
L2 Insider Threat Analyst
9 hours ago
Role: L2 Insider Threat- IRM Analyst
We are seeking passionate people to grow the Cyber Security team within WTW and provide an excellent service and trusted expertise to all parts of our business. We have an exciting opening for a skilled and experienced L2 Insider Threat- IRM Analyst.
As part of the Cyber Defence department, this role will investigate Insider Risk Management (IRM) cases that have been escalated by our L1 Insider Threat team. Reporting to the Insider Threat - IRM Operations Manager, the L2 Insider Threat- IRM Analyst role is suited to someone who has strong Microsoft Purview DLP and Insider Risk Management (IRM) analyst experience. It is a business facing role and requires working proactively with stakeholders and colleagues to investigate Insider Threat and IRM cases.
As the L2 Insider Threat- IRM Analyst, the primary responsibilities will be:
- Perform advanced analysis and investigation of Insider Threat and IRM cases across the various egress channels in both on premise and cloud environments.
- Analyse event/ case/ alert patterns to properly interpret and prioritise threats with available IRM and DLP tools and other data protection devices.
- Help Identify trends and drive requirements aimed at improving and enhancing existing IRM detection policies.
- Work closely with Cyber Defence teams such as the Global Security Operations Centre as well as Legal, Privacy and HR teams if necessary, during investigations and incidents.
- Prepare detailed reports on security incidents, investigations, and mitigation efforts.
- Contribute to the fine tuning of rules across the detection tools by highlighting pain points to the Insider Threat - IRM Operations Manager and Insider Threat Engineering Manager.
- Contribute to the development, improvement and review of operational documents.
Secondary responsibilities:
- Other relevant tasks as designated by the Insider Threat - IRM Operations Manager.
- Help coach and mentor L1 IRM Analysts.
- Provide support to projects and initiatives that enhance Insider Risk and IRM policies and standards.
What will you need:
- 2-6 years of experience in Cyber Security
- It is essential that you have in-depth experience within an L2 IRM/ DLP or Insider Threat Analyst role in a global enterprise organisation.
- Relevant Microsoft Qualifications for Purview IRM, Defender and DLP (like SC400/401, AZ 900).
- Excellent operational knowledge of Purview IRM, Defender and DLP.
- Excellent analytical and investigative skills to identify complex security issues and respond at the same level with a technical understanding of when to escalate impacting security events.
- Ability to identify trends and patterns in data usage behaviour.
- Must possess excellent oral communication and writing skills.
- Must be self-motivated and capable of independent work while operating in a geographically and culturally diverse peer group.
- Must possess good stakeholder management skills.
- Must exhibit a history of reliability and strong decision-making skills due to the trust imparted as an IRM analyst.
- Proficiency in using security tools and technologies such as Microsoft Sentinel SIEM, EDR and forensic analysis tools.
- Familiarity with KQL be beneficial for automating tasks and conducting advanced analysis.
Beneficial:
- Understanding of data protection laws, regulations, and compliance requirements (e.g., GDPR, CCPA, HIPAA).
- Industry certifications such as Certified Information Systems Security Professional (CISSP) or Certified Information Privacy Professional (CIPP).
- Prior experience in cyber security roles in areas such as incident response, threat detection or security operations.
- Understanding of risk scoring.
-
L2 Insider Threat Analyst
2 weeks ago
Mumbai, Maharashtra, India WTW Full timeRole: L2 Insider Threat- IRM Analyst We are seeking passionate people to grow the Cyber Security team within WTW and provide an excellent service and trusted expertise to all parts of our business. We have an exciting opening for a skilled and experienced L2 Insider Threat- IRM Analyst. As part of the Cyber Defence department, this role will investigate...
-
09/08/2025 L2 Insider Threat Analyst
4 weeks ago
Mumbai, Maharashtra, India WTW Full timeRole: L2 Insider Threat- IRM AnalystWe are seeking passionate people to grow the Cyber Security team within WTW and provide an excellent service and trusted expertise to all parts of our business. We have an exciting opening for a skilled and experienced L2 Insider Threat- IRM Analyst.As part of the Cyber Defence department, this role will investigate...
