[Remote] Insider Risk Analyst - Intelligence & Analysis

Note: The job is a remote job and is open to candidates in USA. Microsoft is one of the largest enterprise service companies in the world, dedicated to securing digital technology platforms. As an Insider Risk Analyst, you will detect, assess, and respond to insider threats by analyzing data and collaborating with various teams to safeguard the organization. Responsibilities Respond to detections and escalations related to Insider Threat Provide investigation support, including containment and remediation during insider threat incidents Identify, collect, and analyze essential data from a variety of sources to validate suspicious behaviors Ensure metrics are complete and accurate, and findings are documented in the case management system Coordinate investigation and mitigation steps with other internal teams across Microsoft globally Work closely with engineering and first-party product teams to author new detections or tune existing ones to improve alert quality Develop and maintain playbooks to improve processes, consistency, and information sharing across teams Skills Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field OR equivalent experience Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter Customer Contract: This position requires verification of citizenship due to citizenship-based legal restrictions Controlled Technology: This role will require access to information that is controlled for export under export control regulations Bachelor's Degree in Criminal Justice, Political science, National Security Studies (or related field) or 2+ years of hands-on experience in Counterintelligence, Insider Risk, Law Enforcement or Open Source Intelligence 1+ year(s) experience gathering, assessing, and synthesizing information from various sources to identify patterns, assess risk, and support investigative or intelligence-driven decisions 1+ year(s) experience working in a structured, process-driven environment with attention to detail, consistency, and disciplined execution in documentation and case management 1+ year(s) experience using Microsoft or equivalent enterprise security platforms (Sentinel, Defender, Purview) and data query languages, such as KQL or SQL Foundational understanding of investigative or intelligence tradecraft demonstrated through coursework, training, or documented use of information synthesis, evidence handling, or analytical writing Benefits Certain roles may be eligible for benefits and other compensation. Company Overview Microsoft is a software corporation that develops, manufactures, licenses, supports, and sells a range of software products and services. It was founded in 1975, and is headquartered in Redmond, Washington, USA, with a workforce of 10001+ employees. Its website is