Sr. Insider Threat Analyst

Primary Responsibility

• Advanced Alert Triage & Analysis: Monitor, analyze, and enrich alerts from various security tools to identify anomalous user behavior indicative of data exfiltration, access abuse, or other insider misconduct.

• Escalation & Case Packaging: Perform deep-dive behavioral analysis to determine the severity, context, and potential intent behind anomalous activity. Compile high- fidelity data packages and escalate actionable cases to the formal investigations, Legal, or HR teams for final disposition.

• DLP Program Optimization: Act as a primary analytic stakeholder for our Data Loss Prevention (DLP) ecosystem. Provide feedback to engineering teams to tune policies, reduce false positives, and ensure robust coverage across the environment.

• Insider Fraud Detection: Analyze access logs and system activities to identify anomalies that may indicate occupational fraud, financial irregularities, or privilege abuse.

• Cross-Functional Handoff: Partner closely with Information Security, Employee Relations, and Legal teams to ensure a seamless, well-documented handover of triaged cases, ensuring all analysis is conducted ethically and complies with local regulations.

• Program Maturity & Automation: Proactively identify gaps in current detection and triage capabilities. Champion the use of AI, Machine Learning, and automation to streamline repetitive triage tasks and accelerate the team's time-to-decision.

• Mentorship: Provide technical guidance to junior analysts on the team, helping to build local capability in the growing field of insider risk analysis

Required Qualifications

• Experience: 4+ years of overall experience in Cybersecurity, Security Operations (SOC), Incident Response, IT Audit, or Data Protection.
• Insider Risk / DLP Exposure: At least 1-2 years of experience specifically analyzing alerts related to Data Loss Prevention (DLP), User Behavior Analytics (UEBA), or insider threat events. (Note: Candidates with strong general security analytics backgrounds demonstrating a clear aptitude for behavioral analysis will be strongly considered).
• Technical Acumen: Strong understanding of network architecture, operating systems (Windows, macOS), identity management, and cloud platforms, with the ability to quickly pivot through logs to build a timeline of user activity.
• Analytical Mindset: Exceptional critical thinking skills with the ability to look beyond a single alert to understand the broader context of user behavior.
• Discretion: High degree of integrity and the ability to handle highly sensitive, confidential employee data with strict discretion.