skills:
β’ Experience with federal regulatory requirements and compliance standards related to cybersecurity.
β’ Knowledge of programing, Splunk automation, network and firewall operations.
β’ Familiarity with security tools and technologies used for threat detection and analysis.
β’ Security certifications (e.g., CISSP, CISM, CEH, CompTIA Security+) are a plus.
Education:
β’ Bachelor's degree with 7+ years of experience
Must be able to obtain and maintain a Public Trust. Contract requirement.
