Insider Threat Tech Lead (Cybersecurity)
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Insider Threat Tech Lead (Cybersecurity): Leading the technical strategy for the Insider Threat program, including digital investigations, threat hunting, and the development of advanced detection capabilities with an accent on cross-functional collaboration with Legal, HR, and Privacy teams. Focus on building robust security playbooks, automating threat analysis, and ensuring compliance with legal and ethical standards in a high-scale environment.
Location: Must be based in or able to work from Austin, TX (Hybrid)
Company
is a global leader in Internet security and performance, protecting millions of websites and applications through its intelligent, AI-native network.
What you will do
- Lead complex technical investigations into potential insider threats, including data exfiltration and unauthorized access.
- Proactively hunt for malicious insider activity using SIEM, EDR, and UEBA data sources.
- Design and implement new detection rules, alerts, and response playbooks to mature the security program.
- Collaborate with Legal, HR, and Privacy teams to ensure investigations meet regulatory and ethical standards.
- Document investigative findings and present technical insights to senior leadership.
- Automate security tasks and analyze large datasets using Python or PowerShell.
Requirements
- 5+ years of experience in a technical security role, with at least 2+ years in insider threat, digital forensics, or security investigations.
- Proven experience leading complex investigations using forensic tools like EnCase, FTK, or X-Ways.
- Deep technical knowledge of SIEM (Splunk, Elastic), EDR (CrowdStrike, SentinelOne), and UEBA.
- Strong scripting skills in Python or PowerShell for automation and data analysis.
- Experience working with legal and HR teams on sensitive employee-related matters.
- Must be authorized to work in the U.S. without sponsorship for export-controlled technology.
Nice to have
- Certifications such as GCIH, GCFA, or GCTI.
- Experience with cloud-based security investigations (AWS, GCP, Azure).
- Knowledge of data privacy frameworks like GDPR or CCPA.
Culture & Benefits
- Mission-driven culture focused on building a better, more secure Internet.
- Commitment to diversity, inclusion, and equal opportunity employment.
- Opportunities to work on high-impact projects like Project Galileo and the Athenian Project.
- Supportive environment that values curiosity, iteration, and AI-driven problem solving.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →