Insider Threat Investigator

Are you interested in joining an organization with a global reach? At Concentric, “We Manage Risk Everywhere to Keep People Safe.” If you are passionate about intelligence, risk analysis, threat management, executive protection, security operations, or business resiliency, Concentric may be the organization you’ve been searching for!

Concentric is a risk consultancy specializing in delivering strategic security and intelligence services. We provide holistic, intelligent security solutions for private clients and corporations globally. Concentric offers strategic advisory services, risk assessments, physical protection, threat intelligence, open-source monitoring, program audits, secure embedded staffing, and training for security teams and intelligence analysts.  

Our ultimate goal is to be recognized as the most innovative, capable, and trusted Risk Management partner in the world, and we do this by following these core values: 
 
Integrity – Collaboration - Relationships – Excellence – Creativity - Results  

We are currently looking to hire an Insider Threat Investigator to join our team (embedded with our client in San Francisco, CA)! This position allows for remote work arrangements within the United States. 

JOB DESCRIPTION: 

The Insider Threat Investigator will be responsible for conducting comprehensive investigations of internal threats to client operations while contributing to and protecting client culture and business interests. This role is to provide investigations, case management and other related security services to address internal threats to the client company. You will need to use hands-on investigations skills, critical thinking in cyber security, adaptive puzzle-solving, and strong communication skills with team members around the globe to prevent, disrupt, and mitigate complex security issues. You will balance your time between 70% investigative functions and 30% project management for remediation of vulnerability gaps.

RESPONSIBILITIES: 

• Work complex security incidents with multiple stakeholders, including those without experience in the threat and intelligence fields 
• Work with Security Analysts, utilizing law enforcement databases, social media platforms, and deep/dark web to investigate known and potential threats
• Produce actionable and concise threat analysis products in a timely manner to inform cross-functional groups, executive managers, and enterprise-wide security operations
• Manage Safety and Security team relationships with local law enforcement partners and other investigative, research, and intelligence groups and vendors
• Coordinate and/or participate in data and/or equipment recovery efforts
• Maintain communication with Client management regarding the status and completion of investigative products or operational decisions that affect performance or investigative standards
• Conform with and abide by all regulations, policies, work procedures, and instructions
• Identify, assess, and investigate insider risk incidents and behaviors of concern, providing mitigation recommendations for highly complex problems.
• Develop and coordinate investigative plans using open-source intelligence and technical tools to gather and analyze evidence. 
• Lead incident management coordination as an incident commander.
• Conduct sensitive interviews with victims, witnesses, and persons of interest during investigations, both virtually and in person.
• Document investigative results articulately, utilizing case management software to ensure accurate reporting, tracking, and documentation of workplace violence incidents and behaviors of concern throughout the incident's lifecycle. 
• Participants and partners with stakeholders to identify new opportunities and solutions that will aid in mitigating insider risks.
• Conduct comprehensive after-action reviews to identify and implement best practices and lessons learned. 
• Develop and maintain relationships with multidisciplinary teams, including Talent, Employee Relations, Legal, Cybersecurity, and Technology teams, business leaders, and external partners.
• Develop and refine associated policies, procedures, and other documentation that are in accordance with data privacy and legal requirements and expectations.
• Provide program analytics and case management to enable the detection, identification, and assessment of concerning behaviors and develop strategies to mitigate risks identified.
• Communicate complex insider risk threat issues in a way that is understandable to cross-functional partners who may have limited experience in the field.

REQUIRED QUALIFICATIONS:  

• 8+ years of hands-on insider threat investigations experience in law enforcement, counterintelligence, or private sector industry equivalent. 
• 4+ years experience in the Industry supporting insider risk mitigation and remediation; conducting complex coordination of projects and initiatives to close identified vulnerabilities with organizational leads and owners. 
• Experience interviewing insider risk actors, witnesses, and impacted individuals.
• High competency with industry standards of workplace investigations, employment legal considerations, and practices related to the confidentiality and integrity of information.
• Experience in insider threat incident triage, coordinating cross-functional response,  and performing investigations across both digital and human domains.
• Experience interviewing persons of interest and/or potential witnesses.
• Experience supporting a comprehensive threat management program and direct experience conducting investigations, intelligence collection and analysis, and case management.
• Extensive experience with utilizing open-source research, criminal background information, and other online investigative techniques.
• Current member (or ability to become a member) of professional threat assessment organizations (i.e. Association of Threat Assessment Professionals).
• Ability to work some non-traditional hours (e.g. nights, weekends, or holidays) and respond to emergent or time-sensitive situations.
• Excellent written and oral communication skills, demonstrable during the interview process.
• Bachelor’s degree preferred (years of experience may be substituted).
• Must be highly adaptable and flexible.
• Ability to build partnerships and work collaboratively and cross-functionally.
• Ability to travel 10% of the time
• Professional competency in Google suite of workspace applications and Macintosh OS.

PREFERRED QUALIFICATIONS: 

• International experience/living abroad
• Regional expertise in Latin America, Asia, Europe, or Middle East
• Language skills
• Data analysis
• Planning and policy drafting
• Training and Exercise experience
• Experience incident commander

COMPENSATION & BENEFITS 

• 100% Employer paid medical, dental, and vision benefits
• Medical selection of PPO or HDHP, including HSA employer contribution
• Medical FSA
• Dependent Care FSA 
• Employer-paid insurance: life, STD, LTD, and AD&D 
• 401k including employer match & immediate vesting
• 11 paid holidays 
• Paid leave (vacation, sick, parental) 
• Annual Health & Wellness Benefit
• Generous Fertility/Adoption benefit
• National discount employee program
• Employee Assistance Program for personal needs
• Access to Learning Management System

Concentric acknowledges the systemic barriers in the security industry and recognizes that removing those barriers will require a collaborative and conscious effort. Concentric is committed to programs and initiatives around diversity, equity, and inclusion that better our organization and our greater community. We are creating a diverse environment and are proud to be an equal opportunity employer. We encourage people from all backgrounds to apply. All qualified applicants will receive consideration for employment regardless of race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. 

Concentric Advisors is committed to protecting the privacy and security of all applicants who submit personal information to us. You can access our GDPR and CCPA policy by clicking the GDPR button at the bottom of our career page.