Insider Threat Auditor

Required Security Clearance: Top Secret/SCI

City: Reston

State/Territory: Virginia

Travel: None

Potential for Teleworking: No

Schedule: Full Time DoD 8570 IAT Requirement: IAT II (Security+, CySA+, CCNA Security, GICSP, GSEC, SSCP) DoD 8570 IAM Requirement: None DoD 8570 IASAE Requirement: None DoD CSSP Requirement: CSSP Analyst (CySA+, CEH, CFR, GCIA, GCIH, GICSP, SCYBER)

The Security Monitoring Cyber Auditor is part of a Team of analysts, stationed in diverse CONUS and OCONUS locations tasked with monitoring and protecting the classified and unclassified systems of a major Intelligence Community Agency for fraud, waste, and abuse, to include inappropriate content, illegal activity, Identity leakage, and Insider threat activity. This requires the ability to review event logs, follow checklists, knowledge of normal and malicious user attributable activity, and to prepare case evidence. Being able to gather and handle forensic evidence in accordance with Rules of Evidence and perform forensic analysis of digital information is highly desirable.

Functional Duties

  • Monitor, detect and report indicators of misuse, abuse, data spillage, insider threat, and security violations.
  • Identify acceptable use policy infractions.
  • Ability review event logs to determine events of interest
  • Perform forensic analysis of digital information and gathers and handles evidence.
  • Monitor for fraud, waste and abuse, including content inappropriate to the workplace, Illegal Activity, Productivity Loss and Non-Compliant Activity, as well as Identity Leakage (PII).
  • Prepare case evidence and incident reports.
  • Work on special projects as assigned.

Desired Skills: Experience with Splunk, Proofpoint, Fidelis, Solera, Windows and Linux Operating Systems

**The position and hours are based on a 24x7x365 shift schedule and monitoring requirement. This position is for a night position and requires working weekend nights.**

Must obtain CSSP Analyst level certification

Standard Characteristics

  • Identify and manage network and system vulnerabilities and security events
  • Receive, acknowledge, disseminate, track, report (daily/weekly, and update vulnerability management (VM) alerts, vulnerability assessments, red/blue team events, security incidents, and the VM common operating picture (VM COP)
  • Provide inspection services across the enterprise on behalf of the organization’s Special Enclave (SE) program manager
  • Support or perform global DoD inspections of GENSER and SE (e.g., JWICS) services to ensure compliance to DoDI 8530 standards

Skills and Tasks

  • Exceptionally Complex, Inter-Discipline, Inter-Organizational.
  • Can perform tasks of senior level technicians, specialists, and or managers not performed at Level 3 due to the size and/or complexity of the tasks.


  • May work individually or as a key member of a senior leadership team.
  • Oversees and monitors performance across several disciplines, and when required, takes steps to resolve issues.


  • Provides expert guidance and direction to Government and Vendor senior level technicians and managers.
  • Directs multiple contractor and subcontractor teams through to project completion.

Training and Certifications

  • DoD 8570 compliance or information assurance certification commensurate with technical objectives and services required within the task order.
  • Applicable software or hardware training and certifications commensurate with the technical objectives, services required, and IT environment specified within the task order.

Capabilities and additional Requirements

  • Apply Standard Characteristics of Labor Category Capability Levels.

Education and Experience

  • HS/GED + 12 years
  • Associates Degree + 10 years
  • Bachelor’s Degree + 8 years
  • Master’s Degree + 6 years
  • PhD + 4 years
Full time
Salary Range
$49,000.00 - 87,000.00
per Year
Salary range estimated by
Reston, VA 22090, US