Insider Risk Analyst

Job Title: Insider Risk Analyst

Max Rate: $42/hr on w2 OR $48/hr on c2c

Responsibilities

• Lead or support insider risk investigations, including evidence preservation and forensic analysis.
• Leverage AI/ML to quickly assess potential threats and enable proactive, informed decisions, including blocking suspicious activities like unauthorized data transfers or flagging risky user behavior.
• Ability to utilize AI/ML and identify, assess, and mitigate potential security threats posed by individuals, leverage AI-driven solutions to analyze data, pinpoint risky behaviors, and generate actionable insights and recommendations for program resilience and mitigation strategies.
• Facilitate and support the coordination and response to active insider threats, collaborating with counterintelligence, threat intelligence, and law enforcement teams.
• Correlate behavioral, contextual, and technical indicators to identify and assess potential insider threat incidents.
• Support investigations by collecting and analyzing digital evidence, documenting findings, and escalating matters to the appropriate parties.
• Monitor user activity data and alerts to identify potential indicators of insider threats. Analyze system logs, network traffic, and endpoint alerts for suspicious activity.
• Correlate data from multiple sources (including UEBA, DLP, SIEM, and EDR solutions) to detect anomalies and patterns indicative of insider threats.
• Develop and implement detection methods and strategies, including risk scoring and threat analysis tools, and refine alerts based on triage results, understanding of insider threats, and current events.
• Work closely with CISO Operations, Legal, Human Resources, and Counterintelligence, as well as external partners, to address and resolve insider risk incidents.

• Proficiency in cyber security concepts, network protocols, operating systems, encryption, authentication mechanisms, and security tools like SIEM, UEBA, and DLP solutions.
• Utilize AI-powered platforms like User and Entity Behavior Analytics (UEBA) to identify anomalous activities and patterns indicative of insider threats.
• Cultivate and heighten AI/ML models to refine detection capabilities by leading the creation and tuning of rules, alerts, and risk scoring models to enhance efficiency and accuracy.
• Familiarity with insider threat regulations, information security reports, and relevant legal and privacy regulations.
• Experience conducting internal investigations, collecting digital evidence while maintaining chain of custody, and understanding forensic analysis tools.
• Strong ability to analyze complex data, identify patterns and trends, apply critical thinking and logic to evaluate evidence, and use quantitative and qualitative methods to assess risk.
• Strong analytical skills to interpret large volumes of data and correlate disparate security signals.
• Knowledge of incident response processes and digital forensics fundamentals related to insider threat scenarios.
• Strong communication skills for cross-team coordination, reporting, and documenting findings.
• Ethical judgment and discretion, especially when handling sensitive personnel and organizational data.

• A degree from an accredited College/University in the applicable field of services is required. If the individual s degree is not in the applicable field then four additional years of related experience is required.
• Graduate certificates, specifically in Insider Risk Management and Mitigation, to provide in-depth expertise in understanding, investigating, and managing insider threats.
• 8+ years of experience in analyzing technical and non-technical indicators related to insider activity, including user behavior, network activity, system logs, and data access patterns.
• Knowledge of AI/ML concepts, algorithms, and applications in insider threat detection, including supervised and unsupervised learning, deep learning, and anomaly detection.
• Need a blend of technical, analytical capabilities, and soft skills to navigate the complex world of AI-driven insider threat detection and prevention.
• Hands-on experience in insider threat analysis.