Welcome page Returning Candidate? Log in Insider Threat Analyst Job Locations US-TX-Westlake | US-CO-Lone Tree | US-AZ-Phoenix Requisition ID 2025-107307 Posted Date 1 day ago(1/29/2025 7:31 PM) Category Technology Salary Range USD $32.16 - $65.77 / Hour Application deadline 2/10/2025 Position Type Full time Your Opportunity

At Schwab, you’re empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us “challenge the status quo” and transform the finance industry together.

 

We are seeking an experienced Insider Threat Analyst to join our team and assist with the implementation of a new insider threat detection tool and build a robust insider threat operations program from the ground up. This role is critical to enhancing our organization’s ability to identify, assess, and mitigate insider risks, including data loss, intellectual property theft, and malicious activities.

 

As an Insider Threat Analyst, you will be responsible for monitoring tool deployment and configuration, program development, cross-functional collaboration, and the operationalization of insider threat detection and response capabilities.

 

This position is a unique opportunity to shape and enhance the maturity of our insider threat program by leveraging advanced analytics and incident response best practices.

 

The role offers a hybrid/flexible schedule, which means there’s an in-office expectation of 3 or more days per week and the flexibility to work outside the office location for the other days.

What you have

Key Competencies:

Strong analytical and critical thinking skills.Detail-oriented, self-driven, and capable of working independently in a fast-paced environment.Competent in collecting, analyzing, and interpreting qualitative and quantitative data from multiple sources, documenting results, and analyzing findings to provide viable threat intelligence.

Required qualifications:

Bachelor’s degree in cybersecurity, information technology, or a related field; advanced degree preferred.Minimum of 3 years of experience in cybersecurity, with a focus on insider threat analysis.Strong understanding of UEBA tools and technology, digital forensics, and data loss prevention (DLP) strategies.Experience with analytical problem solving and familiar with conducting investigations.Experience developing policies, procedures, and workflows for insider threat management.Familiarity with SIEM platforms, data analytics tools, and insider threat indicators and detection methods.Experience with scripting and automation (e.g., BigQuery, Python, PowerShell) is a plus.

Preferred qualifications:

Relevant certifications such as CISSP, CISM, CISA, GIAC, or insider threat-specific credentials (e.g., Certified Insider Threat Program Manager).Knowledge of legal and regulatory requirements surrounding insider threat and data protection (e.g., GDPR, CCPA, etc.).

What you'll do:

 

You are discreet, thoughtful, and seek to coordinate systemic, cross functional solutions to mitigate risk. You are familiar with Insider Threat technologies (such as User Entity Behavioral Analytics - UEBA, Security Information Event Management - SIEM, Data Loss Prevention - DLP) and understand investigations and/or the intelligence cycle.

 

Key Responsibilities:

Threat Detection and Analysis:

Monitor user and entity behavior analytics to identify suspicious activities and policy violations.Conduct in-depth investigations into insider threat incidents, working closely with cybersecurity, HR, and legal teams.Decipher underlying trends or uncover anomalies and discern obscure patterns and attributes.Refine detection capabilities by creating and optimizing rules, alerts, and risk scoring models.

Incident Response:

Support the investigation and resolution of insider threat incidents, ensuring thorough documentation and root-cause analysis.Execute response playbooks for various insider threat scenarios and assist in developing and maintaining additional playbooks/runbooks as needed.

Program Development:

Contribute to the development of policies, processes, and workflows for detecting, investigating, and mitigating insider threats.Recommend metrics and reporting enhancements to measure the effectiveness of the program.

Tool Deployment:

Participate in the configuration of a new insider threat detection tool.Ensure seamless integration with existing security systems, such as SIEM and SOAR solutions.Collaborate with vendors and IT teams to customize the tool for organization-specific use cases.

In addition to the salary range, this position is also eligible for bonus or incentive opportunities 

 

Options Apply for this jobApplyShareRefer a friendRefer Sorry the Share function is not working properly at this moment. Please refresh the page and try again later. Share on your newsfeed Why work for us?

Own Your Tomorrow embodies everything we do! We are committed to helping our employees ignite their potential and achieve their dreams. Our employees get to play a central role in reinventing a multi-trillion-dollar industry, creating a better, more modern way to build and manage wealth.

 

Benefits: A competitive and flexible package designed to empower you for today and tomorrow. We offer a competitive and flexible package designed to help you make the most of your life at work and at home—today and in the future.   Application FAQs

Software Powered by iCIMS
www.icims.com