Detection Engineering Lead (Insider Risk)

This is an exciting opportunity for a technically strong cybersecurity professional looking to take the next step into a leadership role. As Detection Engineering Lead (Insider risk) you will play a central role in helping define and build a scalable insider risk management program from the ground up. Youll bring your handson experience in incident response threat detection and forensic analysis to lead investigations and develop processes for detecting and responding to insider threats. This role is ideal for someone ready to expand their scope beyond technical execution and start owning strategy process design and stakeholder collaboration. 

In this role youll work closely with crossfunctional teamsincluding HR Legal Cybersecurity and Technologyto assess insider risks manage cases and implement mitigation strategies. Youll also have the chance to mentor junior analysts shape tooling and workflows and grow your leadership skills while making a real impact. If youre ready to step up lead with influence and build something meaningful this is the role for you. 

Essential Duties and Responsibilities: 

• Building a wellstructured resilient insider threat program that aligns with business goals and security standards will be central to your success. 
• Success in this role means developing and maintaining effective automations workflows tools and processes that enable the team to detect and respond to highrisk insider activities with speed and precision. 
• Youll excel by working closely with crossfunctional teams ensuring insider risks are accurately classified reported and resolved while enhancing incident response procedures. 
• Your ability to serve as a reliable point of contact for insider risk matters will foster a collaborative organizationwide approachensuring timely updates and smooth alignment with senior leadership. 
• Youll demonstrate impact by implementing and overseeing monitoring systems that surface behavioral anomalies enabling early identification of suspicious insider activities. 
• Youll help the organization stay one step ahead by working with awareness teams to identify emerging threat tactics and promote behaviors that reduce the risk of data loss or misuse. 
• Your ability to break down complex security challenges into clear understandable messages will empower leaders across the organization to act with confidence. 
• Success in this role means effectively coordinating with Business Units Security Operations HR Legal and Compliance teams to ensure insider risks are addressed holistically and remediated efficiently while maintaining strict confidentiality and professionalism in all investigative and advisory activities. 
• A key measure of success will be your ability to create and maintain meaningful use cases in UEBA and monitoring tools that enable early detection and prioritization of risky behaviors. 
• By defining relevant metrics and KPIs youll help senior leadership clearly understand program health and progressyour ability to translate data into insights will set you apart. 
• Youll elevate the teams detection capabilities by continuously refining rules analytics and detection logic that adapt to evolving threats. 
• Your strategic mindset will shine as you align the insider risk program roadmap with organizational priorities ensuring longterm relevance and impact. 
• Youll demonstrate strong investigative instincts by identifying and scoping insider risks through detailed analysis evidence collection and sound judgment. 
• Your ability to monitor unauthorized activities while maintaining strict adherence to legal and privacy guidelines will ensure investigative integrity and regulatory compliance. 
• Evaluating and refining behavioral detection models will be key to your success in staying ahead of shifting insider threat patterns and false positive fatigue. 
• Your written communication will stand out as you produce intelligence reports that clearly synthesize diverse data points into actionable insights. 
• Youll align your teams projects and goals with the broader organizational strategyensuring your insider risk program supports and advances enterprise priorities. 
• Your mentorship will drive the growth of junior analysts building a strong team culture rooted in continuous learning and development. 

Qualifications :

• 5 years of experience in information security including handson work in insider threat incident response threat hunting and forensic analysis. 
• 2 years of experience leading or significantly contributing to an insider threat management program.
• Experience conducting endtoend investigations involving qualitative and quantitative data forensic analysis stakeholder interviews and sensitive material handling. 
• When submitting your resume please include the word apple in the message to the hiring team section.
• Prior experience in healthcare or highregulation environments preferred but not required. 
• Strong understanding of cybersecurity principles digital forensics behavioral analytics and network security. 
• Expertise in insider threat detection tools and technologies such as UEBA SIEM DLP and EDR. 
• Comprehensive knowledge of email security OS forensics data loss prevention and network monitoring. 
• Proficiency in scripting and automation (e.g. Python Bash Go PowerShell). 
• Familiarity with cloud security principles and platforms including AWS GCP and/or Azure. 
• Proven ability to develop and implement insider threat detection strategies write detection signatures and enhance SOC processes. 
• Experience building workflows and governance documentation aligned with insider threat frameworks and industry best practices. 
• Excellent analytical problemsolving and decisionmaking skills especially when handling complex or ambiguous situations. 
• Exceptional communication and interpersonal skills with the ability to convey technical information to both technical and nontechnical audiences including senior leadership and legal counsel 
• Strong interpersonal maturity with the ability to influence collaborate and build trust across diverse teams. 
• Proven ability to work independently while aligning to organizational and client objectives. 

Additional Information :

Hybrid Work Model: At Guardant Health we have defined days for inperson/onsite collaboration and workfromhome days for individualfocused time. All U.S. employees who live within 50 miles of a Guardant facility will be required to be onsite on Mondays Tuesdays and Thursdays. We have found aligning our scheduled inoffice days allows our teams to do the best work and creates the focused thinking time our innovative work requires. At Guardant our work model has created flexibility for better worklife balance while keeping teams connected to advance our science for our patients.

The US base salary range for this fulltime position is $108800 to $149600. The range does not include benefits and if applicable bonus commission or equity. The range displayed reflects the minimum and maximum target for new hire salaries across all US locations for the posted role with the exception of any locations specifically referenced below (if any).

Within the range individual pay is determined by work location and additional factors including but not limited to jobrelated skills experience and relevant education or training. If you are selected to move forward the recruiting team will provide details specific to the factors above.

Employee may be required to lift routine office supplies and use office equipment. Majority of the work is performed in a desk/office environment; however there may be exposure to high noise levels fumes and biohazard material in the laboratory environment. Ability to sit for extended periods of time.

Guardant Health is committed to providing reasonable accommodations in our hiring processes for candidates with disabilities longterm conditions mental health conditions or sincerely held religious beliefs. If you need support please reach out to 

Guardant Health is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race color religion sex sexual orientation gender identity national origin or protected veteran status and will not be discriminated against on the basis of disability.

All your information will be kept confidential according to EEO guidelines.

To learn more about the information collected when you apply for a position at Guardant Health Inc. and how it is used please review our Privacy Notice for Job Applicants.

Please visit our career page at:  Work :

Yes