GrepJob
GoDaddy

Security Engineer, Insider Threat

GoDaddy
Apply
about 5 hours ago
Delhi, IndiaMid Level / Senior
H1B Sponsor

Responsibilities

  • Develop and refine insider threat detections using log analytics and behavioral data.
  • Monitor for data exfiltration, privilege misuse, policy violations, and unusual user behavior.
  • Use SIEM and endpoint telemetry to detect suspicious activity.
  • Build detection logic for various insider threat scenarios.
  • Conduct structured insider threat investigations using multiple telemetry sources.
  • Produce investigation summaries for Legal, HR, and executive teams.
  • Support chain-of-custody documentation and evidence preservation.
  • Partner with various teams during active security incidents.
  • Assist in identifying control gaps and recommending improvements.
  • Contribute to the development of insider threat playbooks and SOPs.

Requirements

  • 2+ years of experience in information security investigations or related roles.
  • Experience with SIEM platforms, preferably Splunk.
  • Familiarity with endpoint telemetry, preferably SentinelOne.
  • Experience with data governance or data loss prevention tools, preferably Microsoft Purview.
  • Strong understanding of Windows, macOS, and enterprise authentication systems.
  • Ability to write and tune log queries for investigation and detection.
  • Strong analytical and documentation skills.

Benefits

  • Paid time off and retirement savings options.
  • Bonus/incentive eligibility and equity grants.
  • Participation in employee stock purchase plan.
  • Competitive health benefits and family-friendly perks including parental leave.

Tech Stack

macOSSplunkWindows

Categories