1

Insider Risk Jobs in California (NOW HIRING)

Lead Security Analysis

Dublin, CA · On-site

$124K - $212K/yr

Leads insider risk programs by identifying improvements and establishing supporting processes across the enterprise. Identifies and implements improvements to enhance the Cybersecurity Risk ...

Lead Security Analysis

Dublin, CA · On-site

$124K - $212K/yr

This position is also responsible for leading security risk related projects and enhancing programs, such as business process risk assessments, insider threat management, updating security policies ...

Lead Security Analysis

Dublin, CA · On-site

$124K - $212K/yr

This position is also responsible for leading security risk related projects and enhancing programs, such as business process risk assessments, insider threat management, updating security policies ...

Lead Security Analysis

Dublin, CA · Hybrid

$124K - $212K/yr

Leads insider risk programs by identifying improvements and establishing supporting processes across the enterprise. Identifies and implements improvements to enhance the Cybersecurity Risk ...

This position is also responsible for leading security risk related projects and enhancing programs, such as business process risk assessments, insider threat management, updating security policies ...

Leads insider risk programs by identifying improvements and establishing supporting processes across the enterprise. Identifies and implements improvements to enhance the Cybersecurity Risk ...

... insider risk, compromised accounts, or policy violations, and drive remediation in coordination with HR, legal, and security leadership. • Manage and maintain FortiGate firewall infrastructure ...

Security Engineering Manager

Torrance, CA · On-site

$156K - $232K/yr

Analyze UEBA telemetry to identify patterns indicative of insider risk, compromised accounts, or policy violations, and drive remediation in coordination with HR, legal, and security leadership.

Insider Risk Management * eDiscovery (Standard & Premium) * Records management and retention policies * Communication compliance and audit readiness Establish governance models that protect client ...

next page

Showing results 1-20

Insider Risk information

What are the key skills and qualifications needed to thrive as an Insider Risk Analyst, and why are they important?

To thrive as an Insider Risk Analyst, you need a solid background in information security, risk assessment, and data analysis, often supported by a degree in cybersecurity or a related field. Familiarity with security information and event management (SIEM) tools, user behavior analytics, and certifications such as CISSP or CISA are commonly required. Strong analytical thinking, discretion, and communication skills are crucial for identifying threats and collaborating with cross-functional teams. These skills ensure prompt detection and mitigation of internal security threats, protecting organizational assets and data integrity.

What is an Insider Risk professional?

An Insider Risk professional is responsible for identifying, assessing, and mitigating threats posed by individuals within an organization, such as employees, contractors, or business partners. These threats can include data theft, fraud, sabotage, or unintentional errors that could harm the company. Insider Risk professionals develop policies, monitor user behavior, and implement security controls to protect sensitive information and assets. Their goal is to balance organizational security with privacy and productivity.

What is the difference between Insider Risk vs Insider Threat Analyst?

AspectInsider RiskInsider Threat Analyst
Primary FocusIdentifying and managing potential risks posed by insiders to prevent security breachesDetecting, analyzing, and responding to insider threats and security incidents
Required CredentialsSecurity certifications (CISSP, CISA), risk management experienceCybersecurity certifications (CEH, GIAC), threat analysis experience
Work EnvironmentRisk management teams, security departments, corporate settingsSecurity operations centers, incident response teams, cybersecurity units

Insider Risk professionals focus on proactively identifying and mitigating potential insider-related threats, emphasizing risk management strategies. In contrast, Insider Threat Analysts are more involved in detecting and responding to actual threats and security incidents. Both roles require cybersecurity knowledge and certifications but differ in their primary responsibilities within security teams.

What are some common challenges faced by professionals in Insider Risk roles, and how can they be addressed?

Professionals in Insider Risk roles often face challenges such as balancing employee privacy with security needs, detecting subtle behavioral indicators of risk, and fostering a culture of trust while enforcing policies. Addressing these challenges requires strong communication skills, collaboration with HR and IT departments, and the utilization of advanced monitoring tools that respect privacy regulations. Additionally, ongoing training and clear protocols help teams respond effectively while maintaining organizational transparency.
What are the most commonly searched types of Insider Risk jobs in California? The most popular types of Insider Risk jobs in California are:
Infographic showing various Insider Risk job openings in California as of July 2026, with employment types broken down into 4% Locum Tenens, 81% Full Time, 6% Part Time, 1% Temporary, 7% Nights, and 1% Summer. Highlights an 87% Physical, 2% Hybrid, and 11% Remote job distribution.
Lead Security Analysis

Lead Security Analysis

Ross Stores

Dublin, CA • On-site

$124K - $212K/yr

Other

Posted 8 days ago


Job description

Our values start with our people, join a team that values you. Bring your talents to Ross, our leading off-price retail chain with over 2,200 stores, and a strong track record of success and growth. Our focus has always been bringing our customers a constant stream of high-quality brands and on-trend merchandise at extraordinary savings.

