Insider Threat Analyst

Your Opportunity

Your opportunity

We are seeking a highly experienced Insider Threat Analyst to build and mature a robust cybersecurity-related insider threat operations program. This role is critical to enhancing our organization’s ability to identify, assess, and mitigate insider risks, including data loss, intellectual property theft, and malicious activities.

As an Insider Threat Analyst, you will be responsible for driving tool tuning and configuration, program development, cross-functional collaboration, and the operationalization of insider threat detection and response capabilities.

This position is a unique opportunity to shape and enhance the maturity of our insider threat program by leveraging advanced analytics and incident response best practices.

The role offers a hybrid/flexible schedule, which means there’s an in-office expectation of 3 or more days per week and the flexibility to work outside the office location for the other days.

What you have

You are discreet, thoughtful, and seek to coordinate systemic, cross functional solutions to mitigate risk. You are familiar with Insider Threat technologies (such as User Entity Behavioral Analytics - UEBA, Security Information Event Management - SIEM, Data Loss Prevention - DLP) and understand investigations and/or the intelligence cycle.

Key Responsibilities:

Program Development:

• Design and mature a comprehensive insider threat program aligned with organizational goals and regulatory requirements.
• Develop policies, processes, and workflows for detecting, investigating, and mitigating insider threats.
• Define metrics and reporting frameworks to measure the effectiveness of the program.

Tool Configuration and Tuning:

• Contribute and provide guidance on the configuration and tuning of UEBA tool.
• Ensure seamless integration with existing security systems, such as SIEM and SOAR solutions.
• Collaborate with vendors and IT teams to customize the tool for organization-specific use cases.

Threat Detection and Analysis:

• Monitor user and entity behavior analytics to identify suspicious activities and policy violations.
• Conduct in-depth investigations into insider threat incidents, working closely with cybersecurity, HR, and legal teams.
• Refine detection capabilities by creating and optimizing rules, alerts, and risk scoring models.

Collaboration and Training:

• Act as a subject matter expert on insider threat risks and tools.
• Collaborate with analysts and cross-functional stakeholders on insider threat detection techniques and tool usage, providing guidance and support as needed.

Incident Response:

• Support the investigation and resolution of insider threat incidents, ensuring thorough documentation and root-cause analysis.
• Develop and execute response playbooks for various insider threat scenarios.

Required qualifications:

• Bachelor’s degree in cybersecurity, information technology, or a related field; advanced degree preferred.
• 10+ years of experience, with a focus in cybersecurity defense and insider threat analysis.
• Strong understanding of UEBA tools and technology, digital forensics, and data loss prevention (DLP) strategies.
• Proven expertise in deploying and managing insider threat tools specifically with tools such as DTEX InTERCEPT, Exabeam, Code42)
• Experience developing policies, procedures, and workflows for insider threat management.
• Familiarity with SIEM platforms, data analytics tools, and insider threat indicators and detection methods.
• Experience with scripting and automation (e.g., BigQuery, Python, PowerShell) is a plus.

Preferred qualifications:

• Master’s degree in cybersecurity, information technology, or a related field; advanced degree preferred.
• Relevant certifications such as CISSP, CISM, CISA, GIAC, or insider threat-specific credentials (e.g., Certified Insider Threat Program Manager).
• Knowledge of legal and regulatory requirements surrounding insider threat and data protection (e.g., GDPR, CCPA, etc.).

Key Competencies:

• Strong analytical and critical thinking skills.
• Strategic mindset with the ability to design and operationalize new programs.
• Detail-oriented, self-driven, and capable of working independently in a fast-paced environment.
• Competent in collecting, analyzing, and interpreting qualitative and quantitative data from multiple sources, documenting results, and analyzing findings to provide viable threat intelligence.

What you are good at

What you have

You are discreet, thoughtful, and seek to coordinate systemic, cross functional solutions to mitigate risk. You are familiar with Insider Threat technologies (such as User Entity Behavioral Analytics - UEBA, Security Information Event Management - SIEM, Data Loss Prevention - DLP) and understand investigations and/or the intelligence cycle.

Key Responsibilities:

Program Development:

• Design and mature a comprehensive insider threat program aligned with organizational goals and regulatory requirements.
• Develop policies, processes, and workflows for detecting, investigating, and mitigating insider threats.
• Define metrics and reporting frameworks to measure the effectiveness of the program.

Tool Configuration and Tuning:

• Contribute and provide guidance on the configuration and tuning of UEBA tool.
• Ensure seamless integration with existing security systems, such as SIEM and SOAR solutions.
• Collaborate with vendors and IT teams to customize the tool for organization-specific use cases.

Threat Detection and Analysis:

• Monitor user and entity behavior analytics to identify suspicious activities and policy violations.
• Conduct in-depth investigations into insider threat incidents, working closely with cybersecurity, HR, and legal teams.
• Refine detection capabilities by creating and optimizing rules, alerts, and risk scoring models.

Collaboration and Training:

• Act as a subject matter expert on insider threat risks and tools.
• Collaborate with analysts and cross-functional stakeholders on insider threat detection techniques and tool usage, providing guidance and support as needed.

Incident Response:

• Support the investigation and resolution of insider threat incidents, ensuring thorough documentation and root-cause analysis.
• Develop and execute response playbooks for various insider threat scenarios.

Required qualifications:

• Bachelor’s degree in cybersecurity, information technology, or a related field; advanced degree preferred.
• 10+ years of experience, with a focus in cybersecurity defense and insider threat analysis.
• Strong understanding of UEBA tools and technology, digital forensics, and data loss prevention (DLP) strategies.
• Proven expertise in deploying and managing insider threat tools specifically with tools such as DTEX InTERCEPT, Exabeam, Code42)
• Experience developing policies, procedures, and workflows for insider threat management.
• Familiarity with SIEM platforms, data analytics tools, and insider threat indicators and detection methods.
• Experience with scripting and automation (e.g., BigQuery, Python, PowerShell) is a plus.

Preferred qualifications:

• Master’s degree in cybersecurity, information technology, or a related field; advanced degree preferred.
• Relevant certifications such as CISSP, CISM, CISA, GIAC, or insider threat-specific credentials (e.g., Certified Insider Threat Program Manager).
• Knowledge of legal and regulatory requirements surrounding insider threat and data protection (e.g., GDPR, CCPA, etc.).

Key Competencies:

• Strong analytical and critical thinking skills.
• Strategic mindset with the ability to design and operationalize new programs.
• Detail-oriented, self-driven, and capable of working independently in a fast-paced environment.
• Competent in collecting, analyzing, and interpreting qualitative and quantitative data from multiple sources, documenting results, and analyzing findings to provide viable threat intelligence.