Lead Cybersecurity – Insider Risk Analyst (Dallas)

Lead Cybersecurity – Insider Risk Analyst (Dallas)

Position Summary:
We are seeking a seasoned Lead Cybersecurity Insider Risk Analyst to spearhead our high-priority incident response efforts and advance our insider threat detection capabilities. In this strategic role based in Dallas, you will lead investigations into complex security incidents, develop and deploy innovative detection strategies, and collaborate across teams to strengthen our security posture. This position offers a unique opportunity to influence threat prevention initiatives, mentor a talented team, and communicate vital security insights to executive leadership.

Key Responsibilities:

• Incident Leadership & Investigation: Serve as the primary handler for escalated cybersecurity incidents, managing all phases from detection to remediation. Lead technical investigations across multiple platforms, ensuring thorough analysis and swift resolution.
• Threat Detection & Prevention: Develop, refine, and implement advanced detection rules and behavioral analytics to proactively identify emerging insider threats and suspicious activities.
• Process Enhancement: Drive continuous improvement of incident response processes, collaborating with cross-functional teams to adapt to evolving attack techniques.
• Threat Intelligence & Micro-Hunts: Conduct targeted threat hunts and contribute to actionable intelligence reports, uncovering vulnerabilities and malicious behaviors before escalation.
• Mentorship & Training: Provide technical guidance and mentorship to incident response team members, fostering skill development and knowledge sharing.
• Documentation & Reporting: Prepare detailed incident reports and communicate findings clearly to technical teams and executive leadership, ensuring timely and effective decision-making.
• Collaboration & Exercise Planning: Support tabletop exercises, scenario development, and internal drills to enhance organizational readiness and response capabilities.

Technical Expertise & Requirements:

• Experience: Minimum of 4+ years in Incident Response, Security Operations, or related cybersecurity roles, with hands-on experience managing escalated incidents.
• Tools & Technologies: Proficiency with incident management systems, host/network analysis tools, threat intelligence platforms (e.g., SPLUNK), Endpoint Detection and Response (EDR), and cloud security environments.
• Analysis & Detection: Strong skills in analyzing vulnerabilities, malware, exploits, and attack vectors across Windows, macOS, Linux, and cloud platforms.
• Threat Hunting: Ability to craft and execute proactive threat hunts, leveraging scripting (Python, PowerShell, Bash), anomaly detection, and data analysis.
• Networking & Protocols: Deep understanding of enterprise infrastructure, VPNs, cloud connectivity, and essential networking protocols.
• Attack Frameworks: Familiarity with attack lifecycle models, MITRE ATT&CK, and security best practices in incident handling.
• Automation & Scripting: Ability to develop automation scripts to improve detection and response workflows.
• Collaboration: Effectively work with threat intelligence teams, security engineers, and business units to implement security enhancements.

Qualifications:

• 4+ years of professional cybersecurity experience focused on incident response and insider threat detection.
• Demonstrated success in managing complex, escalated security incidents.
• Strong technical background with expertise in host and network analysis, cloud security, and malware reverse engineering.
• Excellent problem-solving, analytical thinking, and communication skills.
• Proven ability to mentor and develop team members, fostering a collaborative environment.