All while providing a fun and exciting treasure hunt experience. As part of our team, you will experience: Success. Our winning team pursues excellence while learning and evolving Career growth.

We develop industry leading talent because Ross grows when our people grow Teamwork. We work together to solve the hard problems and find the right solution Our commitment to Diversity, Equality & Inclusion, and our community. We celebrate the backgrounds, identities, and ideas of those who work and shop with us because our differences make us stronger.

We strive to be a positive force in our community. Our Corporate headquarters are in Dublin, CA, we have 3 buying offices in key markets in New York City, Los Angeles, and Boston, and 8 distribution centers nationwide. With 2025 revenues of $22.8 billion, we are a Fortune 500 company who is committed to providing an inclusive work environment with continuous learning opportunities and development for our teams

GENERAL PURPOSE: The Lead, Security Analysis is the senior member of the Cybersecurity Risk Management group responsible for leading and executing IT security risk management and governance processes within the organization. This includes performing risk assessments, tracking mitigation efforts and developing risk metrics and risk reports. This position is also responsible for leading security risk related projects and enhancing programs, such as business process risk assessments, insider threat management, updating security policies and standards and executing security awareness programs for corporate as well as overseas offices.

The base salary range for this role is $124,700 - $212,800. The base salary range is dependent on factors including, but not limited to, experience, skills, qualifications, relevant education, certifications, seniority, and location. The range listed is just one component of the total compensation package for employees.

Other rewards vary by position and location. ESSENTIAL FUNCTIONS: Provides subject matter expertise in all aspects of risk management including performing risk assessments to proactively identify current and future security issues/vulnerabilities and recommend remediation strategies. Leads insider risk programs by identifying improvements and establishing supporting processes across the enterprise.

Identifies and implements improvements to enhance the Cybersecurity Risk Management program through optimization of processes, solutions, policies, procedures KPIs and other techniques. Develops standards to support vendor selection and RFP process and participates in product and vendor selection process to provide subject matter expertise on Information security risk and compliance. Maintains risk register and develops Cybersecurity Risk Management metrics and reports.

Collaborates with Compliance Manager, Secure SDLC Manager, Information Security, and IT groups to gather and analyze metrics. Leads information security awareness programs by regularly conducting exercise to educate employees of information security and best practices. Monitors current and proposed laws, regulations, industry standards, and ethical requirements related to information security and privacy.

Lead and perform end-to-end risk assessments across business processes, applications, infrastructure, cloud environments, and third-party/vendor eco-systems. COMPETENCIES: People Building Effective Teams Developing Talent Collaboration Self Leading by Example Communicates Effectively Ensures Accountability and Execution Manages Conflict Business Business Acumen Plans, Aligns and Prioritizes Organizational Agility With particular emphasis on the following specific position-related competencies: Technical Competence and Expertise Analysis / Judgement Communication Customer Service QUALIFICATIONS AND SPECIAL SKILLS REQUIRED: Five years of experience within Information Technology with at least 3 in Security and/or Risk Management. Bachelor's degree preferred or equivalent combination of education and relevant experience Strong understanding of security governance, compliance and risk management principles.

Proficient in Microsoft Word, Excel, PowerPoint Excellent analytical, organizational and communication skills Strong Project Management skills PREFERRED QUALIFICATIONS: CISSP (Certified Information Systems Security Professional) CRISC (Certified in Risk and Information Systems Control (CRISC) Working knowledge of UNIX and Windows Firewalls, VPN, PKI, IPS, Oracle, MS SQL Virtualization Security Software programming skills PHYSICAL REQUIREMENTS/ADA: Job requires ability to work in an office environment, primarily on a computer. Requires sitting, standing, walking, hearing, talking on the telephone, attending in-person meetings, typing, and working with paper/files, etc. Consistent timeliness and regular attendance.

Vision requirements: Ability to see information in print and/or electronically. This role requires regular in-office presence, including to engage in in-person team interaction, meetings and collaboration, client support, mentoring, coaching, and/or feedback. However, this role can perform duties effectively using a combination of in-office and remote work.

#LI-Hybrid SUPERVISORY RESPONSIBILITIES: N/A DISCLAIMER: This job description is a summary of the primary duties and responsibilities of the job and position. It is not intended to be a comprehensive or all-inclusive listing of duties and responsibilities. Contents are subject to change at management's discretion.

Ross is an equal employment opportunity employer. We consider individuals for employment or promotion according to their skills, abilities and experience. We believe that it is an essential part of the Company's overall commitment to attract, hire and develop a strong, talented and diverse workforce.

Ross is committed to complying with all applicable laws prohibiting discrimination based on race, color, religious creed, age, national origin, ancestry, physical, mental or developmental disability, sex (which includes pregnancy, childbirth, breastfeeding and medical conditions related to pregnancy, childbirth or breastfeeding), veteran status, military status, marital or registered domestic partnership status, medical condition (including cancer or genetic characteristics), genetic information, gender, gender identity, gender expression, sexual orientation, as well as any other category protected by federal, state or local laws. Apply