Insider Investigations Analyst

About the Role

Hiring Company is a global leader in cybersecurity, dedicated to stopping breaches with an advanced AI-native platform. Since 2011, the mission has been to protect people, processes, and technologies while cultivating a flexible, autonomous work culture. Join the mission to redefine modern security.

What You’ll Do

As an Insider Investigations Analyst, you will work within our CSIRT team to:

• Participate in confidential insider risk investigations.
• Create and implement insider risk detections.
• Review multi-source data including network, host, and open source.
• Communicate with end users on potential policy violations.
• Document investigations and support incident response life cycle procedures.
• Assist in detection criteria development and alert tuning efforts.
• Provide senior leadership with clear executive summaries.
• Offer after-hours on-demand support.

What You’ll Need

Essential qualifications include:

• Experience with data classification and risk scoring methodologies.
• Strong verbal and written communication with keen attention to detail.
• Ability to manage multiple investigations simultaneously.
• Independent work style with effective coordination across departments.
• Hands-on experience with incident response, particularly in cybersecurity threats.
• Theoretical and practical knowledge of Mac, Linux, and Windows.
• Understanding of TCP/IP networking and application layers.
• Experience with ASM, threat hunting, log analysis, IDS/IPS, and SIEM workflows.
• Scripting skills (Bash, PowerShell, etc.) and a desire to continuously learn.

Key skills/competency

cybersecurity, incident response, investigation, detection, SIEM, threat hunting, ASM, log analysis, scripting, insider risk