1

Insider Risk Jobs in Illinois (NOW HIRING)

Cloud Operations Engineer

Chicago, IL · On-site +1

$65K - $130K/yr

Secure M365 workloads with a strong focus on tenant hardening, conditional access, DLP, and insider risk policies Your Skills And Experience Required Qualifications : * US Citizenship or Green Card ...

next page

Showing results 1-20

Insider Risk information

What are the key skills and qualifications needed to thrive as an Insider Risk Analyst, and why are they important?

To thrive as an Insider Risk Analyst, you need a solid background in information security, risk assessment, and data analysis, often supported by a degree in cybersecurity or a related field. Familiarity with security information and event management (SIEM) tools, user behavior analytics, and certifications such as CISSP or CISA are commonly required. Strong analytical thinking, discretion, and communication skills are crucial for identifying threats and collaborating with cross-functional teams. These skills ensure prompt detection and mitigation of internal security threats, protecting organizational assets and data integrity.

What is an Insider Risk professional?

An Insider Risk professional is responsible for identifying, assessing, and mitigating threats posed by individuals within an organization, such as employees, contractors, or business partners. These threats can include data theft, fraud, sabotage, or unintentional errors that could harm the company. Insider Risk professionals develop policies, monitor user behavior, and implement security controls to protect sensitive information and assets. Their goal is to balance organizational security with privacy and productivity.

What is the difference between Insider Risk vs Insider Threat Analyst?

AspectInsider RiskInsider Threat Analyst
Primary FocusIdentifying and managing potential risks posed by insiders to prevent security breachesDetecting, analyzing, and responding to insider threats and security incidents
Required CredentialsSecurity certifications (CISSP, CISA), risk management experienceCybersecurity certifications (CEH, GIAC), threat analysis experience
Work EnvironmentRisk management teams, security departments, corporate settingsSecurity operations centers, incident response teams, cybersecurity units

Insider Risk professionals focus on proactively identifying and mitigating potential insider-related threats, emphasizing risk management strategies. In contrast, Insider Threat Analysts are more involved in detecting and responding to actual threats and security incidents. Both roles require cybersecurity knowledge and certifications but differ in their primary responsibilities within security teams.

What are some common challenges faced by professionals in Insider Risk roles, and how can they be addressed?

Professionals in Insider Risk roles often face challenges such as balancing employee privacy with security needs, detecting subtle behavioral indicators of risk, and fostering a culture of trust while enforcing policies. Addressing these challenges requires strong communication skills, collaboration with HR and IT departments, and the utilization of advanced monitoring tools that respect privacy regulations. Additionally, ongoing training and clear protocols help teams respond effectively while maintaining organizational transparency.
Senior Analyst - Insider Threat (Remote)

Senior Analyst - Insider Threat (Remote)

United Airlines, Inc.

