(15h Left) Insider Threat Analyst - Hybrid
Company: Charles Schwab
Location: Scottsdale
Posted on: June 24, 2025
|
|
|
Job Description:
Position Type: Regular Your opportunity At Schwab, you’re
empowered to make an impact on your career. Here, innovative
thought meets creative problem solving, helping us “challenge the
status quo” and transform the finance industry together. We are
seeking an experienced Insider Threat Analyst to join our team and
assist with the implementation of a new insider threat detection
tool and build a robust insider threat operations program from the
ground up. This role is critical to enhancing our organization’s
ability to identify, assess, and mitigate insider risks, including
data loss, intellectual property theft, and malicious activities.
As an Insider Threat Analyst, you will be responsible for
monitoring tool deployment and configuration, program development,
cross-functional collaboration, and the operationalization of
insider threat detection and response capabilities. This position
is a unique opportunity to shape and enhance the maturity of our
insider threat program by leveraging advanced analytics and
incident response best practices. The role offers a hybrid/flexible
schedule, which means there’s an in-office expectation of 3 or more
days per week and the flexibility to work outside the office
location for the other days. What you have Key Competencies: -
Strong analytical and critical thinking skills. - Detail-oriented,
self-driven, and capable of working independently in a fast-paced
environment. - Competent in collecting, analyzing, and interpreting
qualitative and quantitative data from multiple sources,
documenting results, and analyzing findings to provide viable
threat intelligence. Required qualifications: - Bachelor’s degree
in cybersecurity, information technology, or a related field;
advanced degree preferred. - Minimum of 3 years of experience in
cybersecurity, with a focus on insider threat analysis. - Strong
understanding of UEBA tools and technology, digital forensics, and
data loss prevention (DLP) strategies. - Experience with analytical
problem solving and familiar with conducting investigations. -
Experience developing policies, procedures, and workflows for
insider threat management. - Familiarity with SIEM platforms, data
analytics tools, and insider threat indicators and detection
methods. - Experience with scripting and automation (e.g.,
BigQuery, Python, PowerShell) is a plus. Preferred qualifications:
- Relevant certifications such as CISSP, CISM, CISA, GIAC, or
insider threat-specific credentials (e.g., Certified Insider Threat
Program Manager). - Knowledge of legal and regulatory requirements
surrounding insider threat and data protection (e.g., GDPR, CCPA,
etc.). What you'll do: You are discreet, thoughtful, and seek to
coordinate systemic, cross functional solutions to mitigate risk.
You are familiar with Insider Threat technologies (such as User
Entity Behavioral Analytics - UEBA, Security Information Event
Management - SIEM, Data Loss Prevention - DLP) and understand
investigations and/or the intelligence cycle. Key Responsibilities:
Threat Detection and Analysis: - Monitor user and entity behavior
analytics to identify suspicious activities and policy violations.
- Conduct in-depth investigations into insider threat incidents,
working closely with cybersecurity, HR, and legal teams. - Decipher
underlying trends or uncover anomalies and discern obscure patterns
and attributes. - Refine detection capabilities by creating and
optimizing rules, alerts, and risk scoring models. Incident
Response: - Support the investigation and resolution of insider
threat incidents, ensuring thorough documentation and root-cause
analysis. - Execute response playbooks for various insider threat
scenarios and assist in developing and maintaining additional
playbooks/runbooks as needed. Program Development: - Contribute to
the development of policies, processes, and workflows for
detecting, investigating, and mitigating insider threats. -
Recommend metrics and reporting enhancements to measure the
effectiveness of the program. Tool Deployment: - Participate in the
configuration of a new insider threat detection tool. - Ensure
seamless integration with existing security systems, such as SIEM
and SOAR solutions. - Collaborate with vendors and IT teams to
customize the tool for organization-specific use cases. In addition
to the salary range, this position is also eligible for bonus or
incentive opportunities What’s in it for you At Schwab, we’re
committed to empowering our employees’ personal and professional
success. Our purpose-driven, supportive culture, and focus on your
development means you’ll get the tools you need to make a positive
difference in the finance industry. Our Hybrid Work and Flexibility
approach balances our ongoing commitment to workplace flexibility,
serving our clients, and our strong belief in the value of being
together in person on a regular basis. We offer a competitive
benefits package that takes care of the whole you – both today and
in the future: - 401(k) with company match and Employee stock
purchase plan - Paid time for vacation, volunteering, and 28-day
sabbatical after every 5 years of service for eligible positions -
Paid parental leave and family building benefits - Tuition
reimbursement - Health, dental, and vision insurance
Keywords: Charles Schwab, Prescott Valley , (15h Left) Insider Threat Analyst - Hybrid, IT / Software / Systems , Scottsdale, Arizona
