Insider Threat Senior Engineer

Job Description

Insider Threat Senior Engineer

We're EA-the world's largest video game publisher. You're probably familiar with many of our titles-Star Wars Squadrons, Jedi Fallen Order, Dragon Age, Madden, FIFA, The Sims, Need for Speed, Dead Space and Star Wars Battlefront, to name a few. But maybe you don't know how we're committed to creating games for every platform-from social to mobile to console-to give our consumers that anytime, anywhere access they demand. What does that mean for you? It means more opportunities to unleash your creative genius, be inspired by those around you and ignite your path in any direction you choose.

Summary

The Insider Threat Engineer is a senior technical security position that plays a pivotal role in security risk management across EA. The role has 2 key aspects:

(a) Working with partners in EA Security and Games Studios to improve strategic capabilities and processes to prevent, detect and investigate insider and associated exfil/leaks.

(b) Coordinating and leading all insider and major leak investigations across EA to closure. Pull in wider incident response and threat intelligence teams as required.

During insider and major leak incidents the incumbent is required to coordinate with partners such as IR Operations, Legal, Games labels, EA Digital platform and other appropriate business units to gather incident details, assess impact, and coordinate response across EA.

It is important that the incumbent is a strong communicator and must ensure that all communications and interactions with Security leadership and business stakeholders are clear and consistent.

Primary Responsibilities
• Create an insider and leak investigation strategy. Socialize and work with partner teams including EA Security teams, IP Leak Enforcement, legal and games studios to implement required people, process and tech components of the strategy.
• Partner with Detections and SOC teams to implement a framework of insider/leak related detections.
• Partner with threat intelligence, Communications, and Studio to develop a risk based approach for leak related investigations including known actors and a matrix for data severity.
• Partner with Engineering, IT and Games Studios on data source and logging requirements for insider threat investigations and strategy.
• Assemble and partner with technical teams, stakeholders, legal team and third-party vendors to resolve insider/major leak investigations as efficiently as possible. You will be responsible for leading all related meetings and calls. This duty can be delegated to other staff helping but performance must be supervised.
• Consistently communicate the status of response, resolution and final root cause analysis of insider and leaks to EA Security leadership and appropriate stakeholders.
• Ensure that all incidents are recorded and tracked to meet audit and legal requirements where necessary.
• Work with [Audit / Legal] to update existing or develop new policies related to information protection.

Skills, Knowledge, and Abilities
• Must have a minimum of 8 years' hands on experience in insider threat and leak investigations.
• Must have thorough knowledge of information security components, principles, practices, and procedures and application of them during a security incident.
• Must have a holistic understanding of insider and leak vectors, current security threats, and remediation strategies.
• Experience with host and network based forensics analysis and associated practices, procedures and evidence handling.
• Experience in leading meetings, dividing responsibilities, and influencing people to take action to assist in the resolution of insider/leak investigations.
• Must have thorough knowledge of General IT architecture infrastructure, web application, and internet security along with a general understanding of common operating systems, networking protocols, database, and application development.
• Ability to understand legal and regulatory requirements and business drivers, and to integrate these into the overall Insider and Leak Strategy.
• Excellent analytical, organizational, verbal and written communication skills.

Additional Requirements
• Must be willing to travel to other EA locations as necessary to support security incidents.
• The incumbent must effectively interact between the various internal departments and executives to accomplish effective security incident response.
• Effectively perform work at varying levels to include executive/strategic and detailed/analytical.

Jobcode: Reference SBJ-rbek5x-18-224-44-108-42 in your application.