Cyber Investigations Analyst
About The Position
We are looking for a Cyber Investigations Analyst to support insider threat detection, investigation, and response efforts. This role focuses on identifying and analyzing both technical and behavioral risks within an organization. The analyst will conduct end-to-end investigations, including triaging alerts, collecting and analyzing evidence, building timelines, and documenting findings in line with established standards. In addition to investigations, the role involves proactive threat hunting using SIEM tools and enterprise telemetry. The analyst will work closely with cross-functional teams to address insider risk scenarios such as data theft, fraud, sabotage, espionage, and accidental data exposure. Success in this role requires a strong understanding of SOC operations, networking fundamentals, and the ability to identify patterns of suspicious behavior. We partner with 15 of the top 20 banks globally, and our top 10 banking clients have worked with us for an average of 26 years!. This role is located at a client site in Reston, VA. A hybrid working model is acceptable. Your future duties and responsibilities: We are looking for a Cyber Investigations Analyst to support insider threat detection, investigation, and response efforts. This role focuses on identifying and analyzing both technical and behavioral risks within an organization. The analyst will conduct end-to-end investigations, including triaging alerts, collecting and analyzing evidence, building timelines, and documenting findings in line with established standards. In addition to investigations, the role involves proactive threat hunting using SIEM tools and enterprise telemetry. The analyst will work closely with cross-functional teams to address insider risk scenarios such as data theft, fraud, sabotage, espionage, and accidental data exposure. Success in this role requires a strong understanding of SOC operations, networking fundamentals, and the ability to identify patterns of suspicious behavior.
Requirements
- 3+ years of relevant experience in cybersecurity, SOC operations, or investigative roles
- Hands-on experience with SIEM platforms and log analysis
- Strong understanding of networking fundamentals (TCP/IP, DNS, HTTP/S)
- Familiarity with SOC operations and incident response workflows
- Ability to conduct structured, end-to-end investigations
- Experience with threat hunting and hypothesis-driven analysis
- Knowledge of insider threat scenarios (e.g., data exfiltration, fraud, sabotage)
- Strong analytical thinking and attention to detail
- Clear documentation and reporting skills
- Ability to collaborate across teams and communicate findings effectively
- Background in cybersecurity or digital investigations is highly beneficial
Nice To Haves
- Relevant certifications (e.g., Security+, CEH, GCIA, or similar) are a plus but not strictly required
Responsibilities
- Support insider threat detection, investigation, and response efforts
- Identifying and analyzing both technical and behavioral risks within an organization
- Conduct end-to-end investigations, including triaging alerts, collecting and analyzing evidence, building timelines, and documenting findings in line with established standards
- Proactive threat hunting using SIEM tools and enterprise telemetry
- Work closely with cross-functional teams to address insider risk scenarios such as data theft, fraud, sabotage, espionage, and accidental data exposure
Benefits
- Competitive compensation
- Comprehensive insurance options
- Matching contributions through the 401(k) plan and the share purchase plan
- Paid time off for vacation, holidays, and sick time
- Paid parental leave
- Learning opportunities and tuition assistance
- Wellness and Well-being programs
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Number of Employees
5,001-10,000 employees
