CrawlJobs Logo

Insider Threat Analyst

schwab.com Logo

Charles Schwab

Location Icon

Location:
United States , Orlando, FL

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

98000.00 - 106000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

At Schwab, you’re empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us “challenge the status quo” and transform the finance industry together. We are expanding our Insider Threat Operations Team. This role supports and analyzes threat detection for the Cybersecurity Defense Insider Threat program. This resource will work with a team of analysts in the identification and development of new processes and techniques to analyze information with the goal of detecting risks and gaps in the areas of people, processes, and technology. This resource will also utilize understanding of Insider Threat principles to identify trends and patterns which can assist in the development of new detection rules and models. The role offers a hybrid/flexible schedule, which means there’s an in-office expectation of 4 or more days per week and the flexibility to work outside the office location for the other day.

Job Responsibility:

  • Support and analyze threat detection for the Cybersecurity Defense Insider Threat program
  • Work with a team of analysts in the identification and development of new processes and techniques to analyze information with the goal of detecting risks and gaps in the areas of people, processes, and technology
  • Utilize understanding of Insider Threat principles to identify trends and patterns which can assist in the development of new detection rules and models

Requirements:

  • Understanding of computer networking concepts, communication protocols, primary threat actor attack methods and tools
  • Competent in collecting, analyzing, and interpreting qualitative and quantitative data from multiple sources, documenting results, and analyzing findings to provide viable threat intelligence
  • Ability to understand and learn technical specifications, system requirements and other application design information as needed
  • Detail-oriented person who is passionate about quality and is enthusiastic about innovative technology offerings
  • Strong verbal and written communication skills and you are comfortable composing briefs and assessments for leadership
  • Familiar with analytical programming languages such as SQL
  • Ability to thrive in ambiguity and rapid change
  • Comfortable with process flow diagrams
  • Familiar with applying Agile Methods
  • Basic understanding of a variety of security and compliance policies and incident response processes
  • Experience monitoring and analyzing Data Loss Prevention (DLP) and Database Activity Monitoring (DAM) incidents to ensure compliance with company policies
  • Ability to exercise sound judgment when determining which events require follow-up response or escalation
  • Comfortable working with internal customers to respond to escalations
  • Maintaining incident documentation, analyzing incident trends
  • Experience maintaining and generating audit evidence for internal and external regulatory compliance
  • Ability to function as a technical conduit between IT and the business

Nice to have:

  • 4 - 7 years related experience including developing requirements, designing, and executing test cases in insider threat and data loss prevention
  • Bachelor’s degree in computer science or related field
What we offer:
  • 401(k) with company match and Employee stock purchase plan
  • Paid time for vacation, volunteering, and 28-day sabbatical after every 5 years of service for eligible positions
  • Paid parental leave and family building benefits
  • Tuition reimbursement
  • Health, dental, and vision insurance

Additional Information:

Job Posted:
May 05, 2026

Expiration:
May 11, 2026

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Charles Schwab - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Insider Threat Analyst

SOC Insider Threat Lead Analyst

SOC Insider Threat Lead Analyst position at Citi, responsible for monitoring, re...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years working in the security & operations fields
  • Bachelor's degree or higher (Computer Science or Cybersecurity preferred) or equivalent work experience
  • Excellent knowledge of network security, TCP/IP, various operating systems (Windows/UNIX), and web technologies
  • Ability to read and understand packet level data
  • Experience with user behavior analytics, DLP, IDS/IPS, firewalls, and host security products (HIPS, AV, EDR, etc)
  • Certifications from EC-Council, GIAC, or (ISC)² are preferred [CISSP, C|EH, GCIA, CCNA]
  • Good communication skills with the ability to articulate clearly in high stress situations
  • Skills and proficiency with MS PowerPoint, Excel, Access or other analytical tools
Job Responsibility
Job Responsibility
  • Perform monitoring, research, assessment and analysis on alerts from various security tools
  • Recommend and review new use cases for insider threat monitoring
  • Follow pre-defined actions to investigate security incidents or perform incident response actions
  • Execute daily ad hoc tasks or lead projects as needed
  • Participate in or lead daily and ad-hoc conference calls
  • Create, update or provide process documentation, or provide requested evidence for compliance & controls requests
  • Fulltime
Read More
Arrow Right

SOC Insider Threat Lead Analyst

The analyst will perform monitoring, research, assessment and analysis on alerts...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years working in the security & operations fields
  • Bachelor’s degree or higher (Computer Science or Cybersecurity preferred) or equivalent work experience
  • Excellent knowledge of network security, TCP/IP, various operating systems (Windows/UNIX), and web technologies (focusing on Internet security)
  • Ability to read and understand packet level data
  • Experience with user behavior analytics, DLP, IDS/IPS, firewalls, and host security products (HIPS, AV, EDR, etc)
  • Good communication skills with the ability to articulate clearly in high stress situations
  • Work independently and are self-directed
  • Detail oriented and perseverant individual
  • Positive attitude with the drive to get the work done
  • Self-starter with good problem solving skills, and you continuously look for ways to improve things
Job Responsibility
Job Responsibility
  • Perform monitoring, research, assessment and analysis on alerts from various security tools, including firewalls, antivirus systems, user behavior analytics tools, proxy devices and SIEM tools
  • Recommend and review new use cases for insider threat monitoring
  • Follow pre-defined actions to investigate security incidents or perform incident response actions, including escalating to other support groups
  • Execute daily ad hoc tasks or lead projects as needed
  • Participate in or lead daily and ad-hoc conference calls
  • Create, update or provide process documentation, or provide requested evidence for compliance & controls requests
  • Fulltime
Read More
Arrow Right

