Insider Threat Engineer

Cybersecurity Insider Threat Analyst Our Deloitte Cyber team understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful solutions to help our clients navigate the ever-changing threat landscape. Through powerful solutions and managed services that simplify complexity, we enable our clients to operate with resilience, grow with confidence, and proactively manage to secure success. Work You'll Do Support day-to-day insider risk operations with a primary focus on Data Loss Prevention (DLP) configuration, monitoring, tuning, and reporting. This role helps operationalize data exfiltration detection, ensures rules/policies are working as intended, and contributes to dashboards, workflows, and metrics. Assist in maturing an Insider Threat operational support program, including the development of playbooks and workflows for monitoring against potential insider risks Implement federal government and industry standards and best practices regarding insider threat programs, including development and maintenance of programmatic gap analyses and implementation roadmaps Optimize current tools used for the Insider Threat program and make recommendations on industry best practices Administer Insider Risk Toolset to include DLP, UEBA, SIEM Develop and maintain a convergence model for insider threat mitigation that reduces risk to client's personnel and assets, both overall and within the client's regional operating divisions Develop and expand situational playbooks that leverage client's automated capabilities Leverage industry-leading interpersonal skills to coordinate with client's business and technology leaders to develop and maintain programmatic solutions to insider threats Lead and assist in the investigation of all incidents involving insider threats Develop presentations and reports for management, clearly communicating findings and recommendations Qualifications Required Bachelor's degree required. Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future. Ability to maintain the required clearance. 5+ years of experience within the following: Configuring and administering security tools Experience with Linux Operating Systems Proficiency with security tools such as Splunk, SIEM, DLP, EDR, Microsoft 365 Knowledge of Data Loss Prevention (DLP) tools and strategies

Created: 2026-03-09