Insider Threat Analyst
Arlington, Minnesota, United States of America
Full Time
2 weeks ago
$89,000 - $112,000 USD
Visa Sponsor
Key skills
Cyber SecurityAnalyticsEntra IDLeadershipRisk Management
About this role
Role Overview
- Review, triage, and prioritize alerting from DTEX, Microsoft Purview, and other monitoring platforms
- Develop, tune, and optimize insider threat detection use cases across UEBA, DLP, SIEM, and endpoint monitoring platforms
- Monitor and analyze DTEX telemetry to identify high-risk user behaviors and potential data exfiltration activities
- Leverage Microsoft Purview for data loss prevention, information protection, and insider risk management capabilities
- Utilize Microsoft Entra ID for identity analytics, access reviews, and monitoring privileged account activity
- Conduct behavioral analysis to identify anomalous patterns indicative of data exfiltration, fraud, sabotage, or policy violations
- Perform proactive threat hunting to discover previously undetected insider risks and develop corresponding detection mechanisms
- Analyze technical indicators alongside contextual information such as HR events, travel data, and organizational changes to assess risk holistically
- Conduct investigations of insider threat incidents, from initial triage through remediation
- Coordinate with Legal, HR, and external law enforcement as required during sensitive investigations
- Prepare detailed investigation reports and briefings for leadership
- Create, maintain, and update insider threat playbooks and response procedures to ensure consistent and effective incident handling
- Contribute to insider threat program strategy and maturity roadmap
- Develop and maintain insider threat metrics, KPIs, and dashboards to measure program effectiveness
- Manage and deliver insider threat awareness training for employees, managers, and security teams
- Stay current on insider threat trends, TTPs, and emerging technologies; recommend program enhancements accordingly
Requirements
- Bachelor's degree minimum
- Minimum 5+ years of experience in insider threat analysis or a related cybersecurity discipline
- Minimum 5+ years’ experience with DTEX or similar insider threat monitoring platforms
- Due to Contractual requirements, must be a U.S. Person defined as, U.S. citizen permanent resident or green card holder, workers granted asylum or refugee status
- Due to national security requirements imposed by the U.S. Government, candidates for this position must not be a People's Republic of China national or Russian national unless the candidate is also a U.S. citizen.
Tech Stack
- Cyber Security
Benefits
- A competitive salary and innovative, game-changing work
- Flexible work schedule
- Employer subsidized health, dental, and vision insurance
- 401(k) match for student loan repayment benefit
- Equity, 401k retirement savings plan + 12 Paid holidays and generous vacation + sick time
- Paid parental leave
- Employee discounts