Sr. Insider Risk Analyst

GENERAL SUMMARY

Our Information Security Team is responsible for identifying potential threats against the Bank and its workforce from internal and external threat actors and developing strategies to mitigate those threats to protect the Bank’s reputation, workforce, clients, and assets.

The Insider Risk Analyst supports the Insider Risk Program by monitoring and triaging insider-risk alerts, conducting multi-source analysis to determine context and risk, and documenting findings for appropriate escalation. Additionally, the Insider Risk Analyst will assist in assessing exfiltration paths, tuning security tools and policies, and providing Information Security training and awareness to the organization. This role partners closely with Human Resources, Legal, other Information Security teams, and Information Technology to coordinate investigations, recommend mitigation actions, and help ensure activities are performed in accordance with data privacy, legal, and regulatory requirements.

ESSENTIAL FUNCTIONS

• Lead triage of insider-risk alerts generated by monitoring use cases and tools; validate activity, gather context, and determine appropriate disposition in accordance with approved procedures.
• Respond to DLP alerts, monitor DLP consoles and analyze security events to identify potential data loss incidents.
• Lead in-depth investigations of suspected insider threat incidents, including unauthorized access, data exfiltration, and policy violations.
• Regularly review and fine-tune DLP and UEBA rules/policies to reduce false positives and improve detection accuracy.
• Develop and implement insider threat detection use cases, alert rules, and incident response playbooks.
• Assess potential insider threats by evaluating the risks associated with users, data, and systems.
• Prepare clear case documentation and facilitate timely escalation or referral to investigators, HR, Legal, or other SMEs when thresholds are met; track outcomes and support coordination of mitigation actions.
• Lead interviews with the business units and monitor external intelligence sources for notable insider-risk indicators and emerging tactics; contribute to analysis of trends to inform detection tuning and response playbooks.
• Create and advocate for Team Member training and awareness on cybersecurity risks and best practices; design and track phishing simulation campaigns.
• Support program governance by authoring documentation (e.g., procedures, roles and responsibilities, and control evidence) and by adhering to the established control environment.
• Collaborate with stakeholders across the Bank and, as applicable, with external partners to stay abreast of industry trends and best practices in insider-risk monitoring, investigations, and privacy-aligned analytics.

QUALIFICATIONS

Education:    

• Undergraduate degree in Intelligence Studies, Forensic Science, Security Studies, Computer Science, Cybersecurity, Data Analysis or a related field or equivalent experience.
• Behavioral Science/ Behavioral Analysis/Behavioral Threat Assessment experience or training preferred.

Experience:  

• Minimum 5+ years of work experience supporting insider threat/insider risk, investigations, security operations, fraud, or risk analysis.
• Preferred experience in or knowledge of financial industry.
• Experience in or knowledge of fraud.
• Preferred experience with User Activity Monitoring (UAM), User Behavior Analytics (UBA) principles and tools, rules and policy engines, other insider threat technical solutions and data analytics platforms. 
• Preferred experience supporting an insider threat/risk program or investigative team by assessing complex events, building narratives from multiple data sources, and recommending mitigation actions in coordination with cross-disciplinary partners.
• Preferred experience conducting risk assessments and in-depth multi-source research on threat actors, tactics, techniques, and emerging trends to inform risk scenarios, evaluate control environment and develop mitigation strategies.

Skills/Ability: 

• Demonstrates the ability to work effectively with a diverse range of stakeholders across various levels of the organization. 
• Applies foundational elicitation skills, including building rapport, active listening, and asking thoughtful, open-ended questions to gather information. 
• Utilizes strong critical thinking skills to analyze information, solve problems, and make informed decisions. 
• Exhibits creativity in approaching challenges and developing innovative solutions. 
• Maintains a high level of confidentiality and exercises sound judgment and discretion when handling sensitive information.
• Ability ro build successful and sustainable relationships across all lines of business and with technical partners to develop solutions
• Ability to manage multiple cases and priorities simultaneously, meet deadlines, and maintain thorough, well-organized documentation
• Demonstrates analytical rigor and creativity to solve complex problems, identify meaningful patterns in data, and deliver practical, risk-based recommendations.

Technical:

• Knowledge of DLP — network, endpoint, cloud; as one data source in the ecosystem
• Knowledge of OSINT concepts — collection, managed attribution, legal boundaries
• Knowledge of MITRE ATT&CK — TTPs mapped to insider threat scenarios
• Awareness of privacy law constraints on monitoring (CCPA, state laws)
• Knowledge of insider threat laws and regulations
• Knowledge of networking (TCP/IP, DNS, DHCP, HTTP/S)
• Knowledge of risk management processes and frameworks
• Knowledge of OS fundamentals — user activity logs, file systems, process behavior 
• Knowledge of IP addressing, DNS resolution, basic network flow logs
• Knowledge of CMU threat categories: IP theft, sabotage, fraud, espionage, unintentional
• Knowledge of information collection tools and techniques 

ON-GOING TRAINING

• Each team member is required to complete all required training including Compliance and Bank Secrecy Act/Anti-Money Laundering training suitable to his or her position within the Bank.
• Achievement of or willingness to pursue Insider Threat (e.g., CