Staff Security Analyst, Insider Threat

<div class="content-intro"><p>Anduril Industries is a defense technology company with a mission to transform U.S. and allied military capabilities with advanced technology. By bringing the expertise, technology, and business model of the 21st century’s most innovative companies to the defense industry, Anduril is changing how military systems are designed, built and sold. Anduril’s family of systems is powered by Lattice OS, an AI-powered operating system that turns thousands of data streams into a realtime, 3D command and control center. As the world enters an era of strategic competition, Anduril is committed to bringing cutting-edge autonomy, AI, computer vision, sensor fusion, and networking technology to the military in months, not years.</p></div><h3>ABOUT THE TEAM</h3> <p>The Insider Threat team at Anduril operates at the intersection of cutting-edge technology and proactive security. Focused on safeguarding our mission, people, and innovations, this team takes a strategic approach to insider threat detection, counterintelligence, and risk mitigation. By leveraging technical expertise, advanced tools, and cross-functional collaboration, we stay ahead of emerging threats and ensure Anduril remains secure in a rapidly evolving landscape.</p> <h3>ABOUT THE JOB</h3> <p>Anduril’s Insider Threat team is looking for a Staff Security Analyst to protect our organization from internal security threats. This analyst will be a critical part of analyzing anomalous activities, running investigations, and working across various departments to mitigate risks. This role will be a key stakeholder within the Anduril Information Security team implementing forward-leaning, innovative insider threat counterintelligence detections and mitigations.<br><br></p> <h3>WHAT YOU'LL DO</h3> <ul> <li>Serve Anduril as our incident commander by identifying, triaging, investigating, and remediating Insider Threat related security detections and anomalies.</li> <li>Own Insider Threat investigations from end to end.</li> <li>Lead evaluating and implementing controls to reduce Anduril's attack surface from an insider threat.</li> <li>Produce metrics to support and streamline incident response and investigations.</li> <li>Provide strategic vision for hunting and identifying insider threats.</li> <li>Partner closely with cross-functional stakeholders, including HR and Legal, providing technical expertise and evidence to support investigations.</li> <li>Translate complex technical security issues into clear, actionable insights for non-technical stakeholders.</li> <li>Work along side other members of the team to build custom tooling to automate manual processes.</li> </ul> <h3>REQUIRED QUALIFICATIONS</h3> <ul> <li>Action-oriented analyst with the ability to work autonomously and take ownership of complex projects.</li> <li>Experience conducting data analysis in large-scale data lake environments.</li> <li>Knowledge of modern adversary tradecraft and mitigating controls.</li> <li>Proven experience in insider threat investigations, digital forensics, and incident response.</li> <li>Experience with Endpoint Detection and Response (EDR) tools, Data Loss Prevention (DLP), and other telemetry sources.</li> <li>Excellent analytical skills, capable of interpreting complex data and deriving actionable insights.</li> <li>Serves as a technical mentor and force multiplier for the team, building analyst proficiency in investigation ownership, incident commanding, and insider threat tradecraft.</li> <li>Eligible to obtain and maintain an active U.S. Top Secret security clearance.</li> </ul> <h3>PREFERRED QUALIFICATIONS</h3> <ul> <li>Experience in one or more general purpose languages (Python, Go, etc) and familiarity with one or more infrastructure as code languages (e.g., Terraform, AWS CDK) in a production capacity.</li> <li>Experience building controls around export controlled information, CUI, and other sensitive data.</li> <li>Understanding of counterintelligence conce ... (truncated, view full listing at source)