Full-Time Detection Engineering Lead

This is an exciting opportunity for a technically strong cybersecurity professional looking to take the next step into a leadership role. As Detection Engineering Lead (Insider risk), you will play a central role in helping define and build a scalable insider risk management program from the ground up.

You’ll bring your hands-on experience in incident response, threat detection, and forensic analysis to lead investigations and develop processes for detecting and responding to insider threats. This role is ideal for someone ready to expand their scope beyond technical execution and start owning strategy, process design, and stakeholder collaboration.

You’ll work closely with cross-functional teams—including HR, Legal, Cybersecurity, and Technology—to assess insider risks, manage cases, and implement mitigation strategies. You’ll also have the chance to mentor junior analysts, shape tooling and workflows, and grow your leadership skills while making a real impact.

Essential Duties and Responsibilities

1. Building a well-structured, resilient insider threat program that aligns with business goals and security standards.
2. Developing and maintaining effective automations, workflows, tools, and processes that enable the team to detect and respond to high-risk insider activities.
3. Working closely with cross-functional teams to ensure insider risks are accurately classified, reported, and resolved.
4. Serving as a reliable point of contact for insider risk matters, fostering a collaborative, organization-wide approach.
5. Implementing and overseeing monitoring systems to surface behavioral anomalies, enabling early identification of suspicious insider activities.
6. Working with awareness teams to identify emerging threat tactics and promote behaviors that reduce the risk of data loss or misuse.
7. Breaking down complex security challenges into clear, understandable messages for leaders across the organization.
8. Coordinating with Business Units, Security Operations, HR, Legal, and Compliance teams to address insider risks holistically and efficiently.
9. Creating and maintaining meaningful use cases in UEBA and monitoring tools for early detection and prioritization of risky behaviors.
10. Defining relevant metrics and KPIs to help senior leadership understand program health and progress.
11. Elevating the team’s detection capabilities by refining rules, analytics, and detection logic.
12. Aligning the insider risk program roadmap with organizational priorities.
13. Identifying and scoping insider risks through detailed analysis, evidence collection, and sound judgment.
14. Monitoring unauthorized activities while maintaining strict adherence to legal and privacy guidelines.
15. Evaluating and refining behavioral detection models to stay ahead of shifting insider threat patterns.
16. Producing intelligence reports that synthesize diverse data points into actionable insights.
17. Aligning team projects and goals with the broader organizational strategy.
18. Mentoring junior analysts, building a strong team culture.

Required Skills and Experience

• 5+ years of experience in information security
• 2+ years of experience leading or significantly contributing to an insider threat management program
• Experience conducting end-to-end investigations
• Strong understanding of cybersecurity principles, digital forensics, behavioral analytics, and network security
• Expertise in insider threat detection tools and technologies (UEBA, SIEM, DLP, EDR)
• Proficiency in scripting and automation
• Familiarity with cloud security principles
• Proven ability to develop and implement insider threat detection strategies
• Excellent analytical, problem-solving, and decision-making skills
• Exceptional communication and interpersonal skills

What is the last date for applying to the job?

Which countries are accepted for this remote job?