L2 Insider Threat Analyst

3 weeks ago


Mumbai, Maharashtra, India WTW Full time

Role: L2 Insider Threat- IRM Analyst

We are seeking passionate people to grow the Cyber Security team within WTW and provide an excellent service and trusted expertise to all parts of our business. We have an exciting opening for a skilled and experienced L2 Insider Threat- IRM Analyst.

As part of the Cyber Defence department, this role will investigate Insider Risk Management (IRM) cases that have been escalated by our L1 Insider Threat team. Reporting to the Insider Threat - IRM Operations Manager, the L2 Insider Threat- IRM Analyst role is suited to someone who has strong Microsoft Purview DLP and Insider Risk Management (IRM) analyst experience. It is a business facing role and requires working proactively with stakeholders and colleagues to investigate Insider Threat and IRM cases.

As the L2 Insider Threat- IRM Analyst, the primary responsibilities will be:

  • Perform advanced analysis and investigation of Insider Threat and IRM cases across the various egress channels in both on premise and cloud environments.
  • Analyse event/ case/ alert patterns to properly interpret and prioritise threats with available IRM and DLP tools and other data protection devices.
  • Help Identify trends and drive requirements aimed at improving and enhancing existing IRM detection policies.
  • Work closely with Cyber Defence teams such as the Global Security Operations Centre as well as Legal, Privacy and HR teams if necessary, during investigations and incidents.
  • Prepare detailed reports on security incidents, investigations, and mitigation efforts.
  • Contribute to the fine tuning of rules across the detection tools by highlighting pain points to the Insider Threat - IRM Operations Manager and Insider Threat Engineering Manager.
  • Contribute to the development, improvement and review of operational documents.

Secondary responsibilities:

  • Other relevant tasks as designated by the Insider Threat - IRM Operations Manager.
  • Help coach and mentor L1 IRM Analysts.
  • Provide support to projects and initiatives that enhance Insider Risk and IRM policies and standards.

What will you need:

  • 2-6 years of experience in Cyber Security
  • It is essential that you have in-depth experience within an L2 IRM/ DLP or Insider Threat Analyst role in a global enterprise organisation.
  • Relevant Microsoft Qualifications for Purview IRM, Defender and DLP (like SC400/401, AZ 900).
  • Excellent operational knowledge of Purview IRM, Defender and DLP.
  • Excellent analytical and investigative skills to identify complex security issues and respond at the same level with a technical understanding of when to escalate impacting security events.
  • Ability to identify trends and patterns in data usage behaviour.
  • Must possess excellent oral communication and writing skills.
  • Must be self-motivated and capable of independent work while operating in a geographically and culturally diverse peer group.
  • Must possess good stakeholder management skills.
  • Must exhibit a history of reliability and strong decision-making skills due to the trust imparted as an IRM analyst.
  • Proficiency in using security tools and technologies such as Microsoft Sentinel SIEM, EDR and forensic analysis tools.
  • Familiarity with KQL be beneficial for automating tasks and conducting advanced analysis.

Beneficial:

  • Understanding of data protection laws, regulations, and compliance requirements (e.g., GDPR, CCPA, HIPAA).
  • Industry certifications such as Certified Information Systems Security Professional (CISSP) or Certified Information Privacy Professional (CIPP).
  • Prior experience in cyber security roles in areas such as incident response, threat detection or security operations.
  • Understanding of risk scoring.


  • Mumbai, Maharashtra, India beBeeCybersecurity Full time ₹ 15,00,000 - ₹ 25,00,000

    Job DescriptionLead advanced threat detection and response activities by analyzing network traffic, malware behavior, and forensic artifacts to identify complex incidents.Develop and optimize SIEM use cases, correlation rules, and dashboards to enhance incident management workflows.Investigate and respond to escalated incidents from L2 analysts, performing...