Insider Threat Program Analyst Intern

The Insider Threat Program Intern will support Arcfield's mission to detect, ass...
Location
Location
United States , Chantilly
Salary
Salary:
Not provided
arcfield.com Logo
Arcfield
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Current enrollment in a degree program related to Homeland Security, intelligence studies, cybersecurity, computer science, psychology, criminology, security studies, or a related field
  • Strong analytical and critical‑thinking skills, with the ability to interpret complex or incomplete data
  • Excellent written communication skills, especially in producing clear, structured analytical products
  • Ability to handle sensitive information with discretion and professionalism
  • Basic understanding of national security frameworks or risk analysis
  • Proficiency with Microsoft Office tools (Word, Excel, PowerPoint)
Job Responsibility
Job Responsibility
  • Analyze security‑relevant data from cybersecurity, personnel security, physical security, and Human Resource systems to identify potential insider risk indicators
  • Assist analysts with preliminary assessments, case triage, and development of structured analytical products
  • Conduct open‑source and internal research to support security led investigations and risk assessments
  • Prepare concise written summaries, timelines, and data visualizations for senior analysts and program leadership
  • Maintain and update analytic SOPs, workflows, and documentation
  • Participate in cross‑functional coordination with cybersecurity, program security, Human Resources, legal, and program management teams
  • Contribute to insider threat trend analysis, behavioral‑indicator research, and program metrics
  • Assist with awareness and training initiatives by developing analytic insights or supporting content creation
Read More
Arrow Right

Senior Detection Engineer

This is a detection engineering role that leverages knowledge of monitoring, ana...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.marriott.com Logo
Marriott Bonvoy
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Sciences or related field or equivalent experience/certification
  • 3+ years of collective experience in Splunk SIEM (Splunk Enterprise Security) threat detection use case development or UEBA (Exabeam) use case development for insider threat use case development
  • 5+ years of experience in security functions such as SOC, CIRT, security engineering, risk management, vulnerability management or technical infrastructure operations, administration, or systems engineering
  • scripting or programming language, including Python
  • Current information security certification such as Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP) preferred
  • offensive and defensive security certifications such as CEH, IGAC Cyber Defense, OSCP or other related certifications preferred
  • Splunk Certification, including Splunk Enterprise Security Certified Admin preferred
  • use case development experience on the Exabeam platform preferred
  • working knowledge of the NIST Cyber Security Framework and ISO/IEC 27001:2022 preferred
  • working knowledge of the MITRE ATT&CK Framework preferred
Job Responsibility
Job Responsibility
  • Lead collaboration sessions within the cyber security tower and other business units to devise security monitoring use cases
  • engage and collaborate with other security engineers and architects as needed to keep pace with the evolution of corporate infrastructure and applications and share that knowledge with peers as appropriate
  • document prospective security monitoring use cases with MITRE ATT&ACK mappings using standard templates and methodologies
  • inform and consult other cyber ops teams of required data onboarding and integrations for use case development
  • develop analytics, correlation searches, dashboards, reports and alerts within the SIEM and UEBA platforms
  • solicit feedback for pre-production security monitoring content through peer review process and user acceptance testing for tuning
  • document developed security monitoring content in a documentation registry using department standard templates and methodologies
  • manage field mapping and transmission of security monitoring alerts to the security incident response platform for SOC analyst consumption as outlined in process documentation
  • provide governance support for the content development function entailing content development standards compliance, change management approvals for SIEM or UEBA content, and lifecycle management of developed security monitoring content
  • service operational requests in queue such as analytics content performance tuning, filtering, search refinement, parsing issues
  • Fulltime
Read More
Arrow Right

Global Head of Threat Intelligence

This is one of FS-ISAC’s most influential leadership positions. As Global Head o...
Location
Location
United States , Reston, VA
Salary
Salary:
Not provided
fsisac.com Logo
FS-ISAC
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of cyber threat intelligence experience (financial sector preferred)
  • 5+ years leading global teams, with proven ability to inspire, mentor, and unite diverse talent
  • Deep knowledge of cyber threat actors (state-sponsored, criminal, insider) and their tactics, techniques, and procedures
  • Strong communicator with executive presence — able to translate technical insights into strategic action
  • Experience collaborating with government, law enforcement, and international partners
  • Exceptional writing, public speaking, and media skills
  • Eligible to obtain/maintain a Top Secret (TS/SCI) clearance (sponsorship provided if needed)
  • Based in, or able to relocate to, the Washington, D.C. metro area
Job Responsibility
Job Responsibility
  • Lead and continuously evolve FS-ISAC’s global threat intelligence program
  • Manage, mentor, and unite a globally distributed team of intelligence analysts
  • Oversee the collection, analysis, and dissemination of actionable threat intelligence
  • Represent FS-ISAC externally with members, partners, policymakers, and media
  • Collaborate with technology teams to advance intelligence tools and platforms
  • Engage with law enforcement, intelligence community, and global stakeholders
  • Provide forward-looking insights on emerging threats, geopolitical triggers, and industry implications
  • Serve as FS-ISAC’s expert voice at summits, conferences, and member forums
What we offer
What we offer
  • Competitive compensation
  • Relocation support
  • Clearance sponsorship
  • Fulltime
Read More
Arrow Right

