Insider Risk Analyst

Starr InsuranceNew York, NY

About The Position

The Insider Risk Analyst is responsible for identifying, analyzing, and mitigating potential insider risks to the organization. This role involves monitoring and assessing data to detect suspicious activities, policy violations, and vulnerabilities that could compromise the confidentiality, integrity, and availability of the company's information assets. The Insider Risk Analyst will work closely with various departments, including IT, HR, and others in Legal, to ensure a comprehensive approach to insider risks and data management.

Requirements

  • Bachelor's degree in Cybersecurity, Information Technology, or a related field.
  • Minimum of 1-2 years of experience in cybersecurity preferred.
  • Proficiency with cybersecurity tools and technologies, including SIEM, UEBA, EDR, UAM, and Microsoft Purview and Microsoft Defender are preferred.
  • Strong analytical and problem-solving skills with the ability to triage alerts, correlate multiple data sources, and identify trends and patterns.
  • Excellent verbal and written communication skills, with the ability to document investigations clearly and convey technical information to non-technical stakeholders.
  • Ability to work both independently and collaboratively in a fast-paced environment.
  • Experience in conducting confidential investigations and handling digital evidence.
  • Experience with operating system, cloud access, and web proxy event logs is preferred.
  • Knowledge of cybersecurity and privacy laws and regulations.

Nice To Haves

  • Advanced degree preferred.
  • Relevant certifications such as CISSP, CISM, CIPP, or CERT Insider Threat Program Manager are highly desirable.
  • Experience and skills in other areas of compliance will be considered.

Responsibilities

  • Conduct thorough analysis of data to identify potential insider risks and vulnerabilities.
  • Monitor user and entity behavior analytics (UEBA) and related telemetry to detect anomalous behavior and suspicious activity.
  • Utilize security information and event management (SIEM) tools to analyze logs and alerts.
  • Support DLP policy tuning, alert review, and compliance monitoring to reduce unauthorized data exfiltration.
  • Support the guidance on the deployment and tuning of user activity monitoring (UAM) signatures to detect policy violations.
  • Collaborate with cross-functional teams to triage, investigate and respond to insider risk incidents.
  • Provide detailed assessments and reports on identified threats, vulnerabilities, and policy violations.
  • Recommend risk-based mitigation strategies and control improvements to strengthen the organization's security posture.
  • Stay updated on the latest trends, tactics, and developments in insider risk detection and prevention.
  • Conduct training and awareness programs for employees to promote a culture of integrity, security and compliance.

Benefits

  • first class training and development opportunities
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service