Forensic Insider Threat Analyst
$100kJohns Hopkins Applied Physics Laboratory (APL)
Are you interested in helping protect critical research, national security initiatives, and cutting-edge innovation from insider threats?
If so, join us at APL!
We are seeking a Forensic Insider Threat Analyst to help identify, investigate, and mitigate insider risk in a complex and highly collaborative research environment. In this role, you’ll leverage user activity monitoring, endpoint and identity telemetry, and forensic analysis to detect suspicious behavior and support sensitive investigations.
You’ll work across a large set of stakeholders—including IT, Information Security, Research Administration, Legal, HR, and leadership—to address potential risks with discretion and precision. Our team is focused on balancing strong security practices with privacy, mission needs, and the unique demands of sponsored research. If you’re curious, analytical, and motivated to solve complex security challenges, you’ll fit right in.
As a Forensic Insider Threat Analyst, you will…
- Monitor user activity and security telemetry to identify anomalous or high-risk behavior.
- Detect and investigate insider threat incidents, including data exfiltration, unauthorized access, credential misuse, intellectual property theft, and policy violations.
- Correlate data across sources such as SIEM, EDR, DLP, IAM, email, and endpoint logs to build comprehensive investigative timelines.
- Conduct digital forensic analysis while preserving evidence integrity and maintaining proper chain of custody.
- Document findings in clear, defensible reports to support investigations and decision-making.
- Leverage behavioral indicators and detection logic to enhance early identification of insider threats.
- Support containment and remediation efforts in coordination with IT security and incident response teams.
- Analyze access patterns involving sensitive research data, proprietary information, and regulated datasets.
- Provide case support for matters involving export-controlled research, sponsored programs, and sensitive personnel concerns.
- Recommend improvements to security controls, policies, and awareness efforts to reduce insider risk.
- Contribute to the growth and maturity of the Insider Threat Program, including workflows, case management, and metrics.
Qualifications
Minimum Qualifications
- Bachelor’s degree in cybersecurity, digital forensics, computer science, information systems, criminal justice, or a related field, or equivalent experience.
- 2 or more years of experience in cybersecurity, digital forensics, insider threat analysis, or security investigations.
- Hands-on experience with user activity monitoring platforms and security analytics tools.
- Experience analyzing logs and data from SIEM, EDR, DLP, IAM, and endpoint systems.
- Strong understanding of forensic methods, evidence handling, and investigative documentation.
- Ability to analyze complex datasets, identify patterns, and communicate findings clearly.
- Experience working with confidential information and maintaining discretion.
- This position may require occasional after-hours support for active incidents or urgent investigations.
- Strong written and verbal communication skills.
- Are able to obtain Secret level security clearance. If selected, you will be subject to a government security clearance investigation and must meet the requirements for access to classified information. Eligibility requirements include U.S. citizenship.
Desired Qualifications
- Experience in higher education, research institutions, healthcare, life sciences, engineering, or similarly complex environments.
- Familiarity with protecting classified information, intellectual property, research data, and controlled or sensitive information.
- Knowledge of privacy, employment, monitoring, and data governance requirements in a private-sector academic environment.
- Certifications such as GCITP, GCFA, GCFE, CHFI, CISSP, CISM, or related credentials.
- Experience supporting investigations involving email abuse, cloud platforms, and collaboration tools.
- The research center seeks a detail-oriented security professional who can protect critical research assets while supporting a collaborative and national security mission-driven environment.
About Us
Why Work at APL?
The Johns Hopkins University Applied Physics Laboratory (APL) brings world-class expertise to our nation’s most critical defense, security, space and science challenges. While we are dedicated to solving complex challenges and pioneering new technologies, what makes us truly outstanding is our culture. We offer a vibrant, welcoming atmosphere where you can bring your authentic self to work, continue to grow, and build strong connections with inspiring teammates.
At APL, we celebrate our differences of perspectives and encourage creativity and bold, new ideas. Our employees enjoy generous benefits, including a robust education assistance program, unparalleled retirement contributions, and a healthy work/life balance. APL’s campus is located in the Baltimore-Washington metro area. Learn more about our career opportunities at .
All qualified applicants will receive consideration for employment without regard to race, creed, color, religion, sex, gender identity or expression, sexual orientation, national origin, age, physical or mental disability, genetic information, veteran status, occupation, marital or familial status, political opinion, personal appearance, or any other characteristic protected by applicable law. APL is committed to providing reasonable accommodation to individuals of all abilities, including those with disabilities. If you require a reasonable accommodation to participate in any part of the hiring process, please contact View email address on apply.j-vers.com .
