Senior Analyst - Insider Threat (Remote)

About The Position

Requirements

• Bachelor's degree required (Cybersecurity, Information Technology, Computer Science majors preferred)
• 3+ years in STEM-related field
• Strong experience with insider threat detection methodologies, behavioral analytics, and risk indicators
• Proven ability to design, tune, and operationalize detection logic to improve alert quality and reduce noise
• Experience working with DLP, UEBA, or related telemetry to identify and investigate insider risk activity
• Analytical mindset with ability to translate investigation outcomes into detection improvements
• Understanding of data classification, data movement patterns, and exfiltration techniques
• Ability to measure and improve detection effectiveness (i.e., alert fidelity, actionable alert rate)
• Strong collaboration and communication skills to influence cross-functional stakeholders
• Must be legally authorized to work in the United States for any employer without sponsorship
• Successful completion of interview required to meet job qualification
• Reliable, punctual attendance is an essential function of the position

Nice To Haves

• Master's degree
• Certifications such as CISA, Security +
• Hands-on experience with DLP platforms, insider risk tools, or detection engineering workflows
• Experience using Splunk for Insider Threat
• Familiarity with M365 / Purview, endpoint telemetry, or cloud activity monitoring
• Experience building metrics or KPIs to track detection performance and program maturity
• Knowledge of automation or scripting to support detection tuning and scaling

Responsibilities

• Design, build, and continuously refine insider threat detection logic, use cases, and analytics to improve signal quality.
• Focus on reducing false positives and increasing the percentage of actionable insider threat alerts.
• Lead triage and investigation of insider threat alerts, applying structured methodologies to assess risk.
• Translate investigation outcomes into detection improvements, ensuring a continuous feedback loop between operations and engineering.
• Develop and implement a scalable detection strategy aligned to key insider threat risks (i.e., data exfiltration, employee exit risk, misuse).
• Identify gaps and prioritize new detection use cases to expand coverage and effectiveness.
• Conduct proactive threat hunting using behavioral, endpoint, and data activity signals to identify emerging insider risks.
• Translate findings into new detection use cases and improvements to existing detection logic.
• Partner with Data Protection, Legal, HR, and Cyber teams to ensure detections are risk-aligned, context-aware, and operationally actionable.
• Incorporate business context and investigation requirements into detection design to improve alert fidelity and response effectiveness.

Benefits

• medical
• dental
• vision
• life
• accident & disability
• parental leave
• employee assistance program
• commuter
• paid holidays
• paid time off
• 401(k)
• flight privileges