Insider threat hunter with Security Clearance

Position Overview
The Insider Threat Cybersecurity Specialist plays a critical role in identifying, investigating, and mitigating insider threats across the environment. This role combines technical expertise in threat detection and behavioral analytics with strategic collaboration across security, HR, legal, and compliance teams. The ideal candidate will have a strong background in SIEM/EDR tools, data loss prevention, and insider threat frameworks, and will contribute to the continuous improvement of our Insider Threat Program. Key Responsibilities
Monitor and analyze user activity for anomalous behavior using SIEM, EDR, and UEBA tools.
Develop and tune detection rules and alerts in platforms like Splunk and Microsoft Sentinel to identify insider threats and privileged account misuse.
Lead or support investigations into insider threat incidents, collaborating with HR, legal, and SOC teams to ensure due process and policy alignment.
Integrate endpoint telemetry and DLP controls to reduce unauthorized data transfers and improve visibility across cloud and on-prem environments.
Conduct behavioral analysis and threat hunting using IOCs, TTPs, and threat intelligence feeds.
Perform vulnerability assessments and risk analysis on high-value systems and personnel.
Support compliance with NIST 800-53, DFARS , CMMC, and other regulatory frameworks.
Engineer and maintain cybersecurity controls across IT infrastructure, including firewalls, IDS/IPS, and cloud security tools.
Contribute to tabletop exercises, incident response planning, and post-incident reviews.
Create and deliver insider threat awareness training tailored to technical and non-technical audiences.
Required Qualifications
Active Secret clearance or higher.
5+ years of experience in cybersecurity operations, with at least 2 years focused on insider threat detection or behavioral analytics.
Proficiency with SIEM tools (e.g., Splunk, Sentinel), EDR platforms (e.g., CrowdStrike, SentinelOne), and DLP solutions.
Experience with insider threat tools (e.g., Code42, DTEX, UEBA platforms).
Familiarity with NIST, DFARS, CMMC, and insider threat program frameworks (e.g., NISPOM, EO 13587).
Strong understanding of incident response, threat hunting, and vulnerability management.
Excellent communication skills and experience working cross-functionally with HR, legal, and compliance teams.
One or more relevant certifications: CISSP, GCED, GCIH, GCFA, CEH, CySA+, or equivalent.
Preferred Qualifications
Experience with cloud security monitoring in Azure and O365 environments.
Experience integrating behavioral analytics into SIEM workflows.
Experience conducting tabletop exercises and developing IR playbooks.
Master's degree in Cybersecurity, Information Security, or related field.