To Apply for this Job Click Here
NOTE: This is a 100% remote position for residents of Southern California.
Lead Senior Forensic Specialist (Insider Threat / Digital Forensics)
Must Haves
- 7+ years of experience in Digital Forensics, Insider Threat, or Cybersecurity Investigations
- Hands-on experience with Magnet AXIOM (strong preference / highly desired)
- Experience with Cellebrite (Touch3, Mobile Ultra, Physical Analyzer) and/or Falcon NEO
- Proven experience conducting insider threat or employee-related investigations
- Strong ability to analyze data, investigate incidents, and produce defensible reports
- Experience working with HR and Legal stakeholders
- Familiarity with Microsoft Compliance Center and Microsoft Purview (Insider Threat, DLP)
- Experience with Splunk (search/querying) and/or Exabeam Advanced Analytics
- Relevant certification required:
- Certified Forensic Investigator OR Certified Insider Threat Specialist
Overview
Seeking a senior-level Forensic Specialist to support an Insider Threat program focused on internal investigations. This role is responsible for collecting, analyzing, and reporting on sensitive employee data to support HR and Legal-driven investigations. The position operates within a small, high-impact team and requires strong ownership and discretion.
Key Responsibilities
- Conduct digital forensic investigations related to employee misconduct, data exfiltration, fraud, and policy violations
- Collect and analyze data from systems including Exchange, SharePoint, Teams, and endpoint/user activity logs
- Utilize forensic tools such as Magnet AXIOM, Cellebrite, and Falcon NEO for data analysis
- Partner closely with Security Operations, Incident Response, HR, and Legal teams
- Produce clear, detailed, and defensible investigation reports for internal stakeholders
- Support insider threat detection and response using tools like Microsoft Purview, DLP, Exabeam, and Splunk
- Ensure all investigations are conducted in compliance with security, privacy, and legal standards
Nice to Have
- Experience in utility, energy, or regulated environments
- Background in Insider Threat / Insider Risk programs
- Experience working in highly sensitive or confidential investigation environments
Interested candidates may submit their resumes online or call at 310-906-4780 for further information regarding the position.
NS-SFSS-NS_1776646970