RCEPost-Lead,InsiderThreatHunter

**_About Northern Trust:_** Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service. Northern Trust is seeking a skilled Insider Threat Hunt Analyst to join our Security Operations team. In this role you will proactively detect insider threats and attack techniques that may be present within the bank’s environment. The Insider Threat Hunt Analyst will collaborate with Threat Intelligence, Cyber Threat Hunting and Insider Risk teams to identify opportunities to build and respond to insider tactics and techniques. This role will also develop new and innovative Insider hunt hypotheses and create and deploy detection rules to mature our threat detection capabilities. Key Responsibilities: * Conduct proactive threat hunts focused on potential insider threats using endpoint, network and cloud log data. * Develop and refine insider threat detection use cases. * Create and deploy insider focused threat detection rules. * Recommend improvements to insider monitoring, alerting and automation. * Collaborate with cross-functional teams on insider risk scenarios. * Stay informed on the latest insider threat trends, tactics and techniques. Skills / Qualifications: * 5+ years of experience in cybersecurity, preferably in Insider Threat, Digital Forensics, Threat hunting, or incident response * Proficiency in writing and tuning detection logic in [SIEM](https://isecjobs.com/insights/siem-explained/) platforms (e.g., Splunk, Sentinel, Elastic). * Strong understanding of cybersecurity principle