Experis
Sr. Insider Threat Analyst
is a member of the Insider Threat Team with primary responsibility for mitigating, identifying, and responding to insider threat security events. The Insider Threat team is responsible for preventing, detecting, and responding to data exfiltration, workplace violence, systems sabotage, misuse of corporate assets, and other threats. Lead and conduct complex and technical data analysis; develop and tune rules, policies, and alerts for DLP and UEBA applications; develop strategies to deter, detect, and respond to insider threats; and collaborate with security operation centers, digital forensics, and physical security teams.
Primary Duties And Accountabilities
Identify and Respond to Insider Threat Security Events
Respond, analyze, and triage alerts from DLP, UEBA, and other monitoring tools
Characterize and analyze information from enterprise cybersecurity tools to identify anomalous activity and potential threats
Coordinate with enterprise-wide cyber defense staff to validate network alerts
Analyze security incidents for trends and patterns to uncover anomalies, identify gaps, and propose risk‑mitigation solutions
Manage incident response and investigative leads, including notification and escalation. Coordinate with physical security, legal, and HR teams as required.
Develop insider threat use cases and tune DLP and UEBA rules and policies
Identify tools, policies, and rules to monitor for the use case; tune policies and rules to meet use‑case requirements
Modify rules and policies to increase accuracy and reduce false positives
Identify and integrate new data sources to detect insider threat activity
Perform security reviews, cyber‑defense trend analysis, and open‑source research
Identify vulnerabilities in security architecture or controls; recommend changes to mitigate risk
Analyze insider events to identify patterns and develop mitigation strategies
Conduct open‑source research about industry trends and developments in protecting company assets and countering insider threats
Prepare written reports summarizing significant industry insider events to draw lessons for the Insider Threat Program
Assist in the development of policy, processes, procedures, and associated metrics
Produce and deliver insider‑threat awareness briefings, debriefings, and training activities
Minimum Qualifications
MS Purview (REQUIRED)
Skill in collecting data from a variety of cyber defense resources and ability to interpret information collected to recognize threats
Knowledge of DLP, UEBA, and logging applications; skill tuning policies within these tools
Knowledge of incident response and handling methodologies
Knowledge of computer networking concepts and protocols, and network security methodologies
Knowledge of host/network access control mechanisms
Knowledge of operating systems
Knowledge of cyber‑attack stages and techniques used by malicious insiders
Knowledge of security controls frameworks and ability to assess organizational security posture against these frameworks
Skill in conducting trend analysis
Bachelor’s degree in computer science, cybersecurity, or a related 4‑year technical degree with 10+ years of experience in IT or cybersecurity, or an equivalent combination of education and work experience
Seniority level: Mid‑Senior level.
Employment type: Contract.
Job function: Information Technology. Industries: IT Services and IT Consulting.
Referrals increase your chances of interviewing at Experis by 2x.
Get notified about new Insider Threat Analyst jobs in
Baltimore, MD .
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr
is a member of the Insider Threat Team with primary responsibility for mitigating, identifying, and responding to insider threat security events. The Insider Threat team is responsible for preventing, detecting, and responding to data exfiltration, workplace violence, systems sabotage, misuse of corporate assets, and other threats. Lead and conduct complex and technical data analysis; develop and tune rules, policies, and alerts for DLP and UEBA applications; develop strategies to deter, detect, and respond to insider threats; and collaborate with security operation centers, digital forensics, and physical security teams.
Primary Duties And Accountabilities
Identify and Respond to Insider Threat Security Events
Respond, analyze, and triage alerts from DLP, UEBA, and other monitoring tools
Characterize and analyze information from enterprise cybersecurity tools to identify anomalous activity and potential threats
Coordinate with enterprise-wide cyber defense staff to validate network alerts
Analyze security incidents for trends and patterns to uncover anomalies, identify gaps, and propose risk‑mitigation solutions
Manage incident response and investigative leads, including notification and escalation. Coordinate with physical security, legal, and HR teams as required.
Develop insider threat use cases and tune DLP and UEBA rules and policies
Identify tools, policies, and rules to monitor for the use case; tune policies and rules to meet use‑case requirements
Modify rules and policies to increase accuracy and reduce false positives
Identify and integrate new data sources to detect insider threat activity
Perform security reviews, cyber‑defense trend analysis, and open‑source research
Identify vulnerabilities in security architecture or controls; recommend changes to mitigate risk
Analyze insider events to identify patterns and develop mitigation strategies
Conduct open‑source research about industry trends and developments in protecting company assets and countering insider threats
Prepare written reports summarizing significant industry insider events to draw lessons for the Insider Threat Program
Assist in the development of policy, processes, procedures, and associated metrics
Produce and deliver insider‑threat awareness briefings, debriefings, and training activities
Minimum Qualifications
MS Purview (REQUIRED)
Skill in collecting data from a variety of cyber defense resources and ability to interpret information collected to recognize threats
Knowledge of DLP, UEBA, and logging applications; skill tuning policies within these tools
Knowledge of incident response and handling methodologies
Knowledge of computer networking concepts and protocols, and network security methodologies
Knowledge of host/network access control mechanisms
Knowledge of operating systems
Knowledge of cyber‑attack stages and techniques used by malicious insiders
Knowledge of security controls frameworks and ability to assess organizational security posture against these frameworks
Skill in conducting trend analysis
Bachelor’s degree in computer science, cybersecurity, or a related 4‑year technical degree with 10+ years of experience in IT or cybersecurity, or an equivalent combination of education and work experience
Seniority level: Mid‑Senior level.
Employment type: Contract.
Job function: Information Technology. Industries: IT Services and IT Consulting.
Referrals increase your chances of interviewing at Experis by 2x.
Get notified about new Insider Threat Analyst jobs in
Baltimore, MD .
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr