Sr. Investigator, Cyber Security

About the role

The Senior Investigator role leads and supports investigations involving cyber incidents, insider risk, data loss, unauthorized disclosure, suspicious user activity, employee-related security concerns, high-risk users, and other sensitive matters requiring coordinated handling. This is an investigation led role. The investigator will triage alerts, scope activity, collect and preserve evidence, correlate technical and behavioral indicators, document findings, brief stakeholders, and recommend proportionate mitigation actions. The role requires incident response judgment, strong documentation, discretion, and working knowledge of SIEM, SOAR, EDR, DLP, identity, endpoint, and threat intelligence tools. Core Responsibilities Cyber & Sensitive Investigations Lead and support investigations involving cyber incidents, insider-risk alerts, data misuse, policy violations, unauthorized disclosure, suspicious user activity, and other sensitive security matters Triage alerts, scope activity, identify affected users, systems, data, and business processes, and determine investigation priority based on risk and impact Prepare clear investigation summaries, findings, recommendations, and executive-ready updates for Cyber Security leadership, Legal, HR, Compliance, and business stakeholders Threat Analysis Apply incident response methodology to assess suspicious activity, determine root cause, validate impact, and support containment or remediation actions Correlate endpoint, network, identity, cloud, email, and user-behavior evidence to distinguish benign activity from policy violations, compromise, or intentional misuse Use threat intelligence and investigative tooling to enrich cases, validate indicators, improve detections, and support proactive risk reduction Insider Risk Detection & Management Identify and assess insider-risk indicators across DLP, UEBA, identity, endpoint, cloud, collaboration, and security monitoring platforms Investigate potential data exfiltration, unauthorized access, abnormal file movement, misuse of sensitive information, and risky behavior by employees, contractors, or privileged users Monitor high-risk scenarios including employee departures, role changes, privileged access, high-risk travel, sensitive projects, and repeat policy violations Case Management, Evidence & Documentation Maintain complete case documentation from intake through closure, including timeline, evidence sources, investigative actions, findings, risk assessment, and mitigation decisions Preserve evidence integrity and maintain chain of custody where required for cyber, employee, legal, or compliance-sensitive matters Ensure cases are handled confidentially, consistently, and in alignment with company policy, privacy expectations, legal guidance, and HR direction Cross-Functional Coordination & Mitigation Serve as a trusted investigation partner to Cyber Security, Legal, HR, Compliance, IT, business leadership, and other stakeholders involved in sensitive cases Coordinate escalation, containment, access changes, monitoring, employee action, clean-device workflows, post-travel review, or other mitigation steps with the appropriate owners Translate technical findings into clear business risk language for non-technical stakeholders while preserving investigative accurac Experience in incident response, security operations, cyber investigations, threat intelligence, insider-risk investigations, or sensitive security matters with a focus on APT groups. Hands-on familiarity with SIEM, SOAR, EDR, DLP, case management, identity, endpoint, cloud, and threat intelligence platforms Experience briefing technical and non-technical stakeholders, including Cyber Security leadership, Legal, HR, Compliance, and executive audiences Background in operations security, information security, personnel security, physical security, intelligence, compliance, or security program management Strong written documentation, evidence handling, judgment, discretion, collaboration, and time-management skills; bilingual communication and cleared-environment experience are advantageous Key Outcomes Consistent, defensible handling of cyber and sensitive employee-related investigations Earlier identification and mitigation of insider threat, data misuse, and human-driven security risk Improved investigation quality through better evidence collection, case documentation, and stakeholder reporting Stronger alignment between Cyber Security, Legal, HR, Compliance, IT, and business leadership on sensitive cases As part of our selection process, external candidates may be required to attend an in-person interview with a VERSANT Media employee at one of our locations prior to a hiring decision. VERSANT Media's policy is to provide equal employment opportunities to all applicants and employees without regard to race, color, religion, creed, gender, gender identity or expression, age, national origin or ancestry, citizenship, disability, sexual orientation, marital

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Versant3? Share your experience