Roles and Responsibilities:
Develop IT pilots, user activity monitoring, and other IT architecture requirements, to include deployment of high-speed guard, cross domain solution and migration to the private enclave. The individual must have a strong understanding of how to configure and deploy user activity monitoring agents. They would further provide the following services:
- Must have experience with either Digital Guardian or Force Point Solutions software, and be able to configure, write triggers, manage the code and deploy agents. Prefer experience with both tools.
- Develop lifecycle concept, capability, policy, procedures and IT tools to stand up an IT/Audit Analysis and Reporting capability to support insider threat warning and detection.
- Conduct requirements analyses, assess configuration alternatives, and conduct cost-benefit, risk, and impact analysis in support of identifying the most effective insider threat tools for DoJ across a wide range of competitors.
- Conduct data analysis of insider threat auditing and monitoring software systems to detect, identify and refer threats to the appropriate entities, including reviews of data sources for a centralized analysis, reporting, and response capability.
- Contribute to insider threat processes to identify and develop insider threat leads for possible referral to investigators; conduct background IT records reviews to identify past behaviors relevant to the issue under review; provide comprehensive written reports to investigators, supervisors, human resources specialists, personnel security specialists, etc.
- Make recommendations to the government project leads on relevant emerging tools to leverage in support of insider threat.
- Coordinate on system architecture to ensure compliance with all requirements to ensure seamless systems and equipment integration of the IT tools.
- Conduct reviews and develop requirements, including but not limited to audit tools, monitoring systems, and existing IT software solutions.
- Generate and/or provide technical documentation as required for system accreditation as required.
- Attend and support meetings, formal reviews, conferences, and audits.
- Assist in review and development of reports, policy, plans, and other documentation as required to meet objectives of the program as required. Assure all recommended policies are in compliance with applicable laws, regulations and instructions.