Description:
Anduril’s Insider Threat team is looking for a Staff Security Analyst to protect our organization from internal security threats. This analyst will be a critical part of analyzing anomalous activities, running investigations, and working across various departments to mitigate risks. This role will be a key stakeholder within the Anduril Information Security team implementing forward-leaning, innovative insider threat & counterintelligence detections and mitigations.
What You'll Do
- Serve Anduril as our incident commander by identifying, triaging, investigating, and remediating Insider Threat related security detections and anomalies.
- Own Insider Threat investigations from end to end.
- Lead evaluating and implementing controls to reduce Anduril's attack surface from an insider threat.
- Produce metrics to support and streamline incident response and investigations.
- Provide strategic vision for hunting and identifying insider threats.
- Partner closely with cross-functional stakeholders, including HR and Legal, providing technical expertise and evidence to support investigations.
- Translate complex technical security issues into clear, actionable insights for non-technical stakeholders.
- Work along side other members of the team to build custom tooling to automate manual processes.
Required Qualifications
- Action-oriented analyst with the ability to work autonomously and take ownership of complex projects.
- Experience conducting data analysis in large-scale data lake environments.
- Knowledge of modern adversary tradecraft and mitigating controls.
- Proven experience in insider threat investigations, digital forensics, and incident response.
- Experience with Endpoint Detection and Response (EDR) tools, Data Loss Prevention (DLP), and other telemetry sources.
- Excellent analytical skills, capable of interpreting complex data and deriving actionable insights.
- Serves as a technical mentor and force multiplier for the team, building analyst proficiency in investigation ownership, incident commanding, and insider threat tradecraft.
- Eligible to obtain and maintain an active U.S. Top Secret security clearance.
Preferred Qualifications
- Experience in one or more general purpose languages (Python, Go, etc) and familiarity with one or more infrastructure as code languages (e.g., Terraform, AWS CDK) in a production capacity.
- Experience building controls around export controlled information, CUI, and other sensitive data.
- Understanding of counterintelligence concepts and their application in security operations, particularly for identifying and addressing insider threats.
- Bachelor’s degree in Information Systems, Information Security, Cyber Security, Computer Science, Computer Engineering and 10+ years of security analyst experience; or 12+ years of security analyst experience without a degree.