Staff Insider Threat Analyst

Coupang•Seattle, WA

51d•$138,000 - $297,000

About The Position

We exist to wow our customers. We know we're doing the right thing when we hear our customers say, "How did we ever live without Coupang?" Born out of an obsession to make shopping, eating, and living easier than ever, we're collectively disrupting the multi-billion-dollar e-commerce industry from the ground up. We are one of the fastest-growing e-commerce companies that established an unparalleled reputation for being a dominant and reliable force in South Korean commerce. We are proud to have the best of both worlds - a startup culture with the resources of a large global public company. This fuels us to continue our growth and launch new services at the speed we have been since our inception. We are all entrepreneurs surrounded by opportunities to drive new initiatives and innovations. At our core, we are bold and ambitious people that like to get our hands dirty and make a hands-on impact. At Coupang, you will see yourself, your colleagues, your team, and the company grow every day. Our mission to build the future of commerce is real. We push the boundaries of what's possible to solve problems and break traditional tradeoffs. Join Coupang now to create an epic experience in this always-on, high-tech, and hyper-connected world. Role Overview We are seeking a Staff Insider Threat Analyst to be a deep technical expert for our Insider Threat team. This role is for a seasoned analyst who thrives on autonomy and possesses a rare blend of deep technical expertise and a sharp investigative mindset. You will be responsible for the full lifecycle of technical analysis for insider threat cases, from triaging alerts to conducting complex, data-driven reviews. You will be the team's primary technical expert, performing in-depth analysis and reporting your findings to the Investigations team to support formal inquiries.

Requirements

Bachelors Degree in Computer Science or a related technical field or equivalent professional experience.
4 years of experience in information Security with at least 3+ years of direct, hands-on experience in insider threat analysis

Nice To Haves

6+ years of experience in information security, with at least 3+ years of direct, hands-on experience in insider threat analysis.
Demonstrated mastery of analyzing and correlating security events from:
UBA/Insider Threat platforms
EDR solutions
SIEM / Data Lakes
Expert-level experience in host-based analysis and deep review of endpoint, application, and network log artifacts.
Proven ability to work autonomously, manage complex, sensitive cases with minimal supervision, and present technical findings clearly to both technical and non-technical partners.
An investigative mindset: You are naturally curious, detail-oriented, skeptical, and objective, with a strong drive to find the root cause.
Scripting skills (Python, PowerShell, Bash) for automating analytical tasks and data analysis.
Experience in building or significantly maturing an insider threat program from the ground up.
Relevant industry certifications (GCIH, CISSP).
Proficiency in Korean language.
Familiarity with digital forensic toolsets and a high-level understanding of forensic principles.

Responsibilities

Proactive Behavioral Analysis: Proactively hunt for and analyze anomalous user behavior by correlating data from DLP logs, EDR logs, SIEM/SOR logs, and other data sources to identify risks before they escalate.
Manage the Insider Threat Analysis Lifecycle: Triage incoming alerts, manage the queue, and conduct deep-dive technical reviews of user activity, system artifacts, and application logs to build a comprehensive timeline of events.
Support Formal Investigations: Partner with and provide detailed, technical findings to the Investigations, Legal, and HR teams. Translate complex technical data into clear, objective reports that serve as the foundation for formal inquiries.
Act as a Subject Matter Expert: Serve as the team's technical SME for insider threat data sources, providing guidance and insights to other analysts.
Improve Detections: Continuously develop, tune, and refine insider threat detection logic, creating new playbooks and alerting criteria to mature the program.
Provide Strategic Insight: Go beyond just the "what" and "who" to report on the "why" and "how," providing actionable recommendations to leadership for strengthening security posture and controls.