The referenced pay range is based on JHU APL’s good faith belief at the time of posting. Actual compensation may vary based on factors such as geographic location, work experience, market conditions, education/training and skill level with consideration for internal parity. For salaried employees scheduled to work less than 40 hours per week, annual salary will be prorated based on the number of hours worked. APL may offer bonuses or other forms of compensation per internal policy and/or contractual designation. Additional compensation may be provided in the form of a sign-on bonus, relocation benefits, locality allowance or discretionary payments for exceptional performance. APL provides eligible staff with a comprehensive benefits package including retirement plans, paid time off, medical, dental, vision, life insurance, short-term disability, long-term disability, flexible spending accounts, education assistance, and training and development. Applications are accepted on a rolling basis.
Minimum Rate $100,000 Annually Maximum Rate $245,000 Annually
$100k - $245k
Johns Hopkins Applied Physics Laboratory in Laurel, Maryland, seeks a Forensic Insider Threat Analyst to identify and mitigate insider risks. This position leverages user activity monitoring and forensic analysis across collaborative environments. Key qualifications include...Suggested- ...Threat Analyst We are seeking a proactive and analytical Threat Analyst to join our team and play a critical role in identifying, analyzing, and mitigating potential threats. In this role, you will monitor emerging risks, assess vulnerabilities, and develop actionable...SuggestedTemporary workFor contractorsImmediate startFlexible hours
$150k - $225k
...the life: We are seeking an Emerging Threats Cyber Analyst to support cybersecurity threat research... ...Science, Information Systems, Network Forensics, or a related field; equivalent... ...information security, network forensics, insider threat, or security operations. Knowledge...SuggestedSummer holidayImmediate start- ...Risk Management Program (IRMP) by designing, implementing, and maintaining comprehensive insider threat detection and mitigation capabilities. The Insider Threat Program Analyst will develop and operationalize policies, systems, and practices to detect, deter, and respond...SuggestedContract workFor contractors
- Itlearn360 is seeking a Security Operations Center (SOC) Analyst to enhance our cybersecurity team in Beltsville, Maryland. Ideal candidates will possess strong analytical skills and hands-on experience in monitoring and defending enterprise systems. A TS/SCI clearance...Suggested
$7.5k
...Job Brief Forensic, vulnerability Job Description Are you VIGILANT about your career? RealmOne definitely is! RealmOne was... ...Cryptanalytic Computer Scientists, Cryptologic Cyber Planners, Intrusion Analysts, Protocol Analysts, Signals Analysts and Reverse Engineers,...Contract workWork experience placementImmediate startFlexible hours- ...Position Overview Far Ridgeline Engagements LLC, a Qinetiq US company, is seeking a Threat Finance Analyst, Mid-Level in Elkridge, MD. The Threat Finance Analyst will use their expertise to analyze program financial data, conduct threat analysis on client financial...
$31.44 - $43.26 per hour
...collaboration tools. Over 80 of the Fortune 100, 10,000 large enterprises, and millions of smaller organizations trust Proofpoint to stop threats, prevent data loss, and build resilience across their people and AI workflows. Our mission is simple: safeguard the digital world...Flexible hours$115.44k - $186.16k
...related to US Financial Crimes Prevention and Operations, focused on U.S. KYC operations, but may also include US Fraud Management, Insider Threat Management and Investigations, and Physical Security. Depth & Scope: Recognized as top level expert within the...Local areaWork from homeFlexible hours$100k
...someone like you to join our team at APL. We are seeking a missile effectiveness analyst to characterize and evaluate tactical missile system performance against complex and emergent threats. We are a hardworking team of analysts who support a wide range of government...Interim role- ...Summary IT Veterans is seeking a Security Operations Center (SOC) Analyst to join our growing cybersecurity team. This role is ideal for... ...events across multiple platforms to identify potential threats or vulnerabilities. Escalate and coordinate incident response...
