Insider Threat Analyst/Investigator

Are you prepared to join the X team and help build the ultimate real-time information-sharing app, revolutionizing how people connect? At X, we’re on a mission to become the trusted global digital public square, committed to protecting freedom of speech and building the future unlimited interactivity. Our goal is to empower every user to freely create and share ideas, fostering open public discourse without barriers. Join us in shaping this thrilling journey where your contribution will be invaluable to our success!

  

Insider Threat Analyst/Investigator (All Levels)
Location: Palo Alto or San Jose
Salary Range (US locations only): $127,000 to $297,000 + Equity

_

Who We Are:

X serves our community of users and customers by working tirelessly to preserve free expression and choice, create limitless interactivity, and create a marketplace that enables the economic success of all its participants.

What You’ll Do:

The Insider Threat Analyst & Investigator will play a critical role in protecting X’s people, data, and systems. This position focuses on a holistic approach to identifying insider threats using behavior analytics with technology to detect incidents involving data misuse, unauthorized accesses, or other risks to the organization. You will need to have exceptional analytical and investigation skills, as well as expertise in identifying anonymous behavior. In addition to working along the rest of the InfoSec team, you will also interface closely with Legal, Human Resources, Compliance, Trust and Safety, and other stakeholders.  The ideal candidate will have a strong background in cybersecurity, investigations, and risk management, with the ability to navigate the fast-paced, complex environment of a global technology company

You Will:

• Monitor and analyze internal systems, user behavior, and application logs to identify potential insider threats, including data exfiltration, intellectual property theft, and financial misconduct.

• Conduct detailed investigations into suspicious activity, collaborating with cross-functional teams, including cybersecurity, legal, HR, and compliance, to gather evidence and determine root causes.

• Leverage insider threat detection tools, such as Data Loss Prevention (DLP), User and Entity Behavior Analytics (UEBA), User Activity Monitoring (UAM),  and Security Information and Event Management (SIEM) platforms, to proactively identify risks.

• Support the development of risk assessments and contribute to mitigation strategies for insider threats.

• Prepare clear and concise investigative reports and executive summaries to present findings, including timelines, root causes, and recommended actions.

• Assist in developing and refining insider threat detection rules, workflows, and response processes to strengthen the program’s capabilities.

• Stay informed on the latest insider threat tactics, tools, and techniques to ensure the organization remains ahead of emerging risks.

• Ensure investigations align with legal, regulatory, and company policies, preserving evidence for potential legal or HR actions.

• Participate in awareness and training programs to educate employees and leadership on insider risks and best practices for mitigation.

 

Who You Are:

You care about security and ensuring the safety of both the X workforce and the X platform. You are curious, comfortable digging into the details, have experience with the tools of the trade, and are eager to help others protect our data, systems, people, and facilities. Ideally, you have many of the following (but need not have all):

• Minimum 4+ years conducting operations related to insider threats in a government or corporate environment

• Bachelor’s degree in Information Security, Cybersecurity, Digital Forensics, Psychology, Criminal Justice, or a related field or training.

• Knowledge and experience with contemporary DLP/UAM/UEBA tools.

• Familiarity with insider threat detection frameworks, behavioral analytics, and risk indicators, as well as security concepts like DLP, eDiscovery, Digital Forensics, and Incident Response.

• Proficient understanding of insider threat tactics, techniques, and procedures with the knowledge of adversarial governments and threat actors. Bonus if you carry experience investigating crypto scams or experience in a financial environment.

• Experience in intelligence, interviewing,  investigations, and analysis.

• Nice to have: Relevant certifications such as CFE, CISSP, GCFA, or similar 

 

If you thrive in a dynamic, high-growth tech environment and relish the opportunity to collaborate with passionate, driven over-achievers, your career with us here at X will be both exhilarating and fulfilling!