Insider Investigations Analyst (Remote)
CrowdstrikeSalary not specified
Full Time
Mid-level (3 to 4 years), Senior (5 to 8 years)
Not SpecifiedCompensation
Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level
Full TimeJob Type
UnknownVisa
Financial Services, BankingIndustries
Requirements
- 5+ years of experience in cybersecurity, preferably in Insider Threat, Digital Forensics, Threat hunting, or incident response
- Proficiency in writing and tuning detection logic in SIEM platforms (e.g., Splunk, Sentinel, Elastic)
- Strong understanding of cybersecurity principles, including SIEM, IDS/IPS, and endpoint detection and response (EDR) solutions
- Strong technical background in log analysis, data correlation, and behavioral analytics
- Working knowledge of the MITRE ATT&CK framework
- Excellent problem-solving skills and attention to detail
Responsibilities
- Conduct proactive threat hunts focused on potential insider threats using endpoint, network and cloud log data
- Develop and refine insider threat detection use cases
- Create and deploy insider focused threat detection rules
- Recommend improvements to insider monitoring, alerting and automation
- Collaborate with cross-functional teams on insider risk scenarios
- Stay informed on the latest insider threat trends, tactics and techniques
Skills
Splunk
Sentinel
Elastic
SIEM
IDS/IPS
Threat Hunting
Digital Forensics
Incident Response
Endpoint Detection
Network Logs
Cloud Logs
Insider Threat Detection
Northern Trust
About Northern Trust
N/AHeadquarters
N/AYear Founded
N/ACompany Stage