Insider Investigations Analyst (Remote)

United States

Apply with AI Apply

Not SpecifiedCompensation

Mid-level (3 to 4 years), Senior (5 to 8 years)Experience Level

Full TimeJob Type

UnknownVisa

Cybersecurity, BiotechnologyIndustries

Requirements

Candidates should have experience with data classification or risk scoring methodologies, excellent verbal and written communication skills with a strong emphasis on attention to detail, and the ability to triage and manage 2-3 investigations simultaneously. They must possess the ability to work independently and coordinate with multiple internal departments, have experience responding to security event alerts including front-line analysis and escalation of hacktivist, cybercrime, and APT activity, and theoretical and practical knowledge with Mac, Linux, and Windows operating systems. Experience with TCP/IP networking and application layers, ASM (Attack Surface Mapping), Threat Hunting/Emulation, access/application/system log analysis, IDS/IPS alerting and data flow, and SIEM-based workflows are also required. The ability to collect, process, and correlate security data, follow technical instructions without supervision, and a desire to continually grow technical and soft skills are necessary. Scripting experience is also required.

Responsibilities

The Insider Investigations Analyst will participate in confidential insider risk investigations, create and implement insider risk related detections, and perform detailed investigations by reviewing data from multiple sources. They will communicate with end users regarding potential policy violations when appropriate, assist in data recovery efforts through the creation of comprehensive reports, and provide senior leadership with active investigations notifications/updates. The analyst will handle confidential or sensitive information with discretion, assist in regular alert tuning efforts to minimize false positives, and ensure all investigations are properly documented and tracked. They will support the Incident Response lifecycle via triage and investigation of detections and action as appropriate, assist in the development of detection criteria, and identify security controls coverage and efficiency gaps. The role involves providing information security summaries, participating in incident response, managing escalations, driving efficient process development and documentation for the Incident Response lifecycle, and providing after-hours support on an on-demand basis.

Skills

Insider Risk Investigations

Cybersecurity

Triage

Detections

Live Response

Containment

Escalation

Data Analysis

Network Data

Host Data

Open Source Intelligence (OSINT)

Policy Violations

Data Recovery

Reporting

Executive Summaries

Alert Tuning

Crowdstrike

Cloud-native endpoint security solutions provider

About Crowdstrike

CrowdStrike specializes in cybersecurity, focusing on protecting businesses from cyber threats through cloud-native endpoint security solutions. Their main product, the Falcon platform, includes services like Falcon Pro, which replaces traditional antivirus with next-generation antivirus that integrates threat intelligence, Falcon Insight for endpoint detection and response, and Falcon Device Control to manage connected devices. Unlike many competitors, CrowdStrike's services are subscription-based, allowing clients to choose different levels of protection based on their needs. The company serves a diverse clientele, including many Fortune 100 companies, and is recognized as a leader in the cybersecurity field, known for its effectiveness in threat detection and response.

Austin, TexasHeadquarters

2011Year Founded

$468MTotal Funding

IPOCompany Stage

Enterprise Software, CybersecurityIndustries

5,001-10,000Employees

Benefits

Competitive Employee Stock Purchase Plan

Remote-friendly culture

Market leader in compensation and equity awards

Competitive vacation and flexible working arrangements

Comprehensive health benefits + 401k plan

Paid Parental Leave, including adoption

Wellness programs

Professional development and mentorship opportunities

Open offices have stocked kitchens, coffee, soda and treats

Risks

Increased competition from companies like Lumos could challenge CrowdStrike's market share.

Recovery from last year's outage may still affect customer trust and future sales.

Pressure to demonstrate ROI by 2025 could challenge CrowdStrike's financial transparency.

Differentiation

CrowdStrike's Falcon platform offers cloud-native endpoint security solutions, a key differentiator.

The company serves 44 of the Fortune 100, showcasing its strong market presence.

CrowdStrike's proactive threat hunting sets it apart in cybersecurity threat detection.

Upsides

Partnership with SonicWall opens new SMB market segment for CrowdStrike.

Recognition as a leader in ransomware prevention boosts CrowdStrike's market credibility.

Gamified learning initiatives help address cybersecurity skills gap, benefiting future talent pipeline.

Land your dream remote job 3x faster with AI

Try Jobo Free