CrawlJobs Logo

Insider Threat Analyst

ecpi.edu Logo

ECPI University

Location Icon

Location:
United States , Arlington, VA, Broomfield, CO, Brooklyn Park, MN, Albuquerque, New Mexico

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

89000.00 - 112000.00 USD / Year
Save Job
Save Icon
Job offer has expired

Job Description:

We are seeking an experienced Insider Threat Analyst to join our security team. In this role, you will review and triage alerts, conduct investigations, develop detection strategies, and help mature our insider threat program. You will work cross-functionally with Legal, HR, IT, and business units to reduce internal risk while maintaining employee trust. This position requires strong technical expertise, investigative capability, and excellent interpersonal skills.

Job Responsibility:

  • Review, triage, and prioritize alerting from DTEX, Microsoft Purview, and other monitoring platforms
  • Develop, tune, and optimize insider threat detection use cases across UEBA, DLP, SIEM, and endpoint monitoring platforms
  • Monitor and analyze DTEX telemetry to identify high-risk user behaviors and potential data exfiltration activities
  • Leverage Microsoft Purview for data loss prevention, information protection, and insider risk management capabilities
  • Utilize Microsoft Entra ID for identity analytics, access reviews, and monitoring privileged account activity
  • Conduct behavioral analysis to identify anomalous patterns indicative of data exfiltration, fraud, sabotage, or policy violations
  • Perform proactive threat hunting to discover previously undetected insider risks and develop corresponding detection mechanisms
  • Analyze technical indicators alongside contextual information such as HR events, travel data, and organizational changes to assess risk holistically
  • Conduct investigations of insider threat incidents, from initial triage through remediation
  • Coordinate with Legal, HR, and external law enforcement as required during sensitive investigations
  • Prepare detailed investigation reports and briefings for leadership
  • Create, maintain, and update insider threat playbooks and response procedures to ensure consistent and effective incident handling
  • Contribute to insider threat program strategy and maturity roadmap
  • Develop and maintain insider threat metrics, KPIs, and dashboards to measure program effectiveness
  • Manage and deliver insider threat awareness training for employees, managers, and security teams
  • Stay current on insider threat trends, TTPs, and emerging technologies
  • recommend program enhancements accordingly

Requirements:

  • Bachelor’s degree minimum
  • Minimum 5+ years of experience in insider threat analysis or a related cybersecurity discipline
  • Minimum 5+ years’ experience with DTEX or similar insider threat monitoring platforms
  • Due to Contractual requirements, must be a U.S. Person defined as, U.S. citizen permanent resident or green card holder, workers granted asylum or refugee status
  • Due to national security requirements imposed by the U.S. Government, candidates for this position must not be a People’s Republic of China national or Russian national unless the candidate is also a U.S. citizen.

Nice to have:

  • Bachelor’s degree in Cybersecurity, Computer Science, Criminal Justice, a related field or equivalent experience
  • Demonstrated experience conducting investigations involving data theft, fraud, or policy violations
  • Hands-on experience with Microsoft Purview (Insider Risk Management, DLP, Information Protection) and Microsoft Entra ID
  • Experience with UEBA platforms (e.g., Securonix, Exabeam, Microsoft Sentinel) and DLP solutions
  • Proficiency with SIEM platforms, log analysis, and query languages (e.g., Splunk SPL, KQL, SQL)
  • Experience drafting security procedures, playbooks, and technical documentation
  • Excellent written and verbal communication skills, including the ability to present technical findings to non-technical audiences
  • Counterintelligence experience, particularly in technology protection, economic espionage, or protecting proprietary information and trade secrets
  • Background in identifying and mitigating threats from foreign intelligence services, competitors, or other adversaries targeting intellectual property
  • Experience contributing to insider threat program development and maturation
  • Familiarity with behavioral psychology, social engineering tactics, and human-centered security approaches
What we offer:
  • Flexible work schedule
  • Employer subsidized health, dental, and vision insurance
  • 401(k) match for student loan repayment benefit
  • Equity, 401k retirement savings plan + 12 Paid holidays and generous vacation + sick time
  • Paid parental leave
  • Employee discounts

Additional Information:

Job Posted:
February 19, 2026

Expiration:
February 21, 2026

Employment Type:
Fulltime
Work Type:
On-site work
Icon
ECPI University - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Insider Threat Analyst

