Forensic Insider Threat Analyst
Johns Hopkins APL · Laurel, MD · Information Technology
About this role
Johns Hopkins APL is hiring a mid-level Security Analyst based in Laurel, MD. The posting calls out experience with Security, IAM, SIEM, Data Analytics.
- Role
- Security Analyst
- Function
- security
- Level
- mid
- Track
- Individual contributor
- Location
- Laurel, MD
- Department
- Information Technology
- Posted
- May 8, 2026
More roles at Johns Hopkins APL
Job description
from Johns Hopkins APL careersAre you interested in helping protect critical research, national security initiatives, and cutting-edge innovation from insider threats?
If so, join us at APL!
We are seeking a Forensic Insider Threat Analyst to help identify, investigate, and mitigate insider risk in a complex and highly collaborative research environment. In this role, you’ll leverage user activity monitoring, endpoint and identity telemetry, and forensic analysis to detect suspicious behavior and support sensitive investigations.
You’ll work across a large set of stakeholders—including IT, Information Security, Research Administration, Legal, HR, and leadership—to address potential risks with discretion and precision. Our team is focused on balancing strong security practices with privacy, mission needs, and the unique demands of sponsored research. If you’re curious, analytical, and motivated to solve complex security challenges, you’ll fit right in.
As a Forensic Insider Threat Analyst, you will…
- Monitor user activity and security telemetry to identify anomalous or high-risk behavior.
- Detect and investigate insider threat incidents, including data exfiltration, unauthorized access, credential misuse, intellectual property theft, and policy violations.
- Correlate data across sources such as SIEM, EDR, DLP, IAM, email, and endpoint logs to build comprehensive investigative timelines.
- Conduct digital forensic analysis while preserving evidence integrity and maintaining proper chain of custody.