TSSCI Data Analyst

Insight Global's client is a data technology business specializing in the management, application, storage, and usage of business data. Partnering with various government departments to help business leaders obtain the key information and insights needed to guide their organizations to new accomplishments. They are looking to add a Data Analyst to their growing team.

The ITP Data Analyst supports the DHS Insider Threat Program by analyzing user data to detect suspicious behavior and help protect the organization from internal risks. This role involves deep data analysis, behavioral assessments, alert response, and investigative support within the Insider Threat Operations Center (ITOC).


Key Responsibilities:

1. Insider Threat Data Analysis

· Analyze insider threat data to identify patterns, trends, and behaviors linked to potential risks or malicious activity.

2. Behavioral Risk Assessment

· Assess behaviors that could indicate personal or organizational harm.

· Identify and flag at-risk individuals based on behavioral trends across the enterprise.

3. Threat Detection & Containment

· Develop and follow analytical workflows to detect compromised users and assess risk.

· Provide technical input for threat containment and mitigation strategies.

4. UAM Alert Management

· Work with the team to build correlation rules and triggers in the User Activity Monitoring (UAM) platform.

· Respond to CRITICAL or HIGH UAM alerts within 4 hours during standard business hours.

5. Investigative Support

· Conduct objective insider threat inquiries using multiple data sources and tools.

· Create thorough reports and recommendations based on findings.

· Coordinate with law enforcement, HR, cybersecurity, and other partners on mitigation actions.

6. Knowledge Sharing & Best Practices

· Participate in cross-functional team rotations to strengthen expertise.

· Document standard operating procedures and share best practices across the team.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

- Bachelor’s degree in a technical field with 12–15 years of experience, OR
- Master’s degree with 10–13 years of experience
- Experience running SQL queries
- Experience with UAM tools such as Everfox/Forcepoint
- AWS based tools such as Elastic, Splunk, Kafka, etc.
- Python
- Experience with an insider threat program or cyber security program (the former is largely preferred though)
- TS/SCI

- any experience with a noSQL database

Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.