  • Mumbai, Maharashtra, India MitKat Advisory Full time ₹ 11,00,000 - ₹ 12,00,000 per year

    LOCATION : Mumbai (India)DATE : 15 SEP, 2025JOB TYPE :FULL TIME, OnsiteCTC :11-12 LPAAbout The JobJob DescriptionWe are looking for a Threat Intelligence Analyst to join our team in Mumbai. The ideal candidate will be responsible for .Our ambition: Enable C-suites to act faster, smarter, and with absolute confidence—driving rapid digital transformation in...


  • Mumbai, Maharashtra, India beBeeCybersecurity Full time ₹ 9,00,000 - ₹ 12,00,000

    **Job Overview:**The Cybersecurity Threat Analyst is a key player in safeguarding an organization's digital assets by proactively monitoring and analyzing security alerts to identify potential threats.**Responsibilities:Closely monitor and analyze security alerts to promptly identify and respond to high-priority threats, ensuring swift resolution of critical...


  • Mumbai, Maharashtra, India beBeeThreat Full time ₹ 60,000 - ₹ 80,000

    Job Title: Cybersecurity Threat Intelligence AnalystJob Summary:We are seeking a skilled Cybersecurity Threat Intelligence Analyst to join our team. The ideal candidate will have experience in threat hunting and management of security tools.Key Responsibilities:Install, configure, and manage FleetDM and OSQuery across the organization.Work with...

  • Junior Soc Analyst

    1 week ago


    Mumbai, Maharashtra, India Wysetek Systems Technologists Full time ₹ 6,00,000 - ₹ 12,00,000 per year

    "We are looking for passionate Junior SOC Analyst to kickstart their cybersecurity journey "Key Responsibilities:• Monitor and analyze security events, perform initial incident triage (L1) under supervision. • Assist in developing basic detection rules and documenting findings.• Support senior analysts in incident response and threat investigations.•...


  • Mumbai, Maharashtra, India beBeeThreat Full time ₹ 15,70,000 - ₹ 22,55,000

    Job Opportunity:Job DescriptionWe are seeking a highly skilled Cybersecurity Threat Analyst to join our team. As a key member of our cybersecurity department, you will play a crucial role in identifying and mitigating potential security threats to our digital assets.Main Responsibilities:Monitor and analyze security event logs from various sources, including...

  • SOC Analyst

    3 weeks ago


    Mumbai, Maharashtra, India Totl RPO Solutions LLP Full time

    Job DescriptionRole- SOC AnalystJob Description & Summary:We are seeking a professional to join our Cybersecurity and Privacy services team, where youwill have the opportunity to help clients implement effective cybersecurity programs that protect against threats.Job Position Title: Associate /Senior Associate Level_SOC_Skill_Managed...


  • Navi Mumbai, Maharashtra, India beBeeCybersecurity Full time ₹ 20,00,000 - ₹ 30,00,000

    Job DescriptionWe are seeking a skilled professional to join our security team as an Advanced Threat Detection and Response Specialist. In this role, you will play a critical part in protecting our clients' endpoints from sophisticated cyber threats.The ideal candidate will possess strong technical skills, excellent communication abilities, and a proven...


  • Navi Mumbai, Maharashtra, India Reyika Full time US$ 1,25,000 - US$ 1,75,000 per year

    Cybersecurity LeadWe are looking for a highly skilled and experiencedSecurity Lead.Responsibilities:Incident Response Leadership : Lead high-priority security investigations and incident response activities, ensuring accurate analysis, containment, remediation, and post-incident reporting.Operational Oversight : Oversee day-to-day SOC operations, including...


  • Mumbai, Maharashtra, India NTT DATA Full time US$ 90,000 - US$ 1,20,000 per year

    Exp.- 8 to 14 yrsNotice - Immediate Joiners neededLocation - Mumbai, Airoli, 5 days onsite - RotationalDomain - BFSI, Financial SectorKey Skills - Cyble, Threat intelligence, Brand Monitoring/Protection, Dark Web threat Analysis, Fortirecon & Cloudsek, daily & weekly reports.Education - B.E/B.Tech, MCA, BSC(IT/Computer)Deep understanding of cloud attack &...