[Remote] Insider Risk Analyst - Intelligence & Analysis

Note:The job is a remote job and is open to candidates in USA. Microsoft is one of the largest enterprise service companies in the world, and they are seeking an Insider Risk Analyst to protect their people, data, and intellectual property. The role involves detecting, assessing, and responding to potential insider threats, analyzing data from multiple sources, and collaborating with various teams to ensure a timely response to risk events. Responsibilities Respond to detections and escalations related to Insider Threat Provide investigation support, including containment and remediation during insider threat incidents Identify, collect, and analyze essential data from a variety of sources to validate suspicious behaviors Ensure metrics are complete and accurate, and findings are documented in the case management system Coordinate investigation and mitigation steps with other internal teams across Microsoft globally Work closely with engineering and first-party product teams to author new detections or tune existing ones to improve alert quality Develop and maintain playbooks to improve processes, consistency, and information sharing across teams Skills Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field + OR equivalent experience Microsoft Cloud Background Check:This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter Customer Contract:This position requires verification of citizenship due to citizenship-based legal restrictions.Specifically, this position supports United States federal, state, and/or local government agency customers and is subject to certain citizenship-based restrictions where required or permitted by applicable law. To meet this legal requirement, and as a condition of employment, the successful candidate's citizenship will be verified with a valid passport Controlled Technology:This role will require access to information that is controlled for export under export control regulations, potentially under the U.S.International Traffic in Arms Regulations or Export Administration Regulations, the EU Dual Use Regulation, and/or other export control regulations. As a condition of employment, the successful candidate will be required to provide proof of citizenship, U.S. permanent residency, or other protected status (e.g., under 8 U.S.C. 1324b(a)(3)) for assessment of eligibility to access the export-controlled information. To meet this legal requirement, and as a condition of employment, the successful candidate's citizenship will be verified with a valid passport.Lawful permanent residents, refugees, and asylees may verify status using other documents, where applicable Bachelor's Degree in Criminal Justice, Political science, National Security Studies (or related field) or 2+ years of hands-on experience in Counterintelligence, Insider Risk, Law Enforcement or Open Source Intelligence 1+ year(s) experience gathering, assessing, and synthesizing information from various sources to identify patterns, assess risk, and support investigative or intelligence-driven decisions 1+ year(s) experience working in a structured, process-driven environment with attention to detail, consistency, and disciplined execution in documentation and case management 1+ year(s) experience using Microsoft or equivalent enterprise security platforms (Sentinel, Defender, Purview) and data query languages, such as KQL or SQL Foundational understanding of investigative or intelligence tradecraft demonstrated through coursework, training, or documented use of information synthesis, evidence handling, or analytical writing Company Overview Microsoft is a software corporation that develops, manufactures, licenses, supports, and sells a range of software products and services.It was founded in 1975, and is headquartered in Redmond, Washington, USA, with a workforce of 10001+ employees. Its website is