Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
AT&T

Lead Cybersecurity – Insider Risk Analyst, Telemetry, Insider Risk Detection, AI-Driven Security Operations

AT&T

Lead Cybersecurity Insider Risk Analyst at AT&T handling high-priority cybersecurity incidents and driving automation improvements. Oversee incident response and mentor team members to enhance security operations.

Posted 7/9/2026full-timeCharlotte • North Carolina • 🇺🇸 United StatesSenior💰 $141,300 - $211,900 per yearWebsite

Tech Stack

Tools & technologies
CloudCyber SecurityPythonSplunk

About the role

Key responsibilities & impact
  • Serve as lead handler for escalated insider risk and cyber incidents; establish investigation strategy, ensure timely execution, and drive incident closure.
  • Conduct deep-dive analysis of security events using telemetry, endpoint/network evidence, and threat intelligence to determine scope, impact, and root cause.
  • Create, tune, and deploy new detection rules and analytics aligned to evolving threats and suspicious behaviors; reduce false positives and improve signal-to-noise.
  • Perform targeted hunts to discover emerging behaviors and translate findings into actionable detections, controls, and playbooks.
  • Partner with IT and security stakeholders to drive containment, remediation, and recovery actions across endpoints, identities, and cloud services.
  • Contribute to incident response process improvements, documentation standards, and after-action reviews; support development of tabletop exercise scenarios.
  • Produce clear, concise updates for leadership (status, impact, risk, and next steps) and deliver required incident reports and post-incident summaries.
  • Coach and mentor analysts in triage and investigation practices; serve as a subject matter expert across the incident response organization.
  • Build and maintain integrations between multiple enterprise security tools to improve automation, asset inventory accuracy, vulnerability identification, and response workflows.
  • Implement AI-assisted monitoring and analytics to improve correlation, enrichment, prioritization, and triage of alerts; reduce manual effort and improve time to decision.
  • Develop and maintain risk-scoring approaches for endpoints and users based on security posture, vulnerabilities, and behavioral signals.
  • Produce trend analyses and operational health reporting (e.g., coverage, agent health, patch/compliance drift, and incident patterns) and translate results into improvement actions.
  • Develop and maintain automation via APIs, scripting, and orchestration to support agent deployment/upgrade workflows, compliance checks and remediation, rapid scoping, containment support, targeted remediation, and continuous control validation.

Requirements

What you’ll need
  • 5+ years of hands-on cybersecurity experience in incident response, security operations, insider risk, threat detection, or a closely related function.
  • Demonstrated experience leading or handling escalated incidents, including triage, investigation, containment, remediation, and post-incident reporting in complex enterprise environments.
  • Proficiency with security telemetry and investigation workflows across endpoint and network data sources; experience using SIEM analytics (e.g., Splunk) and EDR tooling.
  • Working knowledge across multiple domains such as host analysis, network forensics, cloud environments, UEBA/anomaly detection, intrusion detection, threat research/intelligence, detection engineering, and data analysis.
  • Ability to develop or maintain automation using scripting (e.g., Python, PowerShell, Bash) and/or APIs to improve security operations.
  • Strong written and verbal communication skills, including the ability to produce executive-ready summaries and lead discussions with technical and non-technical stakeholders.
  • Demonstrated integrity and discretion in handling sensitive investigations and confidential data.

Benefits

Comp & perks
  • Medical/Dental/Vision coverage
  • 401(k) plan
  • Tuition reimbursement program
  • Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)
  • Paid Parental Leave
  • Paid Caregiver Leave
  • Additional sick leave beyond what state and local law require may be available but is unprotected
  • Adoption Reimbursement
  • Disability Benefits (short term and long term)
  • Life and Accidental Death Insurance
  • Supplemental benefit programs: critical illness/accident hospital indemnity/group legal
  • Employee Assistance Programs (EAP)
  • Extensive employee wellness programs
  • Employee discounts up to 50% off on eligible AT&T mobility plans and accessories, AT&T internet (and fiber where available) and AT&T phone.

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
CybersecurityIncident ResponseThreat DetectionSecurity OperationsData AnalysisAutomation ScriptingSIEM AnalyticsEndpoint ForensicsNetwork ForensicsRisk Scoring
Soft Skills
Written CommunicationVerbal CommunicationCoachingMentoringIntegrity