Insider Threat Investigator

The Insider Threat Investigator will be a foundational member of the Internal Investigations team within Security Operations. The role involves monitoring, detecting, investigating, and responding to anomalous events that pose risks to the company. Responsibilities include analyzing threat intelligence, developing use cases, conducting data analysis, executing complex investigations, driving detection engineering, writing reports, and advising on preventative controls. The investigator will also create and maintain a use case library, develop playbooks, and standard operating procedures for investigation and response collaboration. This position requires experience with endpoint detection, network technologies, SOAR/SIEM platforms, UEBA, UAM, and DLP tools, along with an understanding of cloud and distributed IT environments.