Insider Threat Monitoring Lead
About The Position
This position is contingent upon contract award SOSi is seeking highly qualified Insider Threat Monitoring Lead to support a DHS enterprise cybersecurity program providing 24/7 Security Operations Center (SOC) services. These roles deliver leadership, operational oversight, and technical expertise across cyber defense, incident response, intelligence, engineering, and modernization activities. Job Description Leads insider-threat detection and user activity monitoring; integrates behavioral analytics and investigative workflows to identify and mitigate internal risks to CBP systems and data.
Requirements
- 8+ years supporting insider threat, user activity monitoring, or behavioral analytics in SOC or CI environments.
- Insider-threat platforms, UEBA, SIEM, DLP, EDR, and case management systems.
- CISSP is required.
- TS, SCI-eligible.
Nice To Haves
- GCIH, GCFA, or insider-threat–related certification preferred.
Responsibilities
- Conduct user activity monitoring and behavioral analysis to detect insider threats.
- Correlate endpoint, network, and identity data to identify anomalous behavior.
- Support investigative workflows in coordination with forensics, CI, and OPR stakeholders.
- Develop insider-threat dashboards, alerts, and analytic use cases.
- Provide reporting and briefings on insider-threat trends and incidents.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
