Can I apply directly for this job on this page?

You can apply directly on this page using our quick application form. Your application is sent immediately to the hiring team, and no account is required.

What is the role of a AOUSC - Insider Threat Analyst Lead at cFocus Software Incorporated?

The AOUSC - Insider Threat Analyst Lead position at cFocus Software Incorporated is a Full-Time opportunity in the Safety field.

Where is this AOUSC - Insider Threat Analyst Lead job located?

Washington, District of Columbia, 20001, United States

What is the expected salary for this AOUSC - Insider Threat Analyst Lead job?

Compensation will be discussed during the hiring process.

AOUSC - Insider Threat Analyst Lead job near me in Washington, District of Columbia at cFocus Software Incorporated | Jobs and Employment

cFocus Software seeks a Insider Threat Analyst Lead to join our program supporting the Administrative Office of the United States Courts (AOUSC). This position is Hybrid with the onsite location being in Washington, DC. This position requires a Public Trust clearance.
Qualifications:

Active Public Trust clearance
B.S. Computer Science, Information Technology, or a related field
5+ years’ experience in conducting in-depth technical analysis of insider threat
3+ years’ experience in conducting behavioral analytics
2+ years of experience using Splunk SIEM to correlate cybersecurity alerts.
2+ years of experience managing overall case management for cybersecurity investigations.
Active CCITP Program certification

Duties:

Lead and support the operationalization of the AOUSC Insider Threat Program (InTP) in accordance with NITTF Minimum Standards and Judiciary cybersecurity directives.
Develop and maintain Insider Threat governance frameworks including authorities, escalation paths, communication cadence, workflows, and operational procedures.
Collaborate with AO Human Resources (HR), Office of General Counsel (OGC), Insider Threat Branch (ITB), Cybersecurity Triage, Incident Response, Threat Hunting, and Cyber Threat Intelligence teams to support enterprise-wide insider risk management efforts.
Develop, coordinate, and maintain a comprehensive suite of Standard Operating Procedures (SOPs) supporting Insider Threat operations and investigative processes.
Design, document, and operationalize insider threat use cases, indicators, triggers, tuning methodologies, and feedback loops for integration into the existing SIEM and detection engineering framework.
Support the identification, analysis, and mitigation of insider threat risks including malicious insiders, negligent users, privileged misuse, policy violations, data exfiltration, and anomalous user behaviors.
Analyze telemetry, user activity, endpoint logs, audit records, and security events to identify potential insider threat activity and emerging organizational risks.
Coordinate with Detection Engineering teams to refine insider threat alerting logic, improve visibility, and reduce false positives within existing alerting frameworks.
Develop insider threat awareness materials, workforce training, executive briefings, and organizational awareness campaigns.
Provide executive-level and technical reporting on insider threat trends, program status, organizational risks, and operational impacts.
Conduct periodic assessments and audits to evaluate program effectiveness, identify process gaps, and recommend governance, tooling, policy, and procedural improvements.
Develop and maintain insider threat metrics, KPIs, and operational reporting dashboards.
Participate in weekly technical meetings and monthly program management reviews with AO stakeholders and leadership.
Prepare written reports, meeting minutes, executive summaries, operational updates, and briefing materials supporting government oversight and decision making.
Coordinate insider threat investigations with cybersecurity operations teams while ensuring compliance with legal, HR, privacy, and Judiciary policy requirements.
Support transition-in, transition-out, operational readiness, and knowledge transfer activities in accordance with AOUSC SOD requirements.
Maintain awareness of emerging insider threat trends, adversary methodologies, behavioral analytics techniques, and federal insider threat program best practices.
Provide recommendations for improving insider threat governance, training, data sources, telemetry visibility, and operational response capabilities.
Assist in the development of insider threat communication strategies, escalation procedures, and incident coordination processes.
Support Agile workflows and track operational tasks, action items, and improvements through Jira and ServiceNow platforms.

AOUSC - Insider Threat Analyst Lead in Washington, District of Columbia at cFocus Software Incorporated

Explore Related Opportunities

Job Description

Scan to Apply

Job Location

Frequently asked questions about this position

Similar Jobs In Washington, District of Columbia

Senior Red Team Cyber Operator

Senior Cyber Security Analyst (TS Clearance with SCI Eligibility)

Cyber Defense Analyst - Jr

Insider Threat Analyst

Cyber SOC Incident Detector (Night Shift) - TS/SCI with Polygraph

Apply NowYour application goes straight to the hiring team

More Jobs Like This

SAP S/4 HANA Business Systems Analyst

Systems Integrator / Business Analyst / Scrum Master - TS/SCI w/Polygraph

Nessus SME Team Lead

Director I, Cybersecurity Operations

Senior Cloud Security Architect