The primary focus of this role is to lead and supervise Digital Security Investigations related to insider threats, ensuring adherence to established processes and governance. Specifically, the role involves reviewing and escalating findings within the case management system, stakeholders, and to upper management. Additionally, the position involves deploying, maintaining, and fine-tuning countermeasures in response to evolving digital security investigations insider threat tactics, techniques, and procedures (TTPs).

Required Education/Experience- Bachelor's Degree and eight (8) years of experience Relevant to intelligence, counterintelligence, counterterrorism, law enforcement, national security, or cyber security. or

• Master's Degree and six (6) years of experience Relevant to intelligence, counterintelligence, counterterrorism, law enforcement, national security, or cyber security.

Relevant Work Experience- Excellent computer skills, with proficiency in Microsoft Outlook, Excel, Word, PowerPoint, and TEAMS applications, is required.

• Ability to compile data into presentations and reports for executive management, is required.
• Excellent verbal and written communication skills is required.
• Must have strong analytical, technical, and interpersonal skills, is required.
• Understanding of crisis/security response operations and supporting technologies and processes, is required.
• Prior experience as an intelligence analyst, or similar position, with a private company, military, intelligence agency, and/or law enforcement agency, is required.
• A strong background in two, or more, of the following fields: digital forensics, protective intelligence, executive protection, critical infrastructure protection, investigations, threat management, or cyber security, is required.
• Possess and maintain eligibility for a U.S. government security clearance at the Secret level or higher within one year of employment, is required.
• Basic knowledge of operating systems, networking, IT hardware, and virtualized environments, is preferred.
• Have familiarity with DFIR tools for preservation and analysis, is preferred.
• Experience working with companies, law enforcement, military, and/or security services outside the United States, is preferred.
• Understanding of behavior-based analytical functions, is preferred.
• Understanding of enterprise risk management or Sarbanes-Oxley Act requirements, is required.
• 20 years of experience in Law Enforcement/Intelligence Community, is required.

Licenses and Certifications- Driver's License Required

• Other: Insider Threat Certification: Analyst, Program Manager, Vulnerability Assessor, Program Evaluator, Counter-Insider Threat Professional, or similar. Preferred
• Other: GIAC (or equivalent) Certification: Digital Forensics, Security Essentials, Information Security Professional, or similar. Preferred

Additional Physical Demands- The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays.

Core Responsibilities- Manage the Insider threat technology suite and conduct analysis to identify threats and patterns of behavior.

• Provide expertise in internal risk and threat analysis to enhance decision-making in various scenarios.
• Investigate and document issues related to computer misuse, policy violations, counterintelligence concerns, foreign influence, financial stressors, and insider threats.
• Assist investigations by analyzing logs, digital evidence, interview reports, and results of media exploitation.
• Utilize Network and Host-based tools to detect potential threats and unauthorized activity within IT and OT (Operational Technology) environments
• Identify unusual employee behavior using various databases, datastores, and security appliances to identify potential risks.
• Assist with investigations and inquiries related to insider threats, employee misconduct, and legal violations.
• Conduct liaison with local, state, and federal agencies.
• Report findings to company management and stakeholders.
• Ensure compliance with company and regulatory policies supporting Insider Risk efforts.
• Provide direct supervision and leadership to members of the Digital Security Investigations team, including work assignment, case prioritization, quality review of investigative products, and daytoday operational oversight.
• Mentor, coach, and develop direct reports through performance feedback, skills development, training recommendations, and guidance on investigative methodologies, tools, and compliance requirements.
• Oversee team performance and accountability, ensuring investigative activities meet established standards, timelines, and governance requirements while escalating personnel, resource, or risk issues to senior leadership as appropriate.