SOC Insider Threat Lead Analyst

SOC Insider Threat Lead Analyst position at Citi, responsible for monitoring, re...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years working in the security & operations fields
  • Bachelor's degree or higher (Computer Science or Cybersecurity preferred) or equivalent work experience
  • Excellent knowledge of network security, TCP/IP, various operating systems (Windows/UNIX), and web technologies
  • Ability to read and understand packet level data
  • Experience with user behavior analytics, DLP, IDS/IPS, firewalls, and host security products (HIPS, AV, EDR, etc)
  • Certifications from EC-Council, GIAC, or (ISC)² are preferred [CISSP, C|EH, GCIA, CCNA]
  • Good communication skills with the ability to articulate clearly in high stress situations
  • Skills and proficiency with MS PowerPoint, Excel, Access or other analytical tools
Job Responsibility
Job Responsibility
  • Perform monitoring, research, assessment and analysis on alerts from various security tools
  • Recommend and review new use cases for insider threat monitoring
  • Follow pre-defined actions to investigate security incidents or perform incident response actions
  • Execute daily ad hoc tasks or lead projects as needed
  • Participate in or lead daily and ad-hoc conference calls
  • Create, update or provide process documentation, or provide requested evidence for compliance & controls requests
  • Fulltime
Read More
Arrow Right
New

Engineer II - Insider Threat

The Engineer II, Insider Threat, is a mid-level technical role within the Cyber ...
Location
Location
United States , Conshohocken; Remote
Salary
Salary:
Not provided
cencora.com Logo
Cencora
Expiration Date
March 13, 2026
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Behavioral Science, or equivalent work experience
  • Knowledge of insider threat detection methodologies, user activity monitoring, DLP, and investigative practices
  • Familiarity with privacy, compliance, and employment standards (e.g., GDPR, HIPAA, SOX, CCPA)
  • 3–5 years of progressive experience in cybersecurity, investigations, or risk management, with at least 1–2 years dedicated to insider threat or DLP operations
  • Hands-on experience with insider threat monitoring platforms, behavioral analytics, and DLP tools
  • Demonstrated ability to handle confidential investigations with discretion
  • Strong communication and writing skills for documenting findings and Briefing Stakeholders
Job Responsibility
Job Responsibility
  • Monitor and analyze user activity logs, alerts, and behavioral indicators to identify potential insider threats
  • Conduct investigations into moderate-complexity insider threat cases, including data misuse, exfiltration, fraud, and policy violations
  • Administer, monitor, and tune Data Loss Prevention (DLP) technologies to detect and prevent unauthorized movement of sensitive data
  • Investigate and respond to DLP alerts, escalating incidents when necessary with clear documentation and supporting evidence
  • Support the development and refinement of insider threat detection rules, analytics, and use cases
  • Contribute to the creation and improvement of playbooks and investigative workflows, including DLP-related scenarios
  • Collaborate with HR, Legal, and Corporate Security to ensure coordinated responses to insider incidents
  • Document findings and prepare clear reports for management and other stakeholders
  • Share knowledge with Engineer I analysts and contribute to team training efforts
  • Participate in awareness and deterrence initiatives by providing technical input to educational campaigns
What we offer
What we offer
  • medical
  • dental
  • vision care
  • comprehensive suite of benefits focusing on physical, emotional, financial, and social wellness
  • support for working families
  • backup dependent care
  • adoption assistance
  • infertility coverage
  • family building support
  • behavioral health solutions
  • Fulltime
Read More
Arrow Right

SOC Insider Threat Analyst

The analyst will perform monitoring, research, assessment and analysis on alerts...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4+ years working in the security & operations fields
  • Bachelor’s degree or higher (Computer Science or Cybersecurity preferred) or equivalent work experience
  • Excellent knowledge of network security, TCP/IP, various operating systems (Windows/UNIX), and web technologies (focusing on Internet security)
  • Ability to read and understand packet level data
  • Experience with user behavior analytics, DLP, IDS/IPS, firewalls, and host security products (HIPS, AV, EDR, etc)
  • Good communication skills with the ability to articulate clearly in high stress situations
  • Work independently and are self-directed
  • Detail oriented and perseverant individual
  • Positive attitude with the drive to get the work done
  • Self-starter with good problem solving skills, and continuously look for ways to improve things
Job Responsibility
Job Responsibility
  • Perform monitoring, research, assessment and analysis on alerts from various security tools, including firewalls, antivirus systems, user behavior analytics tools, proxy devices and SIEM tools
  • Recommend and review new use cases for insider threat monitoring
  • Follow pre-defined actions to investigate security incidents or perform incident response actions, including escalating to other support groups
  • Execute daily ad hoc tasks or lead projects as needed
  • Participate in or lead daily and ad-hoc conference calls
  • Create, update or provide process documentation, or provide requested evidence for compliance & controls requests
  • Fulltime
Read More
Arrow Right

