Like many major corporations, GEICO is actively addressing industry-wide challenges in mitigating insider risks. These challenges offer a chance to improve prevention, detection, assessment, and mitigation of threats from malicious insiders, ultimately enhancing customer trust and boosting resilience across digital platforms with advanced protections. GEICO is reinforcing its Insider Threat program by adopting a unified, proactive strategy, safeguarding information, systems, and mission environments through integrated security measures.

Responsibilities
We are seeking an Insider Risk Specialist to support the continued development of our Insider Threat Program. The ideal candidate will possess strong technical expertise in detection, hunting, and investigation, as well as a keen understanding of risk mitigation within the cyber security realm. This role is both technical and investigative, requiring proven analytical skills and the capability to contribute to the ongoing evolution of program operations.

• Apply insider risk mitigation strategies.
• Lead complex, sensitive insider threat investigations from signal to evidence, timeline, interviews, documentation, and team handoff.
• Design and execute proactive threat hunts and convert findings into actionable investigations and detections.
• Maintain and improve the insider threat program by identifying gaps, metrics, and investment opportunities.
• Assist with risk assessments for crown jewel analysis, sensitive roles, and high-risk activity.
• Foster cross-functional alignment by building relationships throughout GEICO.

Required Qualifications

• 4+ years' experience in cybersecurity, incident response, intelligence, insider threat, or counterintelligence.
• Familiarity with procedures and signs of malicious insider activity (fraud, theft, sabotage, espionage).
• Ability to develop new processes or capabilities as scaling needs grow.
• Proven success implementing strategies at scale.
• Excellent verbal and written communication skills for executive audiences.

• Strong relationship-building skills with internal, external, and industry peers.
• Use advanced OSINT techniques to find information from public sources, social media, online activity, commercial data, and specialized tools.
• Create organized, timely reports-such as investigative findings, analytical reviews, incident summaries, and threat analyses-that are suitable for both technical and general readers.

• Skilled in using Threat Hunting tools, with hands-on experience analyzing machine and user activity logs.
• Familiar with querying data sets or working with SIEM platforms.
• Capable of interpreting activity logs generated by machines and users.

Preferred Qualifications

• Demonstrated experience in establishing and advancing a formal Insider Threat Program (InTP), encompassing the development of playbooks, detection frameworks, and cross-functional governance models within a corporate or government context.
• Ability to leverage automation toolsets to enhance intelligence gathering and manual tasks, utilizing scripting languages such as Python.
• Proven track record in identifying and investigating insider threats in a cloud-based software or platform organization, with comprehensive knowledge of data access patterns, privileged user risks, and intellectual property theft vectors unique to SaaS and PaaS environments.

Annual Salary
$75,000.00 - $160,000.00
The above annual salary range is a general guideline. Multiple factors are taken into consideration to arrive at the final hourly rate/ annual salary to be offered to the selected candidate. Factors include, but are not limited to, the scope and responsibilities of the role, the selected candidate's work experience, education and training, the work location as well as market and business considerations.

GEICO will consider sponsoring a new qualified applicant for employment authorization for this position.