Insider Risk Analyst - Remote

Overview

Dragonfli Group is a cybersecurity and IT consulting firm headquartered in Washington, DC, delivering strategic solutions to government agencies and enterprise clients nationwide. We specialize in insider risk management, advanced threat detection, and AI/ML-driven security operations. Our teams operate in diverse work environments—including on-site, hybrid, and fully remote—on contracts ranging from several months to multiple years.

We are seeking an Insider Risk Analyst to lead and support investigations into potential insider threats, leveraging AI/ML technologies to detect anomalous activity, assess risk, and enhance organizational resilience. This role involves analyzing behavioral, contextual, and technical indicators to identify threats, developing and refining detection methods, and collaborating closely with internal and external partners to resolve incidents.

In Short

• Lead or support insider risk investigations, ensuring proper evidence preservation and forensic analysis.
• Use AI/ML-driven solutions to detect risky behaviors, block suspicious activities, and provide actionable mitigation strategies.
• Monitor and analyze user activity, system logs, network traffic, and endpoint alerts for potential insider threat indicators.
• Correlate data from UEBA, DLP, SIEM, and EDR platforms to detect anomalies and patterns.
• Develop and implement risk scoring models and threat analysis tools; refine alerts based on triage results and evolving threats.
• Work cross-functionally with CISO Operations, Legal, HR, Counterintelligence, and external law enforcement to address insider risk cases.
• Collect and analyze digital evidence, maintaining chain of custody and documenting findings.
• Create detailed reports, recommendations, and post-incident reviews to inform program improvements.

Requirements

• 3–5+ years of experience analyzing insider threat indicators, including user behavior, network activity, system logs, and data access patterns.
• Bachelor’s degree in computer science, information security, criminal justice, psychology, or related field.
• Proficiency with SIEM, UEBA, DLP, and forensic analysis tools.
• Hands-on experience with AI/ML models for anomaly detection, supervised/unsupervised learning, and risk scoring.
• Knowledge of incident response, digital forensics fundamentals, and insider threat regulations.
• Strong analytical skills to interpret large datasets, identify patterns, and correlate disparate security signals.
• Familiarity with legal, ethical, and privacy considerations in insider risk monitoring.
• Excellent written and verbal communication skills, with ability to brief leadership on findings.
• Graduate-level certification in Insider Risk Management preferred.

Benefits

• Insurance – health, dental, and vision
• Paid Time Off (PTO) and 11 Federal Holidays
• 401(k) employer match