| Company | Con Edison |
|---|---|
| Location | New York City, NY |
| Preferred GIAC Certifications | GCIH, GCIA, GCFE, GREM |
| Travel | 10% |
| Salary | Not provided |
| URL | https://ejcu.fa.us6.oraclecloud.com/hcmUI/CandidateExperience/en/sites/CX_1033/job/7552?keyword=Senior+Specialist+-+Insider+Threat&mode=location |
| Contact Name | Anonymous |
| Contact Email | donotemail/at/sans.edu |
| Expires | 2026-05-24 |
Job Description
Mission Statement:
Consolidated Edison Company of New York, Inc. (Con Edison), Orange & Rockland Utilities (O&R), and Consolidated Edison Transmission (CET) employees are required to follow health, safety, and environmental policies, EEO, Standards of Business Conduct, and all other applicable company policy and procedures. We all share a responsibility to advance the company’s mission by excelling at our three corporate priorities – safety of our people and the public, operational excellence in all that we do, and ensuring the best possible customer experience.
Benefits:
We are dedicated to supporting the physical, mental, and financial health of our employees and their families. This commitment extends beyond the workplace to foster personal growth and holistic wellbeing. Our life-changing rewards package includes:
Rich medical & pharmacy benefits, including vision benefits
Dental benefits
Health Savings Accounts
Health Care and Dependent Care Flexible Spending Accounts
401(k) with robust matching
Employer paid Pension Plan
Employee Stock Purchase Plan with a generous matching contribution
State of the art Employee Assistance Program
Paid Parental Leave
Generous paid time off plus paid holidays
Family support: emergency backup child, & elder care assistance
Social responsibility and volunteer opportunities
Employee discount program
Commuter Benefits
Culture of growth and learning: career development; tuition reimbursement; recognition program
Life and Long-Term Disability Benefits
*Please be aware that some benefits may not apply to provisional or part-time job titles.
Job Description
Come join us at Con Edison as a Senior Specialist Insider Threat Team! We are seeking a highly skilled and motivated investigator to join our growing Digital Security Investigations team. In this role, you will lead Insider Threat digital investigations with a strong emphasis on OT environments, while supporting IT-related cases as needed. You will conduct complex digital forensic investigations, manage enterprise-wide evidence collection, collaborate with a high performing team, and present impactful findings to senior leadership to drive strategic security decisions.
Responsibilities
Core Responsibilities
Lead complex insider threat digital investigations, with primary focus on OT/ICS environments and support for IT investigations as required.
Conduct enterprise-wide forensic evidence collection across IT and OT systems, ensuring accurate, secure, and defensible acquisition with proper chain of custody.
Analyze digital artifacts to identify insider threat behaviors, attack vectors, indicators of compromise, timelines, and root causes.
Prepare and deliver clear, concise investigative reports and strategic recommendations to technical teams and executive leadership.
Serve as a technical subject matter expert (SME) and provide evidence to insider threat investigators and cross functional partners.
Collaborate with cybersecurity teams (CSOC, Red Team, Engineering, Vulnerability Management) and OT operations teams to enhance detection, response, and mitigation of insider risk.
Perform advanced forensic analysis, including malware reverse engineering and network traffic analysis using commercial and opensource tools.
Research emerging insider threat trends and contribute to the development of alerting, detection logic, and investigative methodologies.
Maintain and enhance digital investigation lab capabilities, support protective intelligence efforts as needed, and participate in oncall and emergency response activities.
Qualifications
Required Education/Experience
Bachelor's Degree and four years of experience in Digital Forensics Investigations, Insider Threat Response, or other related DFIR experience. or
Master's Degree and two years of experience in Digital Forensics Investigations, Insider Threat Response, or other related DFIR experience.
Preferred Education/Experience
Master's Degree and two years of experience in Digital Forensics Investigations, Insider Threat Response, or other related DFIR experience.
Relevant Work Experience
Demonstrated experience conducting digital forensic investigations using commercial and opensource tools is required. Required
Strong understanding of insiderthreat policies, investigative procedures, and evidence handling, including strict chainofcustody practices is required. Required
Proven ability to analyze digital evidence, develop investigation timelines, perform rootcause analysis, and draw defensible conclusions is required. Required
Experience producing clear, wellstructured reports and briefings for both technical teams and executive leadership is required. Required
Knowledge of evolving insiderthreat trends, tactics, and threat behaviors is required. Required
Understanding of OT/ICS systems, protocols, and architectures is preferred. Preferred
Physical security investigative experience is preferred. Preferred
Skills and Abilities
Demonstrated ability to maintain confidential information
Strong verbal communication and listening skills
Demonstrated analytical skills
Must be proficient in Microsoft Office including Word, Excel, Outlook and PowerPoint, etc.
Licenses and Certifications
Other: Required
Accredited Asset Management Specialist (AAMS) Relevant DFIR Certifications; GCIH, GCIA, GCFE, EnCE, GREM, CFCE or similar. Preferred
Physical Demands
Ability to push, pull, and lift up to 25 pounds
Ability to push, pull, and lift up to 40 pounds
Sit or stand to answer a phone for the duration of the workday
Sit or stand to use a keyboard, mouse, and computer for the duration of the workday
Possess manual dexterity and the ability to use hands for the duration of the workday
Ability to stoop, bend, reach, and kneel throughout the workday
Stand to use/operate office equipment for the duration of the workday
Ability to read small print and symbols
Work rotating shifts, including nights, midnights, weekends and holidays
Additional Physical Demands
The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays.
The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays.
