Security Investigation Analyst

Position: Staff Security Investigation Analyst
Location:

Remote within the U.S., with some requirements to travel domestically and internationally.

About the Role

The Staff Security Investigation Analyst will lead internal investigations related to insider threats, data loss, policy violations, and security incidents. Beyond reactive casework, this role will proactively identify behavioral indicators and anomalies that may signal insider risk, partnering with detection teams to continuously improve our investigative and monitoring capabilities. You'll work cross-functionally with Legal, HR, Security Operations, IT, and Engineering to ensure investigations are conducted ethically, thoroughly, and with appropriate discretion.

About the Team

The Insider Protection Team is responsible for identifying, investigating, and mitigating risks posed by trusted insiders - whether through malicious intent, negligence, or compromise. The team is a core part of Alpha Sense's security organization, and partners closely with HR, Legal, IT, Security Engineering, and Alpha Sense's business leadership. This is a small but growing team, with the expectation to make a direct impact on Alpha Sense's security posture.

The role will come with the opportunity to shape how the Insider Protection team scales their capabilities globally.

What You'll Do

* Conduct investigations into insider threats, data exfiltration, IP theft, compliance violations, and policy breaches.

* Investigate incidents involving sensitive assets specific to our environment: source code, AI/ML models, training data, client intelligence, and research IP.

* Gather and analyze digital and physical evidence using established forensic methodologies (cloud audit logs, SaaS telemetry, endpoint data, and identity/access records).

* Conduct investigative interviews with subjects, witnesses, and stakeholders, applying appropriate techniques for sensitive employment matters.

* Prepare detailed reports and documentation of investigative findings suitable for executive leadership, legal proceedings, and regulatory inquiries.

* Collaborate with HR, Legal, and Compliance teams to manage sensitive matters appropriately.

* Maintain case management systems and ensure confidentiality and chain of custody integrity of investigation data.

* Develop and enhance investigation protocols, evidence handling standards, and response workflows.

* Identify patterns, trends, or emerging risks from investigation data and recommend preventive controls, detection improvements, and policy changes.

* Provide executive-level reporting on investigation trends, program metrics, and risk posture; contribute to tabletop exercises and cross-functional training.

What We Are Looking For :

* 5+ years of experience in corporate investigations, forensics, or incident response.

* Hands-on experience with insider threat and DLP tooling (e.g., UEBA, E-discovery, SIEM, EDR, Code
42, Dtex, Microsoft Purview, or similar)

* Proficiency investigating in cloud-native environments (AWS, GCP, Azure) and SaaS platforms; comfortable with audit logs, IAM, and identity-based investigations.

* Knowledge of employment law, privacy regulations (GDPR, CCPA), and compliance standards.

* Experience conducting investigative interviews in sensitive employment contexts.

* Strong communication skills and ability to handle sensitive cases with discretion across all levels of the organization, including executives.

* Proficiency in case management and e-discovery tools.

Nice to Have:

* Certifications such as CFE, CFCE, or GIAC-related credentials.

* Experience in AI, technology, financial services, or market intelligence industries.

* Background in intelligence analysis, law enforcement, or government insider threat programs.

* Familiarity with threat intelligence and OSINT methodologies.

Why Join Us?

* Protect cutting-edge AI and market intelligence IP at a company where insider risk isn't hypothetical-it's a strategic priority.

* Shape and scale an insider threat program with direct visibility to executive leadership.

* Work on complex, technically interesting investigations in a cloud-native, data-rich environment.

* Collaborate with sharp, mission-driven colleagues across Security, Legal, Engineering, and the business.