Chicago, IL • On-site, Remote

$98K - $129K/yr

Full-time

Retirement

Posted 20 days ago


United Airlines rating

7.8

Company rating: 7.8 out of 10

Based on 337 frontline employees who took The Breakroom Quiz

9th of 26 rated airlines


Job description

Description
Connecting People. Uniting the World. There's never been a more exciting time to join United Airlines! As a global company that operates in hundreds of locations around the world - with millions of customers and tens of thousands of employees - we have a unique responsibility to uplift and provide opportunities in the places where we work, live and fly.
We're on a path to becoming the best airline in aviation history. Join our Cybersecurity and Digital Risk (CDR) team to help lead the industry in cyber safety, security and resilience. United's CDR team plays a critical role in protecting our operations by enabling secure and resilient systems, managing threats and vulnerabilities, and ensuring swift response and recovery. Our mission is to seamlessly embed cybersecurity and digital risk management into every aspect of our business. We help drive progress and growth through trusted digital solutions, safeguarding assets and empowering our team, all while promoting a cyber-safe and secure environment that supports resilient airline operations.
United offers a competitive benefits package aimed at keeping you happy, healthy, and well-traveled. From employee-run "Business Resource Group" communities to world-class benefits like parental leave, 401(k), and privileges like space-available travel, United is truly a one-of-a-kind place to work. Are you ready to travel the world and help us keep our airline cyber safe? Apply today!
Job overview and responsibilities
The Senior Analyst, Insider Threat, is responsible for advancing detection capabilities and improving the quality and effectiveness of insider threat monitoring. This role focuses on designing, tuning, and operationalizing detection logic to increase alert fidelity and drive measurable improvements in actionable insider threat alerts. The position partners closely with Cybersecurity, Data Protection, HR, and Legal to ensure detections align to risk priorities and business context. This role plays a critical part in evolving the Insider Threat Program from reactive alerting to scalable, intelligence-driven detection.
  • Detection Engineering & Alert Fidelity Optimization: Design, build, and continuously refine insider threat detection logic, use cases, and analytics to improve signal quality. Focus on reducing false positives and increasing the percentage of actionable insider threat alerts.
  • Alert Triage, Investigation, & Feedback Loop: Lead triage and investigation of insider threat alerts, applying structured methodologies to assess risk Translate investigation outcomes into detection improvements, ensuring a continuous feedback loop between operations and engineering.
  • Detection Strategy & Use Case Development: Develop and implement a scalable detection strategy aligned to key insider threat risks (i.e., data exfiltration, employee exit risk, misuse). Identify gaps and prioritize new detection use cases to expand coverage and effectiveness
  • Threat Hunting & Advanced Analytics: Conduct proactive threat hunting using behavioral, endpoint, and data activity signals to identify emerging insider risks. Translate findings into new detection use cases and improvements to existing detection logic.
  • Cross-Functional Partnership: Partner with Data Protection, Legal, HR, and Cyber teams to ensure detections are risk-aligned, context-aware, and operationally actionable. Incorporate business context and investigation requirements into detection design to improve alert fidelity and response effectiveness.

Qualifications
What's needed to succeed (Minimum Qualifications):
  • Bachelor's degree required (Cybersecurity, Information Technology, Computer Science majors preferred)
  • 3+ years in STEM-related field
  • Strong experience with insider threat detection methodologies, behavioral analytics, and risk indicators
  • Proven ability to design, tune, and operationalize detection logic to improve alert quality and reduce noise
  • Experience working with DLP, UEBA, or related telemetry to identify and investigate insider risk activity
  • Analytical mindset with ability to translate investigation outcomes into detection improvements
  • Understanding of data classification, data movement patterns, and exfiltration techniques
  • Ability to measure and improve detection effectiveness (i.e., alert fidelity, actionable alert rate)
  • Strong collaboration and communication skills to influence cross-functional stakeholders
  • Must be legally authorized to work in the United States for any employer without sponsorship
  • Successful completion of interview required to meet job qualification
  • Reliable, punctual attendance is an essential function of the position

What will help you propel from the pack (Preferred Qualifications):
  • Master's degree
  • Certifications such as CISA, Security +
  • Hands-on experience with DLP platforms, insider risk tools, or detection engineering workflows
  • Experience using Splunk for Insider Threat
  • Familiarity with M365 / Purview, endpoint telemetry, or cloud activity monitoring
  • Experience building metrics or KPIs to track detection performance and program maturity
  • Knowledge of automation or scripting to support detection tuning and scaling

Posting End Date 7/27/2026

What United Airlines employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom


United Airlines logo

About United Airlines

Sourced by ZipRecruiter

United Airlines is embarking on an exciting journey to become the best airline in aviation history. Our purpose, "Connecting People, Uniting the World," extends beyond transportation, emphasizing our commitment to uplift and create opportunities in the places we serve. With a global presence and diverse workforce, we value inclusivity and are dedicated to hiring tens of thousands of individuals across various roles. Our comprehensive benefits package, including perks like space available travel, parental leave, and 401k, aims to support your well-being and growth.

Industry

Aviation

Company size

10,000+ Employees

Headquarters location

Chicago, IL, US

Year founded

1926

Social media