Back to jobs

Insider Threat Investigator

San Francisco, CA

Are you interested in joining an organization with a global reach? At Concentric, “We Manage Risk Everywhere to Keep People Safe.” If you are passionate about intelligence, risk analysis, threat management, executive protection, security operations, or business resiliency, Concentric may be the organization you’ve been searching for!

Concentric is a risk consultancy specializing in delivering strategic security and intelligence services. We provide holistic, intelligent security solutions for private clients and corporations globally. Concentric offers strategic advisory services, risk assessments, physical protection, threat intelligence, open-source monitoring, program audits, secure embedded staffing, and training for security teams and intelligence analysts.  

Our ultimate goal is to be recognized as the most innovative, capable, and trusted Risk Management partner in the world, and we do this by following these core values: 
 
Integrity – Collaboration - Relationships – Excellence – Creativity - Results  

We are currently looking to hire an Insider Threat Investigator to join our team (embedded with our client in San Francisco, CA)! This position allows for remote work arrangements within the United States. 

JOB DESCRIPTION: 

The Insider Threat Investigator will be responsible for conducting comprehensive investigations of internal threats to client operations while contributing to and protecting client culture and business interests. This role is to provide investigations, case management and other related security services to address internal threats to the client company. You will need to use hands-on investigations skills, critical thinking in cyber security, adaptive puzzle-solving, and strong communication skills with team members around the globe to prevent, disrupt, and mitigate complex security issues. You will balance your time between 70% investigative functions and 30% project management for remediation of vulnerability gaps.

RESPONSIBILITIES: 

  • Work complex security incidents with multiple stakeholders, including those without experience in the threat and intelligence fields 
  • Work with Security Analysts, utilizing law enforcement databases, social media platforms, and deep/dark web to investigate known and potential threats
  • Produce actionable and concise threat analysis products in a timely manner to inform cross-functional groups, executive managers, and enterprise-wide security operations
  • Manage Safety and Security team relationships with local law enforcement partners and other investigative, research, and intelligence groups and vendors
  • Coordinate and/or participate in data and/or equipment recovery efforts
  • Maintain communication with Client management regarding the status and completion of investigative products or operational decisions that affect performance or investigative standards
  • Conform with and abide by all regulations, policies, work procedures, and instructions
  • Identify, assess, and investigate insider risk incidents and behaviors of concern, providing mitigation recommendations for highly complex problems.
  • Develop and coordinate investigative plans using open-source intelligence and technical tools to gather and analyze evidence. 
  • Lead incident management coordination as an incident commander.
  • Conduct sensitive interviews with victims, witnesses, and persons of interest during investigations, both virtually and in person.
  • Document investigative results articulately, utilizing case management software to ensure accurate reporting, tracking, and documentation of workplace violence incidents and behaviors of concern throughout the incident's lifecycle. 
  • Participants and partners with stakeholders to identify new opportunities and solutions that will aid in mitigating insider risks.
  • Conduct comprehensive after-action reviews to identify and implement best practices and lessons learned. 
  • Develop and maintain relationships with multidisciplinary teams, including Talent, Employee Relations, Legal, Cybersecurity, and Technology teams, business leaders, and external partners.
  • Develop and refine associated policies, procedures, and other documentation that are in accordance with data privacy and legal requirements and expectations.
  • Provide program analytics and case management to enable the detection, identification, and assessment of concerning behaviors and develop strategies to mitigate risks identified.
  • Communicate complex insider risk threat issues in a way that is understandable to cross-functional partners who may have limited experience in the field.

REQUIRED QUALIFICATIONS:  

  • 8+ years of hands-on insider threat investigations experience in law enforcement, counterintelligence, or private sector industry equivalent. 
  • 4+ years experience in the Industry supporting insider risk mitigation and remediation; conducting complex coordination of projects and initiatives to close identified vulnerabilities with organizational leads and owners. 
  • Experience interviewing insider risk actors, witnesses, and impacted individuals.
  • High competency with industry standards of workplace investigations, employment legal considerations, and practices related to the confidentiality and integrity of information.
  • Experience in insider threat incident triage, coordinating cross-functional response,  and performing investigations across both digital and human domains.
  • Experience interviewing persons of interest and/or potential witnesses.
  • Experience supporting a comprehensive threat management program and direct experience conducting investigations, intelligence collection and analysis, and case management.
  • Extensive experience with utilizing open-source research, criminal background information, and other online investigative techniques.
  • Current member (or ability to become a member) of professional threat assessment organizations (i.e. Association of Threat Assessment Professionals).
  • Ability to work some non-traditional hours (e.g. nights, weekends, or holidays) and respond to emergent or time-sensitive situations.
  • Excellent written and oral communication skills, demonstrable during the interview process.
  • Bachelor’s degree preferred (years of experience may be substituted).
  • Must be highly adaptable and flexible.
  • Ability to build partnerships and work collaboratively and cross-functionally.
  • Ability to travel 10% of the time
  • Professional competency in Google suite of workspace applications and Macintosh OS.

PREFERRED QUALIFICATIONS: 

  • International experience/living abroad
  • Regional expertise in Latin America, Asia, Europe, or Middle East
  • Language skills
  • Data analysis
  • Planning and policy drafting
  • Training and Exercise experience
  • Experience incident commander

COMPENSATION & BENEFITS 

  • 100% Employer paid medical, dental, and vision benefits
  • Medical selection of PPO or HDHP, including HSA employer contribution
  • Medical FSA
  • Dependent Care FSA 
  • Employer-paid insurance: life, STD, LTD, and AD&D 
  • 401k including employer match & immediate vesting
  • 11 paid holidays 
  • Paid leave (vacation, sick, parental) 
  • Annual Health & Wellness Benefit
  • Generous Fertility/Adoption benefit
  • National discount employee program
  • Employee Assistance Program for personal needs
  • Access to Learning Management System

San Francisco, California Pay Range

$140,000 - $150,000 USD

Concentric acknowledges the systemic barriers in the security industry and recognizes that removing those barriers will require a collaborative and conscious effort. Concentric is committed to programs and initiatives around diversity, equity, and inclusion that better our organization and our greater community. We are creating a diverse environment and are proud to be an equal opportunity employer. We encourage people from all backgrounds to apply. All qualified applicants will receive consideration for employment regardless of race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. 

Concentric Advisors is committed to protecting the privacy and security of all applicants who submit personal information to us. You can access our GDPR and CCPA policy by clicking the GDPR button at the bottom of our career page. 

Apply for this job

*

indicates a required field

Resume/CV*

Accepted file types: pdf, doc, docx, txt, rtf

Cover Letter

Accepted file types: pdf, doc, docx, txt, rtf


Education

Select...
Select...
Select...

Select...
Select...

Sponsorship

Select...
Select...

Languages Spoken 

Experience 

Select...

Travel 

Select...

Values 

Select...

Voluntary Self-Identification

For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in Concentric Advisors ’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Select...
Select...
Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Select...

Voluntary Self-Identification of Disability

Form CC-305
Page 1 of 1
OMB Control Number 1250-0005
Expires 04/30/2026

Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

  • Alcohol or other substance use disorder (not currently using drugs illegally)
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
  • Blind or low vision
  • Cancer (past or present)
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or serious difficulty hearing
  • Diabetes
  • Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
  • Epilepsy or other seizure disorder
  • Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
  • Intellectual or developmental disability
  • Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
  • Missing limbs or partially missing limbs
  • Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
  • Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
  • Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
  • Partial or complete paralysis (any cause)
  • Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
  • Short stature (dwarfism)
  • Traumatic brain injury
Select...

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.