-
Cytbersecurity Investigator
2 days ago
Mumbai, Maharashtra, India beBeeInsider Full time ₹ 1,59,12,900 - ₹ 2,45,87,000Internal Security InvestigatorA career opportunity exists for a seasoned Cyber Security professional to support our organization's Information Risk Management efforts. This role involves conducting in-depth investigations of potential insider threats and collaborating with various teams to analyze security incidents.Key Responsibilities:Perform advanced...
-
Cybersecurity Threat Analyst
4 days ago
Mumbai, Maharashtra, India beBeeSecurity Full timeJob Title: Cybersecurity Threat Analyst\We are seeking a highly skilled and experienced Cybersecurity Threat Analyst to join our team. As a key member of our security operations team, you will be responsible for analyzing and assessing cyber threats to protect our organization from potential risks.\Key Responsibilities:\\Conduct thorough threat analysis and...
-
Security Operations Center Analyst
4 weeks ago
Mumbai, Maharashtra, India Innova ESI Full timeRole : SOC Analyst.Shifts : Rotational.Exp : 5+ Yrs.Work from office : Mumbai.Mandatory skills : Splunk, SOC, EDR.Education : Any graduate (no Diploma).Level of interview : 2.Mode of interview : Virtual (MS Teams).JD : The SOC analyst is responsible for handling major security incidents escalated by SOC analyst and proactively identifying possible...
-
Threat Intelligence Lead
3 weeks ago
Mumbai, Maharashtra, India NMS Consultant Full timeJob DescriptionJob Purpose/Summary:The Identify Service Line is responsible for identifying, assessing and analyzing all of the cyber threats and vulnerabilities that can affect the Group. This Service Line is composed of three main activities:Cyber Threat Intelligence (CTI)Vulnerability AssessmentSandboxingKey Responsibilities:Lead will be hierarchically...
-
Cybersecurity Threat Hunter
1 day ago
Mumbai, Maharashtra, India beBeeFreelanceSOCAnalyst Full time ₹ 15,00,000 - ₹ 25,00,000Job OverviewWe are seeking an experienced Freelance SOC Analyst to join our team. As a Freelance SOC Analyst, you will be responsible for monitoring, analyzing, and investigating security alerts using SIEM tools.The ideal candidate should have hands-on experience in Security Operations Center (SOC) environments, with strong analytical and problem-solving...
-
Threat Intelligence Researcher
4 weeks ago
Mumbai, Maharashtra, India intellics global Full timeTypical Years of Experience : 8-12 yearsEducational Qualification : BE/BSC(Comp/IT) (or equivalent)Threat Intelligence & Researcher- Keep track of APTs groups (advanced persistent threats), Know APT Groups motivation, their tools & techniques, the malware they write, and C&C (command and control center), identify their targets.- Threat intelligence analyst...
-
Cybersecurity Expert
4 hours ago
Mumbai, Maharashtra, India beBeeIntelligence Full time ₹ 20,00,000 - ₹ 25,00,000Job DescriptionWe are seeking a seasoned Threat Intelligence Lead to join our team on a contract basis. As a Threat Intelligence Lead, you will be responsible for conducting sensitive internal investigations, performing in-depth background research and due diligence, and providing actionable intelligence on potential threats.This role involves leading...
-
Backup & Storage Engineer - L2 & L3
5 days ago
Mumbai, Maharashtra, India ITC Infotech Full timeBackup & Storage Engineer - L2 & L3 Location : Mumbai Mode: Hybrid Job Summary: L2 We are seeking a highly capable and experienced L2 Backup and Storage Engineer to manage the integrity and efficiency of enterprise data protection systems. This role involves proactive troubleshooting, root cause analysis, and optimization of backup and storage...