SOC Insider Threat Lead Analyst

The analyst will perform monitoring, research, assessment and analysis on alerts...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years working in the security & operations fields
  • Bachelor’s degree or higher (Computer Science or Cybersecurity preferred) or equivalent work experience
  • Excellent knowledge of network security, TCP/IP, various operating systems (Windows/UNIX), and web technologies (focusing on Internet security)
  • Ability to read and understand packet level data
  • Experience with user behavior analytics, DLP, IDS/IPS, firewalls, and host security products (HIPS, AV, EDR, etc)
  • Good communication skills with the ability to articulate clearly in high stress situations
  • Work independently and are self-directed
  • Detail oriented and perseverant individual
  • Positive attitude with the drive to get the work done
  • Self-starter with good problem solving skills, and you continuously look for ways to improve things
Job Responsibility
Job Responsibility
  • Perform monitoring, research, assessment and analysis on alerts from various security tools, including firewalls, antivirus systems, user behavior analytics tools, proxy devices and SIEM tools
  • Recommend and review new use cases for insider threat monitoring
  • Follow pre-defined actions to investigate security incidents or perform incident response actions, including escalating to other support groups
  • Execute daily ad hoc tasks or lead projects as needed
  • Participate in or lead daily and ad-hoc conference calls
  • Create, update or provide process documentation, or provide requested evidence for compliance & controls requests
  • Fulltime
Read More
Arrow Right

Insider Threat Program Analyst Intern

The Insider Threat Program Intern will support Arcfield's mission to detect, ass...
Location
Location
United States , Chantilly
Salary
Salary:
Not provided
arcfield.com Logo
Arcfield
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Current enrollment in a degree program related to Homeland Security, intelligence studies, cybersecurity, computer science, psychology, criminology, security studies, or a related field
  • Strong analytical and critical‑thinking skills, with the ability to interpret complex or incomplete data
  • Excellent written communication skills, especially in producing clear, structured analytical products
  • Ability to handle sensitive information with discretion and professionalism
  • Basic understanding of national security frameworks or risk analysis
  • Proficiency with Microsoft Office tools (Word, Excel, PowerPoint)
Job Responsibility
Job Responsibility
  • Analyze security‑relevant data from cybersecurity, personnel security, physical security, and Human Resource systems to identify potential insider risk indicators
  • Assist analysts with preliminary assessments, case triage, and development of structured analytical products
  • Conduct open‑source and internal research to support security led investigations and risk assessments
  • Prepare concise written summaries, timelines, and data visualizations for senior analysts and program leadership
  • Maintain and update analytic SOPs, workflows, and documentation
  • Participate in cross‑functional coordination with cybersecurity, program security, Human Resources, legal, and program management teams
  • Contribute to insider threat trend analysis, behavioral‑indicator research, and program metrics
  • Assist with awareness and training initiatives by developing analytic insights or supporting content creation
Read More
Arrow Right

Staff Security Investigation Analyst

The Staff Security Investigation Analyst will lead internal investigations relat...
Location
Location
United States
Salary
Salary:
113000.00 - 161000.00 USD / Year
alpha-sense.com Logo
AlphaSense
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in corporate investigations, forensics, or incident response
  • Hands-on experience with insider threat and DLP tooling (e.g., UEBA, E-discovery, SIEM, EDR, Code42, Dtex, Microsoft Purview, or similar)
  • Proficiency investigating in cloud-native environments (AWS, GCP, Azure) and SaaS platforms
  • comfortable with audit logs, IAM, and identity-based investigations
  • Knowledge of employment law, privacy regulations (GDPR, CCPA), and compliance standards
  • Experience conducting investigative interviews in sensitive employment contexts
  • Strong communication skills and ability to handle sensitive cases with discretion across all levels of the organization, including executives
  • Proficiency in case management and e-discovery tools.
Job Responsibility
Job Responsibility
  • Conduct investigations into insider threats, data exfiltration, IP theft, compliance violations, and policy breaches
  • Investigate incidents involving sensitive assets specific to our environment: source code, AI/ML models, training data, client intelligence, and research IP
  • Gather and analyze digital and physical evidence using established forensic methodologies (cloud audit logs, SaaS telemetry, endpoint data, and identity/access records)
  • Conduct investigative interviews with subjects, witnesses, and stakeholders, applying appropriate techniques for sensitive employment matters
  • Prepare detailed reports and documentation of investigative findings suitable for executive leadership, legal proceedings, and regulatory inquiries
  • Collaborate with HR, Legal, and Compliance teams to manage sensitive matters appropriately
  • Maintain case management systems and ensure confidentiality and chain of custody integrity of investigation data
  • Develop and enhance investigation protocols, evidence handling standards, and response workflows
  • Identify patterns, trends, or emerging risks from investigation data and recommend preventive controls, detection improvements, and policy changes
  • Provide executive-level reporting on investigation trends, program metrics, and risk posture
What we offer
What we offer
  • performance-based bonus
  • equity
  • a generous benefits program
  • Fulltime
Read More
Arrow Right

