Senior Analyst - Insider Threat (Remote)

Achieving our goals starts with supporting yours. Grow your career, access top-tier health and wellness benefits, build lasting connections with your team and our customers, and travel the world using our extensive route network.

Come join us to create what’s next. Let’s define tomorrow, together.

Description

Connecting People. Uniting the World. There’s never been a more exciting time to join United Airlines! As a global company that operates in hundreds of locations around the world — with millions of customers and tens of thousands of employees — we have a unique responsibility to uplift and provide opportunities in the places where we work, live and fly.
We’re on a path to becoming the best airline in aviation history. Join our Cybersecurity and Digital Risk (CDR) team to help lead the industry in cyber safety, security and resilience. United's CDR team plays a critical role in protecting our operations by enabling secure and resilient systems, managing threats and vulnerabilities, and ensuring swift response and recovery. Our mission is to seamlessly embed cybersecurity and digital risk management into every aspect of our business. We help drive progress and growth through trusted digital solutions, safeguarding assets and empowering our team, all while promoting a cyber-safe and secure environment that supports resilient airline operations.
United offers a competitive benefits package aimed at keeping you happy, healthy, and well-traveled. From employee-run "Business Resource Group" communities to world-class benefits like parental leave, 401(k), and privileges like space-available travel, United is truly a one-of-a-kind place to work. Are you ready to travel the world and help us keep our airline cyber safe? Apply today!
 

Job overview and responsibilities

The Senior Analyst, Insider Threat, is responsible for advancing detection capabilities and improving the quality and effectiveness of insider threat monitoring. This role focuses on designing, tuning, and operationalizing detection logic to increase alert fidelity and drive measurable improvements in actionable insider threat alerts. The position partners closely with Cybersecurity, Data Protection, HR, and Legal to ensure detections align to risk priorities and business context. This role plays a critical part in evolving the Insider Threat Program from reactive alerting to scalable, intelligence-driven detection.

• Detection Engineering & Alert Fidelity Optimization: Design, build, and continuously refine insider threat detection logic, use cases, and analytics to improve signal quality. Focus on reducing false positives and increasing the percentage of actionable insider threat alerts.
• Alert Triage, Investigation, & Feedback Loop: Lead triage and investigation of insider threat alerts, applying structured methodologies to assess risk Translate investigation outcomes into detection improvements, ensuring a continuous feedback loop between operations and engineering.
• Detection Strategy & Use Case Development: Develop and implement a scalable detection strategy aligned to key insider threat risks (i.e., data exfiltration, employee exit risk, misuse). Identify gaps and prioritize new detection use cases to expand coverage and effectiveness
• Threat Hunting & Advanced Analytics: Conduct proactive threat hunting using behavioral, endpoint, and data activity signals to identify emerging insider risks. Translate findings into new detection use cases and improvements to existing detection logic.
• Cross-Functional Partnership: Partner with Data Protection, Legal, HR, and Cyber teams to ensure detections are risk-aligned, context-aware, and operationally actionable. Incorporate business context and investigation requirements into detection design to improve alert fidelity and response effectiveness.
   

Qualifications

What’s needed to succeed (Minimum Qualifications):

• Bachelor's degree required (Cybersecurity, Information Technology, Computer Science majors preferred)
• 3+ years in STEM-related field
• Strong experience with insider threat detection methodologies, behavioral analytics, and risk indicators 
• Proven ability to design, tune, and operationalize detection logic to improve alert quality and reduce noise 
• Experience working with DLP, UEBA, or related telemetry to identify and investigate insider risk activity 
• Analytical mindset with ability to translate investigation outcomes into detection improvements 
• Understanding of data classification, data movement patterns, and exfiltration techniques 
• Ability to measure and improve detection effectiveness (i.e., alert fidelity, actionable alert rate)
• Strong collaboration and communication skills to influence cross-functional stakeholders
• Must be legally authorized to work in the United States for any employer without sponsorship
• Successful completion of interview required to meet job qualification
• Reliable, punctual attendance is an essential function of the position

What will help you propel from the pack (Preferred Qualifications):

• Master's degree
• Certifications such as CISA, Security +
• Hands-on experience with DLP platforms, insider risk tools, or detection engineering workflows 
• Experience using Splunk for Insider Threat  
• Familiarity with M365 / Purview, endpoint telemetry, or cloud activity monitoring 
• Experience building metrics or KPIs to track detection performance and program maturity 
• Knowledge of automation or scripting to support detection tuning and scaling
   

Posting End Date 7/27/2026

The base pay range for this role is $112,480.00 to $146,540.00.

The base salary range/hourly rate listed is dependent on job-related, factors such as experience, education, and skills. This position is also eligible for bonus and/or long-term incentive compensation awards.

You may be eligible for the following competitive benefits: medical, dental, vision, life, accident & disability, parental leave, employee assistance program, commuter, paid holidays, paid time off, 401(k) and flight privileges.

United Airlines is an Equal Opportunity Employer. We recruit, employ, train, compensate, and promote without regard to race, color, religion, national origin, gender identity, sexual orientation, disability, age, veteran status, or any other protected category under applicable law. We provide reasonable accommodations for applicants and employees with disabilities. To request an accommodation, contact

JobAccommodations@united.com