Principal Insider Threat and Risk Analyst

Principal Security Engineer: Insider Threat - Hybrid in Charlotte, NC* (FTE/Direct-hire)

Optomi, in partnership with a leader in the insurance space is looking to hire someone full-time to help build out their insider risk and e-Discovery program! The Principal Insider Threat & Risk Analyst will lead the enterprise insider risk and e-Discovery program, with a strong emphasis on data protection, regulatory compliance, and advanced threat detection. The Principal Insider Threat & Risk Analyst role leverages Microsoft security technologies and collaborates across Legal, HR, Compliance, and IT to safeguard sensitive data, investigate insider threats, and ensure defensible e-Discovery practices.

*This role is looking for someone local or willing to relocate to Charlotte, NC to work hybrid environment, although the hybrid schedule and expectations are very flexible.

Full relocation will be offered + bonus potential

RESPONSIBILITIES:

• Lead triage of IRM alerts leveraging AI to enhance fidelity and automate alert triage.
• Lead investigations into insider-related incidents with discretion and professionalism.
• Implement and enforce data protection policies and controls to prevent unauthorized access, misuse, or exfiltration of sensitive data.
• Conduct risk assessments to identify insider vulnerabilities and recommend mitigation strategies.
• Ensure compliance with global data privacy regulations (e.g., GDPR, CCPA, HIPAA).
• Partner with Data Governance and Privacy teams to align insider risk and e-Discovery efforts with enterprise data protection strategy.
• Monitor and report on data handling practices, retention schedules, and access controls.
• Coordinate cross-functional response efforts and document findings for executive and legal review.
• Develop and maintain playbooks and workflows for insider threat, e-Discovery,
• and data protection scenarios.
• Promote awareness and training programs around insider risk, data governance, and secure collaboration.
• Provide guidance on secure data handling and retention practices.
• Define KPIs and produce reports on insider risk trends, e-Discovery metrics, and data protection effectiveness.

REQUIRED SKILLS:

• Bachelor’s (required) or Master’s (preferred) degree in Cybersecurity, Information Security, Computer Science, or related field.
• 8+ years of experience in cybersecurity, with at least 3 years in insider risk, e-Discovery, and data protection.
• Certifications such as CISSP, CISM, GIAC, CEDS, CIPP, or CDPSE are preferred.
• Hands-on experience with Microsoft Defender, Microsoft Purview, and Microsoft Sentinel.
• Strong understanding of data protection laws, privacy regulations, and digital forensics.
• Experience with e-Discovery platforms and workflows.
• Experience operationalizing AI in IRM, Data Protection, and eDiscovery
• Excellent communication, analytical, and stakeholder management skills.
• Strategic thinker with a proactive approach to risk and compliance.
• Ability to manage sensitive investigations with discretion and professionalism.
• Experience in regulated industries or high-security environments.