Amazon Web Services (AWS), Analysis Skills, Applications Security, Computer Engineering, Computer Forensics, Computer Science, Computer Security, Cross-Functional, Data Analysis, Data Lake, Go Programming Language (Golang), Home Automation, Hunting, Incident Response, Information/Data Security (InfoSec), Internet Security, Leading Edge Technology, Legal, Loss Prevention, Machine Tool, Mentoring, Metrics, Python Programming/Scripting Language, Risk Management, Security Analysis, Security Attacks, Security Clearance, Telemetry, Top Secret Clearance
ABOUT THE TEAM
The Insider Threat team at Anduril operates at the intersection of cutting-edge technology and proactive security. Focused on safeguarding our mission, people, and innovations, this team takes a strategic approach to insider threat detection, counterintelligence, and risk mitigation. By leveraging technical expertise, advanced tools, and cross-functional collaboration, we stay ahead of emerging threats and ensure Anduril remains secure in a rapidly evolving landscape.
ABOUT THE JOB
Andurils Insider Threat team is looking for a Staff Security Analyst to protect our organization from internal security threats. This analyst will be a critical part of analyzing anomalous activities, running investigations, and working across various departments to mitigate risks. This role will be a key stakeholder within the Anduril Information Security team implementing forward-leaning, innovative insider threat & counterintelligence detections and mitigations.
WHAT YOULL DO
- Serve Anduril as our incident commander by identifying, triaging, investigating, and remediating Insider Threat related security detections and anomalies.
- Own Insider Threat investigations from end to end.
- Lead evaluating and implementing controls to reduce Andurils attack surface from an insider threat.
- Produce metrics to support and streamline incident response and investigations.
- Provide strategic vision for hunting and identifying insider threats.
- Partner closely with cross-functional stakeholders, including HR and Legal, providing technical expertise and evidence to support investigations.
- Translate complex technical security issues into clear, actionable insights for non-technical stakeholders.
- Work along side other members of the team to build custom tooling to automate manual processes.
REQUIRED QUALIFICATIONS
- Action-oriented analyst with the ability to work autonomously and take ownership of complex projects.
- Experience conducting data analysis in large-scale data lake environments.
- Knowledge of modern adversary tradecraft and mitigating controls.
- Proven experience in insider threat investigations, digital forensics, and incident response.
- Experience with Endpoint Detection and Response (EDR) tools, Data Loss Prevention (DLP), and other telemetry sources.
- Excellent analytical skills, capable of interpreting complex data and deriving actionable insights.
- Serves as a technical mentor and force multiplier for the team, building analyst proficiency in investigation ownership, incident commanding, and insider threat tradecraft.
- Eligible to obtain and maintain an active U.S. Top Secret security clearance.
PREFERRED QUALIFICATIONS
- Experience in one or more general purpose languages (Python, Go, etc) and familiarity with one or more infrastructure as code languages (e.g., Terraform, AWS CDK) in a production capacity.
- Experience building controls around export controlled information, CUI, and other sensitive data.
- Understanding of counterintelligence concepts and their application in security operations, particularly for identifying and addressing insider threats.
- Bachelors degree in Information Systems, Information Security, Cyber Security, Computer Science, Computer Engineering and 10+ years of security analyst experience; or 12+ years of security analyst experience without a degree.