We are seeking an Cyber Investigations Analyst to support Insider Threat detection, investigation, and response to activities focused on technical and behavioral insider risk. This role will conduct end-to-end investigations including triage, evidence collection, timeline development, and documentation aligned to investigation standards. The analyst will perform hypothesis-driven threat hunting and analysis using SIEM and enterprise telemetry, with a strong understanding of SOC operations, log analysis, and core networking concepts. (TCP/IP, DNS, HTTP/S) The role requires knowledge of insider threat categories such as IP theft, fraud, sabotage, espionage, and unintentional risk, including accidental disclosure. The analyst will identity behavioral indicators of risk, support cross-functional response workflows, and contribute to governed documentation, metrics, and reporting.
Ideal candidates will have experience working in SAC's. Cybersecurity background is a plus as well as investigative work. 3-5 years of experience. Expected to work in Reston 3 times a week.
