Sr. Investigator, Cyber Security

About The Position

Requirements

• Experience in incident response, security operations, cyber investigations, threat intelligence, insider-risk investigations, or sensitive security matters with a focus on APT groups.
• Hands-on familiarity with SIEM, SOAR, EDR, DLP, case management, identity, endpoint, cloud, and threat intelligence platforms
• Experience briefing technical and non-technical stakeholders, including Cyber Security leadership, Legal, HR, Compliance, and executive audiences
• Background in operations security, information security, personnel security, physical security, intelligence, compliance, or security program management
• Strong written documentation, evidence handling, judgment, discretion, collaboration, and time-management skills

Nice To Haves

• bilingual communication
• cleared-environment experience

Responsibilities

• Lead and support investigations involving cyber incidents, insider-risk alerts, data misuse, policy violations, unauthorized disclosure, suspicious user activity, and other sensitive security matters
• Triage alerts, scope activity, identify affected users, systems, data, and business processes, and determine investigation priority based on risk and impact
• Prepare clear investigation summaries, findings, recommendations, and executive-ready updates for Cyber Security leadership, Legal, HR, Compliance, and business stakeholders
• Apply incident response methodology to assess suspicious activity, determine root cause, validate impact, and support containment or remediation actions
• Correlate endpoint, network, identity, cloud, email, and user-behavior evidence to distinguish benign activity from policy violations, compromise, or intentional misuse
• Use threat intelligence and investigative tooling to enrich cases, validate indicators, improve detections, and support proactive risk reduction
• Identify and assess insider-risk indicators across DLP, UEBA, identity, endpoint, cloud, collaboration, and security monitoring platforms
• Investigate potential data exfiltration, unauthorized access, abnormal file movement, misuse of sensitive information, and risky behavior by employees, contractors, or privileged users
• Monitor high-risk scenarios including employee departures, role changes, privileged access, high-risk travel, sensitive projects, and repeat policy violations
• Maintain complete case documentation from intake through closure, including timeline, evidence sources, investigative actions, findings, risk assessment, and mitigation decisions
• Preserve evidence integrity and maintain chain of custody where required for cyber, employee, legal, or compliance-sensitive matters
• Ensure cases are handled confidentially, consistently, and in alignment with company policy, privacy expectations, legal guidance, and HR direction
• Serve as a trusted investigation partner to Cyber Security, Legal, HR, Compliance, IT, business leadership, and other stakeholders involved in sensitive cases
• Coordinate escalation, containment, access changes, monitoring, employee action, clean-device workflows, post-travel review, or other mitigation steps with the appropriate owners
• Translate technical findings into clear business risk language for non-technical stakeholders while preserving investigative accuracy

Benefits

• health insurance
• retirement plans
• paid time off