Security Engineer, Insider Threat

Added
2 minutes ago
Type
Full time
Salary
Upgrade to Premium to se...

Related skills

splunk dlp ueba sentinelone microsoft purview
JobCopilot logo
Meet JobCopilot: Your Personal Al Job Hunter
Automatically Apply to Your Dream Jobs While You Sleep
Try it now β†’

πŸ“‹ Description

  • Develop insider threat detections using log analytics and behavior data.
  • Monitor data exfiltration, privilege misuse, and unusual user behavior.
  • Leverage SIEM (Splunk), endpoint telemetry (SentinelOne), and Purview.
  • Build detection logic for USB transfers, cloud uploads, mass file access.
  • Support risk scoring models and analytics refinements.
  • Conduct insider threat investigations using endpoint, identity, cloud, and collaboration telemetry.

🎯 Requirements

  • 2+ years in information security investigations, incident response, or SOC.
  • Experience with SIEM platforms (Splunk preferred).
  • Experience interpreting endpoint telemetry (SentinelOne preferred).
  • Experience with data governance or data loss prevention tools (Purview preferred).
  • Strong understanding of Windows, macOS, and enterprise auth systems.
  • Experience examining data exfiltration, privilege misuse, or compromise.
  • Ability to write and tune log queries for investigations.
  • Strong analytical and documentation skills.

🎁 Benefits

  • Paid time off
  • Retirement savings plans (401k, pension)
  • Bonus or incentive eligibility
  • Equity grants
  • Employee stock purchase plan
  • Competitive health benefits
  • Parental leave
Share job

Meet JobCopilot: Your Personal AI Job Hunter

Automatically Apply to Engineering Jobs. Just set your preferences and Job Copilot will do the rest β€” finding, filtering, and applying while you focus on what matters.

Related Engineering Jobs

See more Engineering jobs β†’