Cybersecurity Specialist - Insider Threat

About the Role

Cleveland Clinic is a top-ranked healthcare organization seeking a passionate Cybersecurity Specialist focused on Insider Threat. You will work with dedicated caregivers to safeguard digital assets and protect systems from unauthorized access. Under the supervision of the Manager of Cybersecurity Intelligence, you will lead efforts to identify, investigate, and mitigate potential insider risks. Your work will be crucial in protecting Cleveland Clinic’s patients, assets, data, and reputation. This is a remote position with standard business hours and on-call shifts.

Key Responsibilities

• Independently conduct end-to-end insider risk investigations, collaborating with Legal, HR, Cybersecurity Operations, and other cross-functional teams.
• Utilize monitoring and detection platforms to investigate anomalous activity for potential insider risk.
• Conduct interviews with individuals identified as potential insiders.
• Act as the subject matter expert for insider risk, providing training to team members as needed.
• Leverage AI tools to enhance investigation workflows and data analysis.
• Prepare investigation metrics, reports, and briefings.
• Develop and maintain playbooks, standard operating procedures, and guideline documentation.
• Support education and awareness programs to foster a strong security culture.

Minimum Qualifications

• High School diploma/GED and seven years of Information, Clinical or Financial Systems experience, including directing, planning, and scheduling major information system projects, with three years of Cyber Security experience.
• OR Bachelor’s Degree and five years of Information, Clinical or Financial Systems experience, including directing, planning, and scheduling major information system projects, with three years of Cyber Security experience.
• Demonstrated ability to communicate technical concepts to non-technical stakeholders.
• Experience leveraging DLP, UEBA, SIEM, EDR/XDR, and SOAR platforms for complex investigations.
• Familiarity with MITRE ATT&CK, NIST, HIPAA, GDPR, and ISO 27001.
• Hands-on scripting experience (Python, PowerShell, KQL, etc.) for artifact collection, detection enrichment, and automation of investigative workflows.
• For IT Division caregivers, ITIL Foundations certification is required within 6 months of starting.

Preferred Qualifications

• Experience coordinating with internal and external counsel and eDiscovery providers.
• Experience conducting OSINT investigations.
• Industry certifications such as GCIH, GCFR, GCFA, GNFA, CEH, CFE, CCE, CFCE, CHFI, or equivalent advanced certifications.

Physical Requirements

• Ability to perform work in a stationary position for extended periods.
• Ability to travel throughout the hospital system.
• Ability to operate a computer and other office equipment.
• Ability to communicate and exchange accurate information.

Personal Protective Equipment

• Follows standard precautions using personal protective equipment as required.

Pay Range

Minimum Annual Salary: $92,620.00 Maximum Annual Salary: $141,265.00 Key skills/competency

• Cybersecurity Specialist
• Insider Threat
• Risk Investigation
• DLP
• UEBA
• SIEM
• EDR XDR
• SOAR
• MITRE ATT&CK
• NIST