Insider Threat Analyst - 642
- Detection, Alerting & Analysis:
- Review, triage, and prioritize alerting from DTEX, Microsoft Purview, and other monitoring platforms
- Develop, tune, and optimize insider threat detection use cases across UEBA, DLP, SIEM, and endpoint monitoring platforms
- Monitor and analyze DTEX telemetry to identify high-risk user behaviors and potential data exfiltration activities
- Leverage Microsoft Purview for data loss prevention, information protection, and insider risk management capabilities
- Utilize Microsoft Entra ID for identity analytics, access reviews, and monitoring privileged account activity
- Conduct behavioral analysis to identify anomalous patterns indicative of data exfiltration, fraud, sabotage, or policy violations
- Perform proactive threat hunting to discover previously undetected insider risks and develop corresponding detection mechanisms
- Analyze technical indicators alongside contextual information such as HR events, travel data, and organizational changes to assess risk holistically
- Investigations:
- Conduct investigations of insider threat incidents, from initial triage through remediation
- Coordinate with Legal, HR, and external law enforcement as required during sensitive investigations
- Prepare detailed investigation reports and briefings for leadership
- Program Development:
- Create, maintain, and update insider threat playbooks and response procedures to ensure consistent and effective incident handling
- Contribute to insider threat program strategy and maturity roadmap
- Develop and maintain insider threat metrics, KPIs, and dashboards to measure program effectiveness
- Manage and deliver insider threat awareness training for employees, managers, and security teams
- Stay current on insider threat trends, TTPs, and emerging technologies; recommend program enhancements accordingly
- Bachelor's degree minimum
- Minimum 5+ years of experience in insider threat analysis or a related cybersecurity discipline
- Minimum 5+ years’ experience with DTEX or similar insider threat monitoring platforms
- Due to Contractual requirements, must be a U.S. Person defined as, U.S. citizen permanent resident or green card holder, workers granted asylum or refugee status
- Due to national security requirements imposed by the U.S. Government, candidates for this position must not be a People's Republic of China national or Russian national unless the candidate is also a U.S. citizen.
- Bachelor's degree in Cybersecurity, Computer Science, Criminal Justice, a related field or equivalent experience
- Demonstrated experience conducting investigations involving data theft, fraud, or policy violations
- Hands-on experience with Microsoft Purview (Insider Risk Management, DLP, Information Protection) and Microsoft Entra ID
- Experience with UEBA platforms (e.g., Securonix, Exabeam, Microsoft Sentinel) and DLP solutions
- Proficiency with SIEM platforms, log analysis, and query languages (e.g., Splunk SPL, KQL, SQL)
- Experience drafting security procedures, playbooks, and technical documentation
- Excellent written and verbal communication skills, including the ability to present technical findings to non-technical audiences
- Counterintelligence experience, particularly in technology protection, economic espionage, or protecting proprietary information and trade secrets
- Background in identifying and mitigating threats from foreign intelligence services, competitors, or other adversaries targeting intellectual property
- Experience contributing to insider threat program development and maturation
- Familiarity with behavioral psychology, social engineering tactics, and human-centered security approaches
Recommended Jobs
Manufacturing Associate - Lynchburg
Manufacturing Associate ICP is a leading formulator and manufacturer of specialty coatings, adhesives, and sealants serving the construction and industrial end markets. The Manufacturing Associate…
Risk Manager, Business Continuity and Resilience Risk Management
Overview Risk Manager, Business Continuity and Resilience Risk Management Do you want to be part of an organization that is dedicated to helping Capital One identify, manage, and effectively…
International Tax Manager - Richmond, VA (Work from home possible)
Our client is a 150 staff CPA firm in the city of Richmond, VA. They have a heavy focus on working with high net worth individuals and their privately held companies and pride themselves on offering …
Lead Handyman/Home Service Technician
TruBlue Total House Care is Hiring a Lead Handyman / Home Service Technician! Location: Roanoke, VA Schedule: Full-Time | Monday–Friday (Weekends Off) Pay Rate: $23–$30/hour (based on exp…
Chef de Cuisine
Aramark is seeking a Chef de Cuisine to lead our dynamic kitchen team within a bustling hospitality environment. The Chef de Cuisine will oversee all aspects of kitchen management, from crafting creat…
Strategic Account Executive
Exceptional Service, Endless Improvement, Passionate People, and Honest and Forthright. Guided by our values, we foster a culture of growth, balance, and belonging where every team member can thrive…
General Clerk
Responsibilities Process high volumes of incoming and outgoing mail. Deliver mail and packages to local Post Office throughout Arlington, Virginia, while adhering to applicable distribution pro…
Human Resource Specialist (Journeyman)
Position Summary Provide integrated human resources and manpower management support to the F-35 JPO, including resource management processes, manpower planning analysis, database administration, a…
Production Operator
Are you a skilled Production Operator with forklift experience looking for a new opportunity? Looking to find dedicated individuals to join. Currently in peak season, and we need talented operators to…
Fleet Maintenance Operations Supervisor
Ryder, a leader in logistics, transportation, and fleet management, is seeking a dedicated Fleet Maintenance Operations Supervisor to join our innovative team. This role is pivotal in ensuring the ope…