Lead Insider Threat Analyst

Company: UKG
Location: Weston
Posted on: March 6, 2025

Job Description:

Company OverviewWith 80,000 customers across 150 countries, UKG is the largest U.S.-based private software company in the world. And we're only getting started. Ready to bring your bold ideas and collaborative mindset to an organization that still has so much more to build and achieve? Read on.At UKG, you get more than just a job. You get to work with purpose. Our team of U Krewers are on a mission to inspire every organization to become a great place to work through our award-winning HR technology built for all.Here, we know that you're more than your work. That's why our benefits help you thrive personally and professionally, from wellness programs and tuition reimbursement to U Choose - a customizable expense reimbursement program that can be used for more than 200+ needs that best suit you and your family, from student loan repayment, to childcare, to pet insurance. Our inclusive culture, active and engaged employee resource groups, and caring leaders value every voice and support you in doing the best work of your career. If you're passionate about our purpose - people -then we can't wait to support whatever gives you purpose. We're united by purpose, inspired by you.Job SummaryAs a Lead Insider Threat Analyst within UKG's Cyber Defense Fusion Center, you will support the ongoing development and execution of our Insider Prevent Program within a dynamic, multi-national technology environment. Your primary mission will be to identify, analyze, and mitigate risks posed by insider threats, ensuring the protection of our critical assets and sensitive information. You will collaborate with cross-functional teams, including Information Technology, HR, Legal, Risk and Compliance, to develop robust countermeasures and response strategies. Leveraging your expertise in cyber counterintelligence and insider threat analysis, you will lead investigations, develop threat detection use cases, and provide actionable intelligence to inform decision-making at the highest levels.Responsibilities:

• Respond to insider threat investigations, ensuring that the appropriate organizational partners are involved, and leverage the necessary technical skillsets within our security department, including your own, to appropriately collect, process, and analyze evidence, conduct follow on research, and ultimately present your findings to the necessary stakeholders to resolve the investigation.
• Coordinate with our Detection Engineering and Security Operations Center teams to develop user activity monitoring triggers and behavioral indicators, leading to the creation of insider-related data classifications and tagging, UEBA-based detections, and DLP policies. Support monitoring and response for any resultant alerts.
• Work with our Director of Intelligence to mature and manage the Insider Prevent program, including developing and maintaining policies and procedures related to insider threat detection, investigation, and mitigation, as well as establishing and tracking KPIs to measure the effectiveness of the Insider Prevent program.
• Based on program metrics, work with our Security Business Operations team to design and deliver training programs to educate employees about insider threats and promote security awareness.
• Create products for stakeholders that identify and forecast major insider threats targeting UKG users or infrastructure, identify insider actor characteristics, patterns, and trends, or present best practices and lessons learned from past investigations.About You:Basic Qualifications:
  • Bachelor's Degree or equivalent of six (6) years of professional experience.
  • 5-7 years of relevant experience in insider threat analysis, cyber counterintelligence, information security, or threat intelligence.
  • 3-5 years focused on insider threat programs, including detection and mitigation strategies.Preferred Qualifications:
    • Expertise in insider threat and counterintelligence investigations, tools, and detection methods.
    • Familiarity with UEBA tools (e.g., Splunk UBA, Exabeam) and Microsoft Purview.
    • Understanding of security controls and application deployment.
    • Knowledge of analytic tradecraft and cybersecurity best practices.
    • Hands-on expertise in adversary emulation, defensive cyber operations, and cyber forensics.
    • Ability to identify threat actor TTPs and provide innovative solutions.
    • Strong analytical and critical thinking skills.
    • Experience in incident response and data exfiltration attempts.
    • Proficiency in querying large datasets using SQL.
    • Knowledge of behavioral analytics.
    • Excellent communication skills.
    • Leadership and mentoring abilities.
    • Experience in policy development and training programs.
    • Adaptability to evolving threats and proactive security measures.
      #J-18808-Ljbffr

Keywords: UKG, Fort Lauderdale , Lead Insider Threat Analyst, Professions , Weston, Florida