Independently conduct end-to-end insider risk investigations while working closely with Legal, Human Resources, Cybersecurity Operations, and other cross-functional teams.
Use monitoring and detection platforms to investigate anomalous activity for potential insider risk.
Conduct interviews with potential insiders.
Serve as the subject matter expert for insider risk and provide training to team members as needed.
Leverage AI tools to accelerate investigation workflows and data analysis.
Prepare investigation metrics, reports, and briefings.
Develop and maintain playbooks, standard operating procedures, and guideline documentation.
Support education and awareness programs to foster a strong security culture.

High School diploma/GED and seven years of Information, Clinical or Financial Systems experience required, including directing, planning and scheduling a major information system project, with three years of Cyber Security experience
OR Bachelor’s Degree and five years of Information, Clinical or Financial Systems experience required, including directing, planning and scheduling a major information system project, with three years of Cyber Security experience
Demonstrated ability to communicate technical concepts to non-technical stakeholders.
Experience leveraging DLP, UEBA, SIEM, EDR/XDR and SOAR platforms for complex investigations.
Familiarity with MITRE ATT&CK, NIST, HIPAA, GDPR, and ISO 27001.
Hands on scripting experience (Python, PowerShell, KQL, etc.) to collect artifacts, enrich detections and automate investigate workflows.
For Information Technology Division caregivers, ITIL Foundations certification is required within 6 months of position start date

Cybersecurity Specialist – Insider Threat

Key skills