Senior Internal Intelligence Advisor, Insider Threat Program

Northern Trust
  • Location
    Chicago, Illinois
  • Sector
  • Experience
    Mid Career
  • Posted
    Feb 11

Position description

Northern Trust is seeking motivated candidates to join our insider threat team. Our mission oriented team is responsible for protecting the confidentiality, integrity, and availability of Northern Trust people, technology, information, facilities, and reputation from malicious or unintentionally negative actions by Northern Trust partners, contractors, vendors, and trusted business partners.


Northern Trust has an immediate opening on the team for a motivated Sr. Internal Intelligence Advisor who is up to date with the latest insider threat tactics, techniques, and procedures. This is a challenging yet rewarding position that provides an opportunity to leverage cutting edge technologies in pursuit of a vital mission that protects people, sensitive information/technologies, and the security posture of Northern Trust.


The work will be performed in the newly created Insider Threat Center, Chicago, Illinois This role must be able to prioritize work efforts - balancing operational tasks with longer-term strategic insider threat efforts.


Key Responsibilities


• Triage data of anomalous events collected by User Activity Monitoring (UAM) Tools, and other data analytics tools, SIEM technologies, and sources to decipher underlying trends or uncover anomalies and discern obscure patterns and attributes of potential insider threat activity 

  • Elevate indicators, and events of concern, document issues on computer misuse, various violations of policies, counterintelligence concerns, foreign influence, financial stressors, threats to self or others, continuous evaluations and enhanced monitoring, and other insider threat concerns

• Provide analytic case support to investigations, administrative or security inquiries, counterintelligence risk assessments, or other business unit relative assessments

• Complete special analytical projects as directed by leadership. Prepare and present analysis, in the form of briefings and/or reports, to leadership

• Assist in the proactive identification of new collection methodologies for the Insider Threat Program Additional responsibilities will include:

• Collecting, analyzing, and interpreting qualitative and quantitative data from multiple sources for the purpose of documenting investigations, analyzing findings and provide insider threat metrics

• Experience with insider threat hunting, monitoring, investigations, techniques and technologies

• Working knowledge of interpreting and applying NIST, CERT, and NITTF standards in all program/system development life-cycle phases

• Create TTPs for identifying insider threats and briefing team members and leadership on emerging threats

• Leverage social media and other open source intelligence resources 

• Collaborate with Insider Threat Team partners, data analytics team, and NTC3 to develop innovative Insider Threat capabilities to further enhance our proactive and reactive analytical process


• 7 years or more experience in Intelligence analysis, counterintelligence, law enforcement, investigative background

• Applicable degree(s) : Computer Science, International Affairs, Intelligence, International Relations, Business, National Security/Terrorism Studies, Political Science or Psychology

• Demonstrated relevant experience/expertise in supporting the US Government (USG or USIC) is highly desired 

  • Previous experience with insider threat, threat data management, data analytics, operations research, counterintelligence, security, cybersecurity, forensic accounting, and fraud examining

• Ability to function in a team environment or single capacity, a self-starter, with little supervision Preferred but not required certifications:

• Insider Threat Program Manager Certification (ITPM)

• Insider Threat Vulnerability Assessor Certification (ITVA)

• Certified Counterintelligence Threat Analyst Certification (CCTA)

Application instructions

Please be sure to indicate that you saw this position on

follow us on Twitter