O pozici
We’re looking for someone who sees what others miss.
An inquisitive and highly analytical Insider Risk Analyst - Cyber Security who doesn’t just follow patterns—but questions them. Someone who is naturally curious about human behavior, data anomalies, and the subtle signals that indicate when something isn’t quite right.
In this role, you’ll join our Insider Risk Unit , where you’ll help protect the organization from risks that originate within . You’ll work at the intersection of security, technology, and human behavior —monitoring user activity, analyzing access patterns, and investigating anomalies that could impact our intellectual property and critical assets.
But this isn’t just about detection. You’ll collaborate closely with teams across the business —including Human Resources, Legal, and IT —to ensure investigations are handled thoughtfully, ethically, and in line with company standards. Your work will directly influence how security is embedded into our operations and technology platforms.
You’ll report directly to our Insider Risk Manager on a hybrid work schedule.
Co budeš dělat
- Monitor & Triage: Continuously monitor security telemetry using SIEM, DLP (Data Loss Prevention), and UEBA (User and Entity Behavior Analytics) tools to identify high-risk, anomalous behavior.
- Investigate: Conduct detailed investigations into potential insider threats, including intellectual property theft, data exfiltration, credential misuse, and policy violations.
- Collaborate: Partner cross-functionally with HR, Legal, Compliance, and Physical Security teams to resolve incidents while respecting employee privacy.
- Report & Present: Document investigative findings and work with investigators to provide clear reports for key stakeholders and senior management.
- Threat Hunting: Proactively analyze data pipelines and detection logic to enhance early identification of internal risks and develop new detection use cases.
Koho hledáme
- Bachelor’s degree from an accredited institution in technical discipline such as science, technology, engineering, mathematics, or equivalent experience
- 3 - 5 years of progressive experience in Information Security, Insider Threat Operations, Cybersecurity Engineering or Architecture roles.
- Working knowledge of User Activity Monitoring (UAM), DLP, and SIEM platforms (e.g., Splunk, Microsoft Purview/Sentinel). Expertise in cloud security architectures (Azure, AWS), secure development lifecycle, cryptography, and incident response.
- Strong ability to connect seemingly unrelated events, identify behavioral indicators, and apply critical thinking to complex, ambiguous scenarios.
- Proficiency with security tools and technologies including a working knowledge of Splunk.
- Excellent judgment and the ability to handle highly sensitive, confidential information with professionalism and tact.
Benefity
- Enjoy 25 vacation days per year
- Meal allowance
- Benefit Plus Cafeteria Card available to all employees
- Recondition days (sick days)
- To promote health and wellbeing we provide life insurance coverage, employer contribution to Pension saving scheme or long-term investment product (DIP)
- Multisport Card, Makro Card, discount at T-Mobile tariffs and multiple discount programs in our partner network
- 3 plus 2 hybrid work arrangement to support your work-life balance
- Flexible working hours
- Work in international environment
- Recognition and Referral bonus programs
- Employee Assistance Program - Free and confidential service to help with any difficulties regarding work, life and personal or family matters
- Honeywell Learning and Development Center – learning platform with over 10,000 courses from Udemy
- Frequent Employee Engagement activities fostering an inclusive and diverse work environment
- Global employee networks to help you connect and grow
- Comprehensive induction, ongoing training, and development to set you up for success, in-house and external learning platforms supporting development opportunities
