About the Role: We are seeking a highly skilled Insider Threat Analyst to support our security operations by identifying, analyzing, and mitigating risks from potential insider threats. The ideal candidate will have a strong background in security, intelligence, or investigations and be adept at developing insider threat programs, monitoring suspicious activity, and gathering threat intelligence to safeguard our organization’s assets.
Role Description:
• Develop, implement, and manage insider threat programs, including policies, procedures, and tools.
• Monitor alerts, triage security events, and analyze potential insider threat or risk activities.
• Gather, analyze, and assess threat intelligence from internal and external sources to identify emerging threats and vulnerabilities.
• Leverage Microsoft Security Tools (e.g., Sentinel) in both Azure and non-Azure environments to detect and respond to threats.
• Collaborate with security teams, HR, legal, and management to investigate and address insider threat incidents.
• Maintain comprehensive documentation and reporting for investigations and risk assessments.
Required Qualifications & Education:
• BS/BA Degree in Cybersecurity or Information Technology from a U.S. accredited college, university, or institution.
• 3+ years of experience working in any of the following fields: insider threat; law enforcement; intelligence (collection, targeting, or analysis); counterintelligence; corporate security; and investigations.
• CISSP, GIAC, CEH, Security +, Network +, or equivalent Certification(s).
• Experience developing and implementing an insider threat program, including policies, procedures, and tools.
• Experience monitoring alerts, triaging events, and performing analysis into potential insider threat/risk activities.
• Experience gathering and analyzing threat intelligence from internal and external sources to identify emerging threats and vulnerabilities.
• Experience with Microsoft Security Tools (e.g. Sentinel) that is either part of or independent of the Microsoft Azure offering.
• Additional experience and critical knowledge preferred with the following tools: Qualys, Crowdstrike, Cloudflare, CyberArk, Solarwinds
• Has excellent oral, writing, and team skills.
Clearance and Location Requirements:
• Able to be cleared for a Public Trust clearance.
• This position requires to be onsite 3 days per week in Washington, DC.
We're ready to discuss your needs or dive in on your cyber defense journey. Let us know how we can help.
Contact us