Job Title

Northern Trust is seeking a skilled Insider Threat Hunt Analyst to join our Security Operations team. In this role you will proactively detect insider threats and attack techniques that may be present within the bank’s environment. The Insider Threat Hunt Analyst will collaborate with Threat Intelligence, Cyber Threat Hunting and Insider Risk teams to identify opportunities to build and respond to insider tactics and techniques. This role will also develop new and innovative Insider hunt hypotheses and create and deploy detection rules to mature our threat detection capabilities.Key Responsibilities:Conduct proactive threat hunts focused on potential insider threats using endpoint, network and cloud log data.Develop and refine insider threat detection use cases.Create and deploy insider focused threat detection rules.Recommend improvements to insider monitoring, alerting and automation.Collaborate with cross-functional teams on insider risk scenarios.Stay informed on the latest insider threat trends, tactics and techniques. Skills / Qualifications:5+ years of experience in cybersecurity, preferably in Insider Threat, Digital Forensics, Threat hunting, or incident responseProficiency in writing and tuning detection logic in SIEM platforms (e.g., Splunk, Sentinel, Elastic).Strong understanding of cybersecurity principles, including SIEM, IDS/IPS, and endpoint detection and response (EDR) solutions.Strong technical background in log analysis, data correlation, and behavioral analytics.Working knowledge of the MITRE ATTACK framework.Excellent problem-solving skills and attention to detail.Preferred, but Not Required, Skills / Qualifications:Bachelor's degree in Computer Science, Information Security, or related field.Security+, EnCE, GSEC, GCIH, CGFA other cyber security related certifications.