Staff Physical Security Analyst

The Staff Physical Security Analyst will protect AlphaSense’s people, facilities...
Location
Location
United States , New York or Chicago
Salary
Salary:
113000.00 - 156000.00 USD / Year
alpha-sense.com Logo
AlphaSense
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in physical security, corporate security, or related fields, in a technology, financial services, or similarly fast-paced environment
  • Strong expertise in security technologies (e.g., Lenel, Genetec, Verkada, or similar access control and VMS platforms)
  • Experience with emergency response planning, crisis management, and security incident response
  • Strong analytical, investigative, and documentation skills
  • Ability to manage multiple global sites and remote collaboration effectively
  • Experience with executive protection, travel security, or personnel security programs
  • Understanding of how physical access intersects with logical/IT access governance
  • experience supporting access reviews or JML processes
  • Comfortable with technology: you can navigate integrations, reporting tools, and dashboards
  • Ability to partner effectively with investigative or insider threat teams on converged security matters
Job Responsibility
Job Responsibility
  • Oversee physical security systems, including access control, video surveillance, and alarm monitoring
  • Conduct site security risk assessments and recommend mitigation measures
  • Manage and optimize global access provisioning processes in coordination with IT and Facilities
  • Lead physical security investigations
  • Collaborate with building management, HR, Legal, IT and regional operations to ensure consistent security standards
  • Lead executive and personnel protection efforts
  • Own vendor and integrator relationships for physical security services and technologies
  • Develop and maintain physical security policies, procedures, and incident reporting frameworks
  • Support workplace violence prevention programs
  • Provide physical security data and investigative support to insider threat investigations
What we offer
What we offer
  • Competitive compensation, benefits, and the opportunity to shape security at a high-growth company
  • performance-based bonus
  • equity
  • generous benefits program
  • Fulltime
Read More
Arrow Right
New

Engineer III - Digital Forensics & Investigations

The Engineer III, Digital Forensics, is a senior technical role within the Cyber...
Location
Location
United States , Carrollton; Remote; Conshohocken
Salary
Salary:
Not provided
cencora.com Logo
Cencora
Expiration Date
February 23, 2026
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Digital Forensics, Computer Science, or equivalent work experience
  • Master’s degree preferred
  • Strong knowledge of forensic methodologies, evidence handling, and investigative processes
  • Familiarity with industry frameworks such as NIST, ISO 27037, and SANS best practices
  • 5–7 years of progressive experience in cybersecurity, with at least 3 years focused on digital forensics
  • Hands-on experience with forensic tools such as EnCase, FTK, X-Ways, Cellebrite, or Magnet Axiom
  • Demonstrated expertise in forensic investigations supporting cyber incidents, insider threats, or HR/Legal matters
  • Proven ability to handle sensitive investigations and maintain confidentiality
  • Strong communication skills, with the ability to present technical findings to technical and non-technical stakeholders
Job Responsibility
Job Responsibility
  • Lead digital forensic investigations involving cyber incidents, insider threats, fraud, or policy violations
  • Perform advanced forensic analysis on endpoints, servers, cloud platforms, and mobile devices to identify malicious activity, data exfiltration, or system compromise
  • Ensure proper evidence collection, preservation, documentation, and chain of custody in compliance with legal and regulatory standards
  • Develop and refine forensic playbooks, procedures, and workflows for global use
  • Partner with incident response, insider threat, HR, Legal, and Corporate Security teams to support sensitive investigations
  • Analyze malware, artifacts, and logs to determine attack vectors, timelines, and root causes
  • Act as a technical escalation point for Engineer I/II forensic analysts
  • Provide clear written reports and investigative summaries for leadership, legal, and non-technical audiences
  • Mentor and train junior forensic engineers on investigative techniques, tools, and evidence handling
  • Stay current on emerging forensic tools, technologies, and best practices to continuously improve program maturity
What we offer
What we offer
  • medical
  • dental
  • vision care
  • comprehensive suite of benefits focusing on physical, emotional, financial, and social wellness
  • support for working families
  • backup dependent care
  • adoption assistance
  • infertility coverage
  • family building support
  • behavioral health solutions
  • Fulltime
!
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy