2. Jobs
  3. Insider Threat Analyst
Job Detail

Insider Threat Analyst

Royal London · GB
Others Full–time
ID: #9419
Posted: 2026-03-17
Apply Link
Salary

Description

Job Title: Insider Threat Analyst Contract Type: Permanent Location: Edinburgh OR Glasgow OR Alderley Edge Working style: Hybrid 50% home/office based Closing date: 10th April 2025 Our Security Operations team is growing and have opportunities for Insider Threat Analysts in Edinburgh / Glasgow / Alderley Edge. We monitor and manage potential threat and real data loss events in key business areas. These are exciting opportunities to join a growing organisation and work on a variety of new security tooling and technologies    The successful candidates will be responsible for managing and improving detection engineering, Data handling, Data Loss Prevention systems, investigate alerts, and work with teams across Cyber Security, IT, Legal, and Compliance to reduce data security risks and ensure regulatory compliance. Developing the posture of the detections and collaborating with key stakeholders. About the role  • Assist with Designing and implement insider threat detections based on behavioural indicators and real-world risk scenarios. • Identify gaps in current monitoring capabilities and propose new detections to address those gaps. • Translate insider risk scenarios into practical alerting logic and monitoring rules across security platforms. • Assist with investigations involving insider risk, data / access misuse, fraud and employee misconduct. • Conduct investigative interviews and behavioural assessments. • Analyse behavioural, financial and technical indicators to determine intent and impact. • Build and mature workflows across Insider Risk, fraud prevention, misconduct handling and case management. • Develop and refine triage models, escalation standards and investigation lifecycle processes. • Partner with technical teams to improve alerting, detection logic and data visibility across monitoring platforms. • Identify control gaps and implement practical improvements to reduce risk exposure. • Develop and maintain playbooks and operational standards. • Contribute to executive-level reporting and risk insight. • Ensure monitoring and investigative activities align with privacy and regulatory requirements.    About you  • Experience in Data Loss Prevention, Security Operations, or Cyber Security monitoring. • Detection engineering skills and use case development lifecycle management. • Exposure to fraud or whistleblowing investigations. • Experience refining detection use cases or improving alert quality. • Strong communication skills. • Hands-on experience with Microsoft Purview or similar tooling. • Experience with Microsoft 365 security tools or cloud security. • Knowledge of insider risk, digital forensics, or behavioural analytics. • Relevant certifications (e.g. Security+, CCSP, CISSP, Microsoft SC-400. • Experience working in a SOC or operational security environment. About Royal London We’re the UK’s largest mutual life, pensions and investment company, offering protection, long-term savings and asset management products and services. Our People Promise to our colleagues is that we will all work somewhere inclusive, responsible, enjoyable and fulfilling. This is underpinned by our Spirit of Royal London values; Empowered, Trustworthy, Collaborate, Achieve. We've always been proud to reward employees by offering great workplace benefits such as 28 days annual leave in addition to bank holidays, an up to 14% employer matching pension scheme and private medical insurance. You can see all our benefits here - Our Benefits Inclusion, diversity and belonging We’re an Inclusive employer. We celebrate and value different backgrounds and cultures across Royal London. Our diverse people and perspectives give us a range of skills which are recognised and respected – whatever their background.

Hard Skills 0

No hard skills extracted

Soft Skills 0

No soft skills extracted

Apply Options
Publisher Direct Link
WIBF Jobs No Apply
WIBF Jobs No Apply
LinkedIn No Apply
Adzuna No Apply
Jobijoba UK No Apply
Cyber Vacancies, Cyber Security Talent Specialists. No Apply
Job Offers And Employment No Apply
Jobilize No Apply
Recruit.net Yes Apply
API Logs for this Job
Query Country Status Response ms Created
Insider Threat Analyst fallback 463 2026-03-21 20:48
graduate data analyst in Edinburgh gb processed 8213 2026-03-21 16:46
Raw JSON 
{
  "job_id": "XlOFKTKwl4-2JVUSAAAAAA==",
  "job_city": null,
  "job_state": null,
  "job_title": "Insider Threat Analyst",
  "job_salary": null,
  "job_country": "GB",
  "job_benefits": null,
  "job_latitude": 55.953252,
  "job_location": "Edinburgh",
  "job_onet_soc": "15112200",
  "apply_options": [
    {
      "is_direct": false,
      "publisher": "WIBF Jobs",
      "apply_link": "https://jobs.wibf.org.uk/job/46965/insider-threat-analyst/?utm_campaign=google_jobs_apply&utm_source=google_jobs_apply&utm_medium=organic"
    },
    {
      "is_direct": false,
      "publisher": "LinkedIn",
      "apply_link": "https://uk.linkedin.com/jobs/view/insider-threat-analyst-at-royal-london-4386776429?utm_campaign=google_jobs_apply&utm_source=google_jobs_apply&utm_medium=organic"
    },
    {
      "is_direct": false,
      "publisher": "Adzuna",
      "apply_link": "https://www.adzuna.co.uk/jobs/details/5670369708?utm_campaign=google_jobs_apply&utm_source=google_jobs_apply&utm_medium=organic"
    },
    {
      "is_direct": false,
      "publisher": "Jobijoba UK",
      "apply_link": "https://www.jobijoba.co.uk/detail/92/e52dbe6f894f3857bff83dc4f077e9de?utm_campaign=google_jobs_apply&utm_source=google_jobs_apply&utm_medium=organic"
    },
    {
      "is_direct": false,
      "publisher": "Cyber Vacancies, Cyber Security Talent Specialists.",
      "apply_link": "https://www.cybervacancies.com/job-search/11223/insider-threat-analyst/incident-response/edinburgh/job?utm_campaign=google_jobs_apply&utm_source=google_jobs_apply&utm_medium=organic"
    },
    {
      "is_direct": false,
      "publisher": "Job Offers And Employment",
      "apply_link": "https://gb.trabajo.org/job-3972-4d37a86dc9dd8c60a78f44cc7d28eeca?utm_campaign=google_jobs_apply&utm_source=google_jobs_apply&utm_medium=organic"
    },
    {
      "is_direct": false,
      "publisher": "Jobilize",
      "apply_link": "https://www.jobilize.com/amp/job/gb-midlothian-edinburgh-insider-threat-analyst-scotland-royal-london?utm_campaign=google_jobs_apply&utm_source=google_jobs_apply&utm_medium=organic"
    },
    {
      "is_direct": true,
      "publisher": "Recruit.net",
      "apply_link": "https://www.recruit.net/job/insider-threat-analyst-jobs/382C2B2FE5370528?utm_campaign=google_jobs_apply&utm_source=google_jobs_apply&utm_medium=organic"
    },
    {
      "is_direct": null,
      "publisher": "WIBF Jobs",
      "apply_link": "https://jobs.wibf.org.uk/job/46965/insider-threat-analyst/"
    }
  ],
  "employer_logo": "https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcSepmA_4MlCLgAgWTnRYb1uPOw-wpNidkeYgfF4&s=0",
  "employer_name": "Royal London",
  "job_is_remote": false,
  "job_longitude": -3.1882669999999997,
  "job_posted_at": "4 days ago",
  "job_publisher": "WIBF Jobs",
  "job_apply_link": "https://jobs.wibf.org.uk/job/46965/insider-threat-analyst/?utm_campaign=google_jobs_apply&utm_source=google_jobs_apply&utm_medium=organic",
  "job_highlights": {},
  "job_max_salary": null,
  "job_min_salary": null,
  "job_description": "Job Title: Insider Threat Analyst\n\nContract Type: Permanent\n\nLocation: Edinburgh OR Glasgow OR Alderley Edge\n\nWorking style: Hybrid 50% home/office based\n\nClosing date: 10th April 2025\n\nOur Security Operations team is growing and have opportunities for Insider Threat Analysts in Edinburgh / Glasgow / Alderley Edge. We monitor and manage potential threat and real data loss events in key business areas. These are exciting opportunities to join a growing organisation and work on a variety of new security tooling and technologies   \n\nThe successful candidates will be responsible for managing and improving detection engineering, Data handling, Data Loss Prevention systems, investigate alerts, and work with teams across Cyber Security, IT, Legal, and Compliance to reduce data security risks and ensure regulatory compliance. Developing the posture of the detections and collaborating with key stakeholders.\n\nAbout the role \n• Assist with Designing and implement insider threat detections based on behavioural indicators and real-world risk scenarios.\n• Identify gaps in current monitoring capabilities and propose new detections to address those gaps.\n• Translate insider risk scenarios into practical alerting logic and monitoring rules across security platforms.\n• Assist with investigations involving insider risk, data / access misuse, fraud and employee misconduct.\n• Conduct investigative interviews and behavioural assessments.\n• Analyse behavioural, financial and technical indicators to determine intent and impact.\n• Build and mature workflows across Insider Risk, fraud prevention, misconduct handling and case management.\n• Develop and refine triage models, escalation standards and investigation lifecycle processes.\n• Partner with technical teams to improve alerting, detection logic and data visibility across monitoring platforms.\n• Identify control gaps and implement practical improvements to reduce risk exposure.\n• Develop and maintain playbooks and operational standards.\n• Contribute to executive-level reporting and risk insight.\n• Ensure monitoring and investigative activities align with privacy and regulatory requirements.\n\n  \n\nAbout you \n• Experience in Data Loss Prevention, Security Operations, or Cyber Security monitoring.\n• Detection engineering skills and use case development lifecycle management.\n• Exposure to fraud or whistleblowing investigations.\n• Experience refining detection use cases or improving alert quality.\n• Strong communication skills.\n• Hands-on experience with Microsoft Purview or similar tooling.\n• Experience with Microsoft 365 security tools or cloud security.\n• Knowledge of insider risk, digital forensics, or behavioural analytics.\n• Relevant certifications (e.g. Security+, CCSP, CISSP, Microsoft SC-400.\n• Experience working in a SOC or operational security environment.\n\nAbout Royal London\n\nWe’re the UK’s largest mutual life, pensions and investment company, offering protection, long-term savings and asset management products and services.\n\nOur People Promise to our colleagues is that we will all work somewhere inclusive, responsible, enjoyable and fulfilling. This is underpinned by our Spirit of Royal London values; Empowered, Trustworthy, Collaborate, Achieve.\n\nWe've always been proud to reward employees by offering great workplace benefits such as 28 days annual leave in addition to bank holidays, an up to 14% employer matching pension scheme and private medical insurance. You can see all our benefits here - Our Benefits\n\nInclusion, diversity and belonging\n\nWe’re an Inclusive employer. We celebrate and value different backgrounds and cultures across Royal London. Our diverse people and perspectives give us a range of skills which are recognised and respected – whatever their background.",
  "job_google_link": "https://www.google.com/search?q=jobs&gl=gb&hl=en&udm=8#vhid=vt%3D20/docid%3DXlOFKTKwl4-2JVUSAAAAAA%3D%3D&vssid=jobs-detail-viewer",
  "employer_website": "https://www.royallondon.com",
  "job_onet_job_zone": "4",
  "job_salary_period": null,
  "job_apply_is_direct": false,
  "job_employment_type": "Full–time",
  "job_employment_types": [
    "FULLTIME"
  ],
  "job_posted_at_timestamp": 1773705600,
  "job_posted_at_datetime_utc": "2026-03-17T00:00:00.000Z"
}