About the Opportunity

Graystone Group is supporting a leading cybersecurity organization in identifying an experienced Insider Risk Analyst to strengthen their enterprise Insider Risk Program. This role is ideal for a professional who thrives at the intersection of cybersecurity, behavioral analysis, and risk management, helping protect critical data and assets while maintaining an ethical and balanced approach to employee monitoring and organizational culture.

You’ll join a collaborative cyber team dedicated to detecting, investigating, and mitigating risks posed by malicious, negligent, or compromised insiders, driving maturity in insider threat detection and response capabilities.

Key Responsibilities

Threat Detection & Analysis

• Monitor, investigate, and analyze insider-related alerts and activities across multiple platforms (SIEM, DLP, UEBA, EDR).
• Identify anomalies, behavioral patterns, and activity trends indicative of insider threat (e.g., data exfiltration, privilege misuse, sabotage).
• Conduct behavioral risk assessments by correlating technical telemetry with contextual data.

Investigations & Response

• Lead and document insider risk investigations from triage through closure, ensuring adherence to internal policies and legal standards.
• Partner with HR, Legal, Compliance, and IT to address sensitive cases in a confidential, policy-aligned manner.
• Recommend technical controls, process improvements, or policy adjustments to mitigate risk exposure.

Program Development & Continuous Improvement

• Support the design, refinement, and documentation of the Insider Risk Program, including playbooks, escalation workflows, and performance metrics.
• Contribute to insider threat simulations, red team / blue team exercises, and lessons-learned reviews.
• Stay current on regulatory requirements, emerging threat vectors, and best practices in insider risk management.

Stakeholder Engagement

• Produce concise, actionable reports and present findings to executive and operational leadership.
• Champion an organizational culture that balances security vigilance with respect for privacy and trust.

Required Qualifications

• Bachelor’s degree in Cybersecurity, Computer Science, Criminology, Behavioral Science, or related discipline (or equivalent experience).
• 3+ years of experience in cybersecurity operations, insider threat programs, SOC environments, or investigative analysis.
• Hands-on experience with insider risk tools and technologies (SIEM, DLP, UEBA, EDR, SOAR).
• Deep understanding of data protection, security operations, and incident response principles.
• Exceptional analytical, investigative, and written communication skills.

Preferred Qualifications

• Experience supporting enterprise or government insider threat programs.
• Knowledge of behavioral indicators and Critical Pathway to Insider Risk concepts.
• Certifications such as ITPM, CISSP, CySA+, or GCIH.
• Understanding of privacy frameworks (GDPR, HIPAA, SOX) and their impact on insider monitoring.
• Prior collaboration with HR, Legal, and Compliance in cross-functional investigations.

Soft Skills & Attributes

• High degree of integrity, discretion, and professionalism when handling sensitive data.
• Objective, composed, and ethical approach to investigations involving confidential matters.
• Strong interpersonal and influencing skills to build trust with business stakeholders.
• Curious, analytical mindset with a proactive, problem-solving orientation.
• Adaptable and resilient in a dynamic, fast-evolving security landscape.