Remote Programming Jobs

Insider Threat Security Engineer

Citizens Bank

  • security
  • sql
  • java
  • python
  • splunk

Quick Facts

Citizens Bank
Pittsburgh, PA, US
Mid-Level, Senior
Remote & On-site

Job benefits

  • Generous PTO
  • Flexible Work Schedules
  • Learning and Development Resources & Educational Assistance
  • Comprehensive Health Benefits
  • Volunteer Events & Corporate Match Program
  • Parental Leave for All Parents, Including Adoptive
  • Onsite Café & Coffee Bar (some locations)
  • Gym & Classes (some locations)
  • 401k Matching & Employee Stock Purchase Program
  • Discounts on Bank Services, Including Student Loan Refinancing

Job description

As an Insider Threat Program Security Engineer working in the Data Protection and Insider Threat Program, you will be responsible for supporting, developing and enhancing the insider threat program.

In this role, you will engage with business units across the organization, providing essential metrics and documentation, and implementing tools and analytic methods to mitigate insider risks.

Primary responsibilities include:

  • Assess existing Insider Threat capabilities, identify gaps and develop technical and non-technical indicators

  • Conduct risk-based tests and trials to effectively mitigate insider risks

  • Partner with other groups within the organization to document processes, identify controls, determine control adequacy and identify control monitoring opportunities and areas for improvement/enhancement

  • Collect, analyze, and interpret qualitative and quantitative data from multiple sources to improve the ability to prevent, detect, and respond to insider risks

  • Monitor and analyze logs and alerts from a variety of different technologies, including IDS/IPS, firewall, proxies, and anti-virus across multiple platforms

  • Discern patterns of complex threat actor behavior, and communicate an understanding of current and developing Cyber threats to key stakeholders

Location is not a barrier for this role and while our preference would be to have a chosen candidate with onsite capabilities in one of our corporate headquarters – we are open to remote employment within the United States for an experienced candidate.


Required Skills/Experience:

  • 5 or more years of experience in information security. 

  • Understanding of information security concepts, best practices and regulations related to insider threat

  • Understanding of enterprise security and networking technology and how the technology relates to the prevention, detection, and response of insider threats

  • Advanced understanding of the Microsoft ®Office suite (e.g., Outlook, Word, Excel, PowerPoint, etc)

  • Excellent verbal and written communication skills

  • Ability to execute work independently and as a team member with good interpersonal skills – using tact, patience and courtesy.

  • Understanding of SQL and Databases

  • Working knowledge of Splunk

Preferred Skills/Experience:

  • Experience managing SQL Databases within an enterprise application

  • Experience with object oriented programming [Python, Java]

  • Experience in the Financial Services Industry

  • Experience performing security event and incident detection and handling in a large corporate environment, gathering and analysis of threat intelligence,  and computer network surveillance/monitoring

  • Experience configuring and using user and/or entity behavior analytics (UBA/UEBA) products

  • Advanced knowledge and experience using Splunk to execute complex search queries and generate reports

Education, Certifications and/or Other Professional Credentials:

  • Bachelor’s degree or greater in Information Security, Computer Science or a related field preferred 

  • Certifications: Associate of (ISC)^2, CISSP, or similar.

Hours and Work Schedule

Hours per Week:  40
Work Schedule:  Monday through Friday

Why Work for Us

At Citizens, you'll find a customer-centric culture built around helping our customers and giving back to our local communities. When you join our team, you are part of a supportive and collaborative workforce, with access to training and tools to accelerate your potential and maximize your career growth.

Equal Employment Opportunity

It is the policy of Citizens Bank to provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to race, color, ethnicity, religion, gender, pregnancy/childbirth, age, national origin, sexual orientation, gender identity or expression, disability or perceived disability, genetic information, citizenship, veteran or military status, marital or domestic partner status, or any other category protected by federal, state and/or local laws.

Equal Employment and Opportunity Employer/Disabled/Veteran

Citizens Bank is a brand name of Citizens Bank, N.A. and each of its respective subsidiaries.

Apply now