Intelligence Senior Analyst

The Open Source Intelligence Senior Analyst position is an intermediate-level po...
Location
Location
Hungary , Budapest
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum bachelor’s degree / University degree
  • Minimum of 5 years’ experience relating to open source intelligence analysis for investigations, threat monitoring, or intelligence targeting
  • Demonstrable ability to collect, evaluate, interpret, and analyze data, with a strong knowledge of analytical techniques
  • Excellent communication (oral and written) skills with attention to detail
  • Established project management skills – ability to coordinate and prioritize several projects simultaneously while working with a globally dispersed team
  • Self-motivation, ability and maturity to make decisions in the absence of detailed instructions
  • Ability to act as a mentor to less-tenured staff
  • Experience in utilizing analytical and visualization software applications – specifically link analysis tools (e.g., Palantir, Semantica Pro, Maltego, i2 Analyst’s Notebook, ESRI)
  • Expertise in Microsoft Office products
  • Fluent English language skills (written and oral) required
Job Responsibility
Job Responsibility
  • Lead open source analysis for CSIS investigations involving fraud, cyber, insider, and other security threats
  • Use advanced techniques to monitor threats and collect data from multiple open sources, including social media, the deep and the dark web
  • Apply advanced qualitative and quantitative analytical methodologies to turn information and data into actionable intelligence
  • Anticipate, identify and develop innovative solutions to intelligence gaps
  • Deliver analysis and findings in the form of high quality, succinct, and straightforward written products and oral briefings
  • Manage multiple projects simultaneously with a proactive, self-motivated approach, ensuring timely delivery of high-quality results while collaborating effectively with global teams
What we offer
What we offer
  • Cafeteria Program
  • Home Office Allowance
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms
  • Flexible work arrangements
  • Career progression opportunities across geographies and business lines
  • Fulltime
Read More
Arrow Right

Senior Software Engineer

Security represents the most critical priorities for our customers in a world aw...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 8+ years of software development experience
  • Strong skills in distributed systems and data processing
  • Hands-on experience with cloud platforms such as Azure, AWS, or Google Cloud
  • experience with Azure Services is a plus
  • Solid understanding of Object-Oriented Programming (OOP) and common Design Patterns
  • Excellent communication and collaboration abilities, with the capacity to handle ambiguity and prioritize effectively
  • BS or MS degree in Computer Science or Engineering, or equivalent work experience
Job Responsibility
Job Responsibility
  • Build cloud-scale services that process and analyze massive volumes of organizational signals in real time
  • Harness the power of Apache Spark for high-performance data processing and scalable pipelines
  • Apply machine learning to uncover subtle patterns and anomalies that signal insider threats
  • Craft intelligent user experiences using React and AI-driven insights to help security analysts act with confidence
  • Collaborate across disciplines—from data science to UX to cloud infrastructure—in a fast-paced, high-impact environment
  • Design and deliver end-to-end features including system architecture, coding, deployment, scalability, performance, and quality
  • Ensure engineering excellence by writing effective code, unit tests, debugging, code reviews, and building CI/CD pipelines
  • Troubleshoot and optimize Live Site operations, focusing on automation, reliability, and monitoring
  • Fulltime
Read More
Arrow Right

Software Engineer II

Security represents the most critical priorities for our customers in a world aw...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 4+ years of software development experience
  • Strong skills in distributed systems and data processing
  • Hands-on experience with cloud platforms such as Azure, AWS, or Google Cloud
  • Experience with Azure Services is a plus
Job Responsibility
Job Responsibility
  • Build cloud-scale services that process and analyze massive volumes of organizational signals in real time
  • Harness the power of Apache Spark for high-performance data processing and scalable pipelines
  • Apply machine learning to uncover subtle patterns and anomalies that signal insider threats
  • Craft intelligent user experiences using React and AI-driven insights to help security analysts act with confidence
  • Collaborate across disciplines—from data science to UX to cloud infrastructure—in a fast-paced, high-impact environment
  • Design and deliver end-to-end features including system architecture, coding, deployment, scalability, performance, and quality
  • Ensure engineering excellence by writing effective code, unit tests, debugging, code reviews, and building CI/CD pipelines
  • Troubleshoot and optimize Live Site operations, focusing on automation, reliability, and monitoring
  • Fulltime
Read More
Arrow Right