Citizens Bank Insider Threat Program Specialist in Pittsburgh, Pennsylvania


The Insider Threat Program Specialist is responsible for supporting, developing and enhancing the insider threat program within our Corporate Security division. The colleague will engage with Business Units across the organization, providing essential metrics and documentation along with implementing tools and analytic methods to mitigate insider risks.

Primary responsibilities will include:

  • Assessing existing Insider Threat capabilities, identifying gaps and developing technical and non-technical indicators

  • Conducting risk-based tests and trials to effectively mitigate insider risks

  • Partnering with other groups within the organization to document processes, identify controls, determine control adequacy and identify control monitoring opportunities and areas for improvements and enhancements

  • Collecting, analyzing and interpreting qualitative and quantitative data from multiple sources to improve the ability to prevent, detect and respond to insider risks

  • Monitoring and analyzing logs and alerts from a variety of different technologies including IDS/IPS, firewall, proxies and anti-virus across multiple platforms

  • Discerning patterns of complex threat actor behaviorand communicating an understanding of current and developing Cyber threats to key stakeholders


Experience and Skills:

  • 3 or more years of experience as an insider threat or information security analyst.

  • Understanding of information security concepts, best practices, and regulations related to insider threat

  • Understanding of enterprise security and networking technology and how the technology relates to the prevention, detection, and response of insider threats

  • Advanced understanding of the Microsoft ®Office suite (e.g., Outlook, Word, Excel, PowerPoint, etc)

  • Excellent verbal and written communication skills

Preferred Experience and Skills:

  • Experience with object oriented programming [Python, Java]

  • Knowledge of machine learning and its applications in information security

  • Experience in the Financial Services Industry

  • Experience with user behavior analytics and security incident and event management (SIEM) tools

  • Experience performing security event and incident detection and handling in a large corporate environment, gathering and analysis of threat intelligence, and computer network surveillance/monitoring

  • Experience configuring and using user and/or entity behavior analytics (UBA/UEBA) products

  • Advanced knowledge and experience using Splunk to execute complex search queries and generate reports

  • Knowledge of Q-Radar for user behavior analytics

Education and Certifications:

  • Bachelor’s degree in Information Security, Computer Science or a related field

  • Certifications: Associate of (ISC)^2, CISSP, or similar.

Hours & Work Schedule

Hours per Week: 40

Work Schedule: Monday through Friday

Why Work with Us

At Citizens, you’ll find a customer-centric culture built around helping our customers and giving back to our local communities. When you join our team, you are part of a supportive and collaborative workforce, with access to training and tools to accelerate your potential and maximize your career growth.

Equal Employment and Opportunity Employer/Disabled/Veteran

It is the policy of Citizens Bank and Citizens Securities, Inc. to provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to race, color, ethnicity, religion, gender, pregnancy/childbirth, age, national origin, sexual orientation, gender identity or expression, disability or perceived disability, genetic information, citizenship, veteran or military status, marital or domestic partner status, or any other category protected by federal, state and/or local laws.

Equal Opportunity & Affirmative Action Employer Disabled/Veteran

Citizens Bank is a brand name of Citizens Bank, N.A. and each of its respective subsidiaries, and Citizens Bank of Pennsylvania.