IT Risk Analyst

Insider Risk Analyst – Outside IR35 – Fully Remote

We are seeking an experienced Insider Risk Analyst for a fully remote contract engagement, Outside IR35 , paying up to £350 per day .

The successful candidate will play a key role in identifying, investigating, and mitigating risks posed by insiders - whether malicious, negligent, or compromised.

This role requires a blend of technical investigation, behavioral analysis, and business awareness to detect and respond to potential insider threats, ensuring both security and ethical standards are upheld.

Key Responsibilities

• Monitor, investigate, and analyze insider-related activities across multiple security platforms (SIEM, DLP, UEBA, EDR).
• Identify and assess behavioral indicators, anomalies, and high-risk patterns linked to insider threat scenarios (data exfiltration, misuse of privileges, fraud, or sabotage).
• Conduct and document insider threat investigations from initial triage through closure, working in alignment with internal policies and legal frameworks.
• Collaborate with HR, Legal, Compliance, and IT teams to ensure sensitive cases are handled appropriately and discreetly.
• Recommend and implement technical and procedural mitigations to reduce insider risk exposure.
• Support the maturity of the Insider Risk Program through playbook development, automation, and continuous improvement.
• Contribute to red team/blue team exercises and insider threat simulations to validate detection and response capabilities.
• Deliver clear and actionable reporting to leadership and stakeholders, maintaining a balance between risk management and employee privacy.

What You Will Ideally Bring

• 3+ years’ experience in cybersecurity operations, insider threat programs, or related investigative/analytical roles (SOC, threat detection, or risk analysis).
• Hands-on experience with tools such as SIEM, DLP, UEBA, EDR, or SOAR .
• Strong understanding of data protection, behavioral analysis, and incident response principles.
• Experience managing sensitive investigations with HR, Legal, or Compliance teams.
• Knowledge of privacy and regulatory frameworks (GDPR, HIPAA, SOX).
• Excellent analytical, investigative, and communication skills - able to present complex findings clearly to both technical and non-technical audiences.
• High integrity, discretion, and objectivity when handling sensitive data and investigations.

Nice to Have

• Experience building or contributing to enterprise Insider Risk Programs .
• Understanding of behavioral indicators of insider threat and the Critical Pathway to Insider Risk concept.
• Relevant certifications such as ITPM, CISSP, CySA+, GCIH , or equivalent.
• Exposure to insider threat automation or integration with Microsoft Sentinel, Defender, or Entra .

Contract Details

• Duration: 6 months (potential extension)
• Day Rate: Up to £350 per day
• Engagement: Outside IR35
• Location: Fully Remote
• Start Date: ASAP