Specialist, Cyber Operations Professional (Insider Threat Response

If you're passionate about innovation and love working in an environment where you can constantly improve and adopt new technologies to drive business results, then Nationwide's Information Technology team could be the place for you! At Nationwide®, "on your side" goes beyond just words. Our customers are at the center of everything we do and we're looking for associates who are passionate about delivering extraordinary care.

Position Overview

We are seeking a detail-oriented and technically proficient Insider Threat Response Analyst to join our cybersecurity team. This role is responsible for detecting, investigating, and responding to potential insider threats across enterprise environments. The ideal candidate will have strong scripting, data analysis, and incident response capabilities, along with a deep understanding of operating systems, cloud platforms, and forensic processes.

Key Responsibilities

Lead investigations into potential insider threats, including data exfiltration, sabotage, compliance violations and unauthorized access

Monitor and analyze user activity across endpoints, networks and cloud environments to detect anomalous behavior

Develop and execute scripts using Python or PowerShell to automate threat detection and data parsing

Perform database querying and analysis to identify unauthorized access or data exfiltration

Utilize SIEM solutions and write SPL and XQL queries to correlate events and generate actionable insights

Conduct analysis on Windows, Linux, and macOS systems to support investigations.

Investigate incidents involving insider threats, including digital evidence collection and preservation

Collaborate with incident response teams to ensure timely containment and remediation.

Analyze large datasets to identify patterns, trends, and potential indicators of compromise

Support the development and refinement of insider threat detection rules and use cases

Maintain awareness of emerging threats, vulnerabilities, and best practices in insider threat management Required Technical Skills

Proficiency in Python or PowerShell scripting

Experience with SQL or other database querying languages

Strong understanding of networking concepts and protocols

Familiarity with Windows, Linux, and macOS operating systems

Ability to analyze and interpret large datasets Preferred Technical Skills

Hands-on experience with SIEM platforms

Skilled in writing SPL and XQL queries

Exposure to cloud platforms (AWS, Azure, GCP) Process Knowledge

Solid understanding of incident response procedures

Experience in digital evidence collection and preservation

Knowledge of regulatory and compliance requirements related to data security and privacy Preferred Qualifications

Certifications such as GIAC GCFA, GCIH, CEH, EnCE, MCFE or similar

Experience with insider threat programs or behavioral analytics

Familiarity with MITRE ATT&CK framework This role does not qualify for employer-sponsored work authorization. Nationwide does not participate in the Stem OPT Extension program.

#LI-TN1

Job Description Summary

If you're enthusiastic about delivering secure technology solutions to support a company providing extraordinary care to its customers, then Nationwide Technology is the place for you. Nationwide's industry-leading technology workforce embraces an agile work environment and a collaborative culture to deliver outstanding solutions and results. If that sounds like something you aspire to, we want to hear from you!

As a Cyber Operations professional, you'll be on the front line, protecting Nationwide's members and data! You will be immersed with incident response, cyber strategy and guidance, defense optimization and scanning and exploitation. We'll count on you to provide enterprise services in forensic investigation, attack and penetration, vulnerability scanning and response, cyber defense, security intelligence, security operations and infrastructure risk management.

Job Description

Key Responsibilities:

Responds to cyber incidents using industry recognized methodology, e.g., PICERL (Preparation, Identification, Containment, Eradication, Recovery and Lessons Learned).

Creates uplift of cyber security detection and alerts for ongoing prevention of threats.

Applies secure software and systems engineering practices throughout the delivery lifecycle to ensure our data and technology solutions are protected from threats and vulnerabilities.

Implements automation and orchestration for the enrichment and handling of cyber security events.

Supports vulnerability management via tools and processes and proactively identify vulnerabilities in the environment.

Assists in the planning and execution of team activities to enrich detection and prevention controls.

Participates in proactive cyber activity (purple teaming, threat hunting, red teaming, etc.) and expands awareness across all aspects of the MITRE ATT&CK framework.

Identifies critical log sources and system events used for creation and tuning of cyber security detections.

Maintains awareness of the cyber threat landscape to assist with the evaluation, enrichment and dissemination for action to protect Nationwide members and environment.

May perform other responsibilities as assigned.

Reporting Relationships: Reports to Manager, Risk Leader or above.

Typical Skills and Experiences:

Education: Undergraduate studies in cyber security, management information systems, engineering, math, computer science, data analytics or comparable experience and education strongly preferred. Graduate studies in cyber security, computer science or a related field are a plus.

License/Certification/Designation: Preferred certifications include: Certified Information Systems Security Professional (CISSP), Cisco Certified Network Associate (CCNA), Certified Ethical Hacker (CEH), GIAC Certified Intrusion Handler (GCIH), Digital Forensics Investigation: EnCase Certified Examiner (EnCE) certification, GIAC Strategic Planning Policy and Leadership (GSTRT), GIAC Security Expert (GSE), Certified Cloud Security Professional (CCSP), AWS Certified Cloud Practitioner, AZ500.

Experience: At least three years of experience in technology. Experience in working with operating systems, networking, desktop support, application development, end point security, database management or information security. Successful candidates will have experience configuring and using Windows and Linux/Unix operating systems.

Knowledge, Abilities and Skills: Action oriented and ability to make decisions and recommendations. Aptitude to build partnerships, understand business processes, and set priorities. Solid communication skills. Insurance and/or financial services industry knowledge a plus.

Other criteria, including leadership skills, competencies and experiences may take precedence.

Staffing exceptions to the above must be approved by the hiring manager's leader and Human Resource Business Partner.

Values: Regularly and consistently demonstrates Nationwide Values.

Job Conditions:

Overtime Eligibility: Exempt (Not Eligible)

Working Conditions: Hybrid to normal office environment.

ADA: The above statements cover what are generally believed to be principal and essential functions of this job. Specific circumstances may allow or require some people assigned to the job to perform a somewhat different combination of duties.

Benefits

We have an array of benefits to fit your needs, including: medical/dental/vision, life insurance, short and long term disability coverage, paid time off with newly hired associates receiving a minimum of 18 days paid time off each full calendar year pro-rated quarterly based on hire date, nine paid holidays, 8 hours of Lifetime paid time off, 8 hours of Unity Day paid time off, 401(k) with company match, company-paid pension plan, business casual attire, and more. To learn more about the benefits we offer, click here.

Nationwide is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive culture where everyone feels challenged, appreciated, respected and engaged. Nationwide prohibits discrimination and harassment and affords equal employment opportunities to employees and applicants without regard to any characteristic (or classification) protected by applicable law.

Smoke-Free Iowa Statement: Nationwide Mutual Insurance Company, its affiliates and subsidiaries comply with the Iowa Smokefree Air Act. Smoking is prohibited in all enclosed areas on or around company premises as well as company issued vehicles. The company offers designated smoking areas in which smoking is permitted at each individual location. The Act prohibits retaliation for reporting complaints or violations. For more information on the Iowa Smokefree Air Act, individuals may contact the Smokefree Air Act Helpline at .

NOTE TO EMPLOYMENT AGENCIES:

We value the partnerships we have built with our preferred vendors. Nationwide does not accept unsolicited resumes from employment agencies. All resumes submitted by employment agencies directly to any Nationwide employee or hiring manager in any form without a signed Nationwide Client Services Agreement on file and search engagement for that position will be deemed unsolicited in nature. No fee will be paid in the event the candidate is subsequently hired as a result of the referral or through other means.