Insider Threat Analyst
Insider Threat Analyst responsible for triaging alerts, conducting investigations, and mitigating insider risks using SIEM, UBA, and DLP tools. Requires 3+ years in security operations or investigations with strong cross-functional collaboration skills.
Responsibilities
- Execute alert triage, correlation, and analysis across insider threat detection systems (SIEM, UBA, DLP, endpoint detection), prioritizing findings and escalating recommendations for investigation and mitigation.
- Support investigations end to end, from initial triage and evidence collection through employee interviews and stakeholder coordination, delivering clear documentation of findings, risk assessment, and recommended next steps.
- Partner with Security, Legal, HR, and business teams to design and execute processes that identify and mitigate insider risks, including abuse and misuse across company systems.
- Build case documentation and investigative reports that translate complex technical findings into concise, decision-ready briefs and assessments for leadership and cross-functional stakeholders.
- Drive improvements to insider threat detection by identifying recurring control gaps, refining alerting logic, and recommending scalable solutions that reduce insider risk across the organization.
Requirements
- 3+ years of experience in insider threat, security operations, investigations, fraud detection, or a closely related discipline, with hands-on use of insider threat technologies (SIEM, UBA, DLP, endpoint detection) and log analysis.
- Demonstrated experience conducting or supporting investigations involving sensitive employee matters, including evidence collection, interviewing techniques, and stakeholder coordination.
- Proven ability to translate complex security problems into clear, actionable recommendations, including composing investigative briefs and assessments consumed by leadership.
- Working knowledge of the insider threat landscape, including legal, regulatory, and ethical considerations of handling sensitive information, and experience with customer service tools or financial analysis.
- Utilizes generative AI responsibly, maintaining human oversight to deliver business-ready outputs and drive measurable improvements in workflow efficiency, cost, and quality.
Nice to Haves
- CISSP, or other security credentials
- Experience analyzing data and identifying disparities and trends
- Experience in one or more of: incident response, data protection, risk management, counterintelligence, investigations, fraud detection, financial crimes investigation, intellectual property theft, access and identity management, or IT engineering
- Comfortable with a fast-paced tech environment and learn quickly
- Familiar with blockchains, cryptocurrency, and onchain projects
Senior Security Engineer
Own AI platform posture end-to-end: administer Claude/ChatGPT enterprise controls, build MCP servers and agentic tooling, harden security against prompt injection and data leakage, and create spend dashboards. Requires 5+ years security/IT/DevOps experience plus hands-on AI platform administration.
Senior Security Engineer
Senior Security Engineer on the Cyber Resiliency team designing detection controls, engineering SOAR/AI playbooks, leading incident response, and conducting threat hunts to strengthen Chainguard's security posture.
Senior Security Engineer, Infrastructure & Network Security
Lead AWS and network security infrastructure, zero-trust initiatives, and cloud automation for enterprise environments. Requires strong AWS, networking, IAM, and scripting experience.
Senior Product Security Engineer
Senior security engineer embedded in product development to build secure CI/CD pipelines, enforce supply chain controls, and harden Kubernetes workloads on GCP/AWS. Requires 5+ years experience, strong Go/Python skills, and deep Kubernetes and cloud security expertise.