Cybersecurity Engineer (Insider Threat)

Piper Companies is currently seeking a Cybersecurity Engineer (Insider Threat) for a global healthcare solutions organization. This is a direct hire/FTE role. There will be occasional on-site work required in either Dallas-Fort Worth Metro area or in Philadelphia, PA.

Responsibilities

• Lead in-depth investigations into potential insider activity such as data exfiltration, system misuse, fraud, or policy violations.
• Leverage behavioral analytics, user telemetry, and system logs to detect and assess anomalous or high-risk behavior.
• Ensure proper evidence handling and documentation in compliance with legal, regulatory, and corporate standards.
• Design, implement, and enhance insider threat detection use cases, workflows, and response playbooks.
• Partner with Human Resources, Legal, Compliance, and Corporate Security to coordinate sensitive investigative efforts and ensure appropriate outcomes.
• Prepare detailed investigation reports and present findings to technical leadership and business stakeholders.
• Serve as an escalation resource for junior analysts, providing mentorship and technical guidance on investigations and monitoring techniques.
• Contribute to awareness and prevention programs by sharing technical expertise and supporting training initiatives.
• Maintain up-to-date knowledge of emerging insider threat tactics, behavioral analytics approaches, and relevant detection technologies.

Qualifications

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Behavioral Science, Criminal Justice, or related field (Master’s preferred), or equivalent professional experience.
• 5–7 years of progressive experience in cybersecurity, investigations, or risk management, including at least 3 years focused on insider threat detection or analysis.
• Strong understanding of insider threat frameworks, behavioral analytics, and investigative best practices.
• Experience using insider threat monitoring and behavioral analytics platforms, as well as log aggregation and forensic tools.
• Familiarity with privacy and compliance standards such as GDPR, HIPAA, SOX, or CCPA.
• Demonstrated success collaborating with HR, Legal, and Corporate Security on complex investigations.
• Preferred Certifications: CITPM, CITVA, GCTI, CISSP, or equivalent credentials in insider threat, behavioral analytics, or digital forensics.

Compensation:

• Salary: $110,000 - $150,000 annual base salary plus bonus (depending on experience)
• Comprehensive Benefits: Medical, Dental, Vision, 401K, PTO, Sick Leave if required by law

This job opens for applications on 10/29/25. Applications for this job will be accepted for at least 30 days from the posting date.

#LI-KS1

#LI-REMOTE

Keywords:

insider threat, insider threat program, insider threat detection, insider threat investigation, behavioral analytics, user behavior analytics, UEBA, UBA, data loss prevention, DLP, data exfiltration, user activity monitoring, log analysis, SIEM, Splunk, Exabeam, Securonix, ObserveIT, Forcepoint, Proofpoint, Microsoft Purview, anomaly detection, privileged access monitoring, cybersecurity investigations, digital forensics, DFIR, threat hunting, incident response, cyber defense, security operations, SOC, threat intelligence, risk management, information security, security monitoring, security engineering, investigation methodologies, evidence handling, case management, HR investigations, legal compliance, corporate security, privacy compliance, GDPR, HIPAA, SOX, CCPA, behavioral science, threat mitigation, use case development, playbook creation, insider risk management, threat modeling, insider threat frameworks, insider threat awareness, security awareness training, data protection, confidentiality, compliance, ethics, cross-functional collaboration, escalation management, report writing, stakeholder communication, mentorship, team leadership, security analytics tools, cybersecurity frameworks, GCTI, CISSP, CITPM, CITVA