W

Insider Threat Analyst (L2)

Willis Towers Watson
Full-time
Remote friendly (Lisbon, Portugal)
Portugal
L2 Insider Threat Analyst - Hybrid (Lisbon, Portugal)

🕵️‍♀️ About the Company

WTW is an award-winning advisory, broking, and solutions company that helps clients around the world turn risk into a path for growth. With a rich history dating back to 1828, WTW has a global team of over +175 individuals based in Lisbon, dedicated to delivering operational excellence through innovation and streamlined solutions.

🛡️ The Role

We are seeking a passionate and experienced L2 Insider Threat Analyst to join our growing Cyber Security team. This role will be responsible for investigating Insider Threat and Data Loss Prevention (DLP) cases escalated by our L1 Insider Threat team. You will report to the Global Head of Insider Threat and work closely with various teams, including the Global Security Operations Centre, Legal, Privacy, and HR.

🤝 What You'll Do
  • 🕵️‍♀️ Perform advanced analysis and investigation of Insider Threat and DLP alerts across various egress channels.
  • 📈 Analyze event/alert patterns to properly interpret and prioritize threats.
  • 💡 Help identify trends and drive requirements to improve DLP and IRM detection policies.
  • 🤝 Collaborate with Cyber Defence teams, Legal, Privacy, and HR during investigations.
  • 📝 Prepare detailed reports on security incidents, investigations, and mitigation efforts.
  • ⚙️ Contribute to the fine-tuning of detection tools by highlighting pain points.
  • 📚 Contribute to the development, improvement, and review of operational documents.

➕ Secondary Responsibilities:
  • 🤝 Help coach and mentor L1 Insider Threat Analysts.
  • 💼 Provide support to projects that enhance Insider Risk and data protection policies.

💪 What We're Looking For
  • 💡 In-depth experience in a Senior DLP or Insider Threat Analyst role within a global enterprise organization.
  • 💻 Relevant Microsoft Qualifications for Purview DLP, Defender, and IRM.
  • 💪 Excellent operational knowledge of Purview DLP, Defender, and IRM.
  • 🧠 Strong analytical and investigative skills to identify complex security issues and respond effectively.
  • 📊 Ability to identify trends and patterns in data usage behavior.
  • 🗣️ Excellent oral communication and writing skills.
  • 💪 Self-motivated and capable of independent work within a geographically and culturally diverse team.
  • 🤝 Excellent stakeholder management skills.
  • 🏆 Proven history of reliability and strong decision-making skills.

✨ Nice to Have
  • 📚 Understanding of data protection laws, regulations, and compliance requirements (e.g., GDPR, CCPA, HIPAA).
  • 🏆 Industry certifications like CISSP or CIPP.
  • 💻 Proficiency in security tools and technologies (SIEM, EDR, forensic analysis tools).
  • 💻 Familiarity with KQL for automating tasks and advanced analysis.
  • 🛡️ Prior experience in cyber security roles like incident response, threat detection, or security operations.
  • 📊 Understanding of risk scoring.

🌟 What's in it for You?
  • 🤝 A professional, friendly, and easy-going work environment in a fast-growing European capital.
  • 💪 Dynamic and motivating colleagues.
  • 💰 An attractive, performance-related remuneration system.
  • 🌎 An international management consultancy and the security of a global corporation.
  • 🚀 Development opportunities with a steep learning curve and individual career development.
  • 🤝 Collaborative and supportive team environment.
  • 🤝 Direct customer contact.
  • 🎉 Corporate events to celebrate successes and community.

🤝 Willis Towers Watson is an equal opportunity employer. 

Application Closed.