Cyber Defense Engineer - Insider Threat

About The Position

Requirements

• Minimum 4-6+ years of experience in cybersecurity engineering, insider threat or SOC engineering.
• Hands-on expertise with Microsoft Purview Insider Risk Management and DLP policy creation/tuning
• Strong knowledge of sensitivity labels, auto-labeling, and classification strategies
• Experience deploying and managing solutions across multiple Microsoft 365 tenants.
• Bachelor’s degree in Cybersecurity, Information Technology, or a related field (or equivalent work experience)
• Familiarity with threat hunting, MITRE ATT&CK framework, and incident response methodologies.
• Excellent analytical, communication, and problem-solving skills.
• Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.

Nice To Haves

• Understanding of AI security risks, model governance, and adversarial threats is strongly preferred.

Responsibilities

• Insider Threat Engineering & Detection Architect, deploy, and optimize Microsoft Purview Insider Risk Management (IRM) to detect, triage, and respond to insider risks.
• Develop and mature advanced detection use cases leveraging telemetry, behavioral analytics, UEBA, and AI/ML models to identify anomalous activity, privilege misuse, and data exfiltration risks.
• Design and tune monitoring systems to track user behavior, data access patterns, and sensitive data movement.
• Apply frameworks such as MITRE ATT&CK to enhance detection coverage and threat modeling.
• Integrate AI-assisted detection pipelines to reduce false positives, improve signal-to-noise ratio, and enable adaptive risk scoring.
• Data Loss Prevention & Data Protection Engineer, deploy, and continuously refine enterprise DLP policies across (Endpoints & Email) Microsoft 365 (SharePoint, OneDrive, Teams)
• Enhance and scale data classification strategies, including sensitivity labeling and auto-labeling.
• Utilize AI-enhanced classification and content inspection to improve accuracy and coverage of sensitive data detection.
• Ensure protection controls effectively prevent data exfiltration, misuse, and policy violations.
• Multi-Tenant & Policy Architecture Design consistent yet adaptable policies across multiple Microsoft 365 tenants.
• Ensure alignment with regional, legal, and regulatory requirements.
• Maintain policy standardization while accommodating business-specific needs.
• Incorporate AI-driven policy tuning and adaptive controls to dynamically adjust to evolving risk patterns.

Benefits

• Company-Paid Lunch Stipend: Lunch is provided via GrubHub
• Company-Paid Benefits: 100% Employer-Paid Medical in our High Deductible Health Plan, Dental and Vision benefits for employees and their families, 16 weeks of Paid Parental Leave, Employee Assistance Program, Life insurance, Short-Term Disability and Long-Term Disability
• 401(k): Company will match 100% of your contributions up to 6%
• Optional Employee-Paid Benefits: Medical insurance in our PPO plan and a variety of other benefits such as Health Savings Accounts (with Company Contribution!), Flexible Spending Accounts, Supplemental Life Insurance, Wellhub and more.
• Time Off: 25 days of Paid Time Off plus 12 company holidays