$80k - $128k
Responsibilities Peraton is seeking an experienced CIRT Tier 1 Analyst to join Peratons' Federal Strategic Cyber Mission program. Location... ...principles Knowledge of cybersecurity principles, practices, threats, and vulnerabilities Knowledge of incident response principles...Contract workLocal areaShift work$105k
...looking for someone like you to join the Air Combat and Strike Mission Analysis Group! As an Air-to-Air Modeling & Simulation Analyst you will… Analyze the effectiveness and employment of airborne systems operating in complex environments using tools such as AFSIM...Temporary workFor contractorsWork experience placementInterim roleRelocation packageFlexible hours$85k
...paced environment? If so, we'd love for you to join our team at APL! We’re looking for a motivated Junior Space Kill Chain Analyst to join a small, high-impact team focused on advanced modeling and simulation for space orbital warfare and kill-chain scenarios....Temporary workWork experience placementWork at officeRelocation packageFlexible hours$100k
...for someone like you to join our team at APL. We are seeking a skilled and hard-working missile defense command and control analyst to join the Cross-Domain Battle Management group in the Air and Missile Defense Sector. In this role, you will be using your skills...Temporary workFor contractorsWork experience placementRelocation packageFlexible hours$105k
...so, we're looking for someone like you to join the Air Combat and Strike Mission Analysis Group! We are seeking a Senior AFSIM Analyst to help us evaluate and define solutions to enable the U.S. military to conduct strike warfare and air combat operations in complex...Temporary workFor contractorsWork experience placementInterim roleRelocation packageFlexible hours$100k
...physicists, mathematicians, and computer scientists are engaged in an extensive portfolio of projects with the U.S. military. Our analysts support the acquisition, maintenance, and assessment of various aircraft and weapon assets. We want you to join our team, and provide...Temporary workWork experience placementInterim roleRelocation packageFlexible hours$73.74k - $153.16k
...Job Description SOSi is seeking a Chinese Operational Language Analyst to join a team of Intelligence Community professionals... ...analysis. Identification and characterization of Network Operations threat actors. Additional Information Working Conditions Working conditions...Full timeWork at officeWorldwideNight shift- ...Automation Analyst Location: Mount Laurel, NJ Must Have Technical/Functional Skills Perform comprehensive API testing (REST, SOAP) using tools such as TOSCA API Engine, Postman and RestAssured. Design, develop and maintain automated test cases using Tricentis Tosca. Define...
$99k - $225k
...Job Number: R0239234 SIGINT Analyst The Opportunity: Are you energized by solving hard technical problems? Do you get lost, in the best way, in waveforms, network behaviors, and the challenge of uncovering what's hidden in the noise? If decoding complex signals...Full timeContract workPart timeWork at officeLocal areaImmediate startRemote workFlexible hoursNight shift- ...Overview / Job Responsibilities Entarian is hiring IT Audit Analyst to support the NAVSUP OIS IT team. The ideal candidate is solution‑oriented, driven, and enjoys collaborating with bright IT engineers on a highly‑visible, technically‑challenging project. We are looking...Work at officeRemote work
$46.51 - $60.6 per hour
...directly manage multiple specialized and various functional teams (e.g. application development, solutions designers, business systems analysts, support, technology project management etc.) and be responsible for seamless management of ongoing infrastructure support shared...$60.8k - $86.64k
Compensation And Benefits Manager Holman is a family-owned, global automotive services organization anchored by our deeply rooted core values and principles that have enabled us to continue Driving What's Right throughout the last century. Our teams deliver the Holman...Hourly payFull timeTemporary workPart timeWork experience placementLocal areaFlexible hours$103.8k - $218.1k
...Job Title: Chinese Operational Language Analyst Job Category: Language Services Time Type: Full time Minimum Clearance Required to Start... ...Identification and characterization of Network Operations threat actors This position is contingent on funding and may not be filled...Full timeContract workWork experience placementImmediate startFlexible hours$10k
...engineering hardware and/or software, programming, computer/network security, vulnerability analysis, penetration testing, computer forensics, information assurance, systems engineering, and/or network and systems administration. Completion of military training in a...Hourly payFull timeContract workTemporary workWork experience placementSummer workImmediate start- ...Zachary Piper Solutions is hiring an SOC Analyst II to support a client in the technology and cloud security industry in Fulton, MD.... ...security operations Familiarity with modern security frameworks, threat detection, and investigative methodologies Compensation...Long term contract2 days per week
$225k - $245k
...Exploitation Analyst $225K to $245K TS/SCI and Full Scope Required You will combine analytic and technical expertise to understand... ..., vulnerability analysis, penetration testing, and/or computer forensics. Experience with Jupyter Notebooks and Python scripting....$75k - $136.49k
...Program Analyst Groundswell is a premier technology integrator and solution provider, resolutely committed to solving the most complex challenges facing federal agencies today. Ours is a small company culture with big company reach and results. Are you ready to be audacious...Contract workLocal areaImmediate startFlexible hours$64.23k - $80.5k
...Program Analyst Seize your opportunity to make a personal impact as a Program Analyst supporting NAVAIR Ship and Air Integrated Warfare (SAIW) Division. GDIT is your place to make meaningful contributions to challenging projects and grow a rewarding career. At GDIT...Contract workTemporary workWork experience placementWork at officeRemote workWork from homeFlexible hours- Cardiac Monitoring Technician RhythMedix is growing rapidly, and looking to add staff in key positions so we may continue to support our goal of providing improved clinical outcomes and customer service to our clients, resulting in excellent patient care and increased...Shift work
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Forensic Insider Threat Analyst. Be the first to apply!


