Insider Threat Analyst

About The Position

Requirements

• Bachelor's degree (or equivalent experience) in Psychology, Criminal Justice, Security Management, Intelligence Studies, Cybersecurity, or a related field.
• 3 - 5 years of experience in security, HR, investigations, intelligence, or related roles, preferably with exposure to insider threat or personnel security programs.
• Familiarity with the 13 adjudicative guidelines and basic behavioral analysis concepts.
• Ability to follow structured investigative processes and document work clearly and objectively.
• Strong interpersonal and communication skills for working with HR, Physical Security, Cybersecurity, and other internal stakeholders.
• Basic understanding of security protocols and tools, with an emphasis on non-technical risk assessment and privacy considerations.
• Ability to obtain a TS/SCI clearance
• Ability to work in a SCIF environment and handle sensitive information with discretion and integrity.

Nice To Haves

• Active TS/SCI clearance.
• Prior experience in a defense, IC, or cleared contractor environment.
• Exposure to CMMC, NISPOM (32 CFR Part 117), SEAD 3/4, or similar USG policy frameworks.
• Experience using case management systems, UEBA and SIEM tools, HRIS platforms, or similar systems in an investigative or analytic context.
• Participation in or support of insider threat, personnel security, or workplace investigations programs.
• Experience contributing to training, awareness campaigns, or policy/process documentation.

Responsibilities

• Detection & Response Monitor employee and user activity across approved tools (e.g., access logs, case management systems, incident tickets) to identify potential insider risks or policy violations.
• Triage alerts and escalations from insider threat detections, HR referrals, and physical security incidents, escalating to senior analysts when warranted.
• Support containment and remediation activities during insider threat incidents by following established playbooks and direction from senior analysts or the Insider Threat Program lead.
• Investigation & Behavioral Analysis Identify, collect, and analyze data from multiple sources (HR/People data, security tools, access and badge logs, incident reports, and open-source/internal information) to validate suspicious behaviors and develop an initial risk picture.
• Incorporate the 13 adjudicative guidelines and relevant USG standards into basic behavioral assessments, focusing on indicators such as financial distress, foreign influence, substance misuse, or unexplained changes in behavior.
• Ensure investigation details, evidence, and analytic findings are accurately documented in the case management system, including timelines, rationale for decisions, and recommended next steps.
• Contribute to metrics development by ensuring cases, indicators, and outcomes are recorded consistently for program reporting.
• Collaboration & Stakeholder Engagement Collaborate with Physical Security to review facility access controls, assess anomalous badge activity, and respond to in-person security incidents involving personnel.
• Partner with HR/People on pre-employment checks, continuous evaluation inputs, and employee support or counseling processes related to behavior-based concerns.
• Coordinate with Cybersecurity, Legal/Compliance, and other internal teams to ensure investigations are handled lawfully, consistently, and in line with corporate policies and regulatory requirements.
• Participate in cross-functional meetings to discuss personnel-related risks and contribute to appropriate mitigation strategies (e.g., access restrictions, monitoring enhancements, referrals to HR).
• Process, Playbooks & Continuous Improvement Follow established insider threat playbooks and standard operating procedures for triage, investigation, and escalation.
• Provide feedback on playbooks, runbooks, and standard templates to help improve clarity, consistency, and analyst usability.
• Assist in maintaining and updating documentation for tools, workflows, and data sources used in insider threat investigations.
• Support the development, testing, and tuning of detections by providing case-driven feedback to senior analysts, security engineers, or product owners.
• Training, Awareness & Reporting Assist in delivering security awareness sessions and briefings focused on behavioral indicators, reporting obligations (e.g., SEAD requirements), and insider threat best practices.
• Support the preparation of routine reports on trends, case statistics, and compliance metrics for internal leadership and, where applicable, USG submissions.
• Help maintain accurate records of insider threat assessments, decisions, and follow-up actions in accordance with NISPOM and internal data retention requirements.

Benefits

• Medical Insurance: Comprehensive health insurance plans covering a range of services
• Dental and Vision Insurance: Coverage for routine dental check-ups, orthodontics, and vision care
• Saronic pays 100% of the premium for employees and 80% for dependents
• Time Off: Generous PTO and Holidays
• Parental Leave: Paid maternity and paternity leave to support new parents
• Competitive Salary: Industry-standard salaries with opportunities for performance-based bonuses
• Retirement Plan: 401(k) plan
• Stock Options: Equity options to give employees a stake in the company’s success
• Life and Disability Insurance: Basic life insurance and short- and long-term disability coverage
• Additional Perks: Free lunch benefit and unlimited free drinks and snacks in the office