Title: Lead Cybersecurity - Insider Risk Analyst
Location: Dallas,TX or Charlotte, NC
Duration: 6+ months contract
Pay: $80-$100 per hr on W2
**Position Summary
The Lead CyberSecurity Insider Risk Analyst is responsible for leading the response to high-priority and escalated cybersecurity incidents, overseeing the detection, analysis, response, reporting, and prevention of threats across employees, contractors and third party vendors. This senior analyst proactively drives the creation and deployment of new detection rules, adapting to active threats and evolving suspicious behaviors. The role requires a high degree of organization, advanced technical acumen, and the ability to manage complex incidents, mentor team members, and communicate effectively with both executive leadership and business units. The ideal candidate will excel in incident response leadership, technical investigation, and continuous improvement of security operations.
General Responsibilities
The Lead CyberSecurity Insider Risk Analyst leads escalated incident management as the primary investigator and incident handler, ensuring all tasks are executed efficiently and thoroughly. This role plays a key part in developing incident response processes, driving remediation, contributing to threat intelligence, and providing executive-level communication. The analyst also supports tabletop exercises and serves as a mentor and subject matter expert across the cybersecurity team.
Core Responsibilities
• Manage all cases as Lead Handler for escalated cybersecurity incidents.
• Oversee all tasks related to escalated cases as Lead Investigator.
• Investigate all escalated security events, ensuring comprehensive analysis and response.
• Assist with “Micro-hunts” to discover, analyze, and report on actionable threat intelligence.
• Support the development and continuous improvement of incident response processes.
• Drive remediation efforts for all cybersecurity incidents assigned to the team. • Perform skilled triage of threats using advanced technical and business knowledge.
• Assist with scenario development for tabletop exercises across the Incident Response team.
• Document and communicate findings and after-action reports in formats required by leadership.
• Function as a mentor and subject matter expert to other Incident Responders.
• Serve as a scribe when requested, maintaining accurate records of incidents.
• Provide executive-level communications to leadership and stakeholders.
Technical Responsibilities
• Utilize case management tools, host/network analysis, and threat intelligence platforms for incident response.
• Apply strong knowledge in incident handling processes, lifecycle, and attack frameworks.
• Conduct in-depth analysis of threats, exploits, vulnerabilities, and malware families.
• Perform investigations across Windows, OSX, and Lenox operating systems.
• Leverage Endpoint Dectection and Response (EDR) technologies and conduct cloud security analysis.
• Use SPLUNK and other analytics tools for advanced investigations and reporting.
• Understand company infrastructure, including VPNs, AVPNs, and business partner connectivity.
• Demonstrate expert familiarity with networking, internet communication methods, and general computing protocols.
• Design and implement new security detection methods in response to emerging threats.
• Collaborate with other Threat Analytic teams, understanding their functions and interactions.
• Mentor team members in skilled triage and advanced practices. • Generate reports and documentation related to incident response activities.
• Maintain knowledge of SaaS services, mobility threats, and security in cloud environments.
• Exhibit strong understanding of scripting languages (e.g., Python, PowerShell, Bash) for automation and analysis. • Assist with algorithm development and advanced threat intelligence analysis.
Required Experience
• 4+ years of technical cybersecurity experience in Incident Response, Security Operations, or related functions.
• Demonstrated experience in managing escalated incidents and driving remediation in complex environments.
Technical Skills
• Working knowledge of at least four of the following: incident management technologies, OS hardening, cloud environments, host analysis, network forensics, UEBA, malware reversing, intrusion detection, anomaly detection, threat research, threat intelligence, security alert design, data analysis.
• Strong knowledge of incident handling, lifecycle, and attack frameworks.
• Advanced proficiency in incident response, triage, and remediation.
• Expertise in host and network analysis, EDR technologies, and SPLUNK.
• Good understanding of cloud security analysis, internet-based threats, and SaaS services.
• Strong familiarity with company infrastructure (VPNs/AVPNs), mobility threats, and networking.
• Expert familiarity with general computing protocols and malware/network attack vectors.
• Experience designing and implementing security detection methods. • Understanding of scripting languages for automation and analysis.
Soft Skills & Traits
• Excellent analytical and problem-solving skills, with the ability to perform core root cause analysis.
• Quick learner, able to absorb and teach new technologies and concepts.
• Highly effective collaborator, especially in remote or distributed teams.
• Excels in business communication methods and general soft skills.
• Strong understanding of the business, its entities, and how cybersecurity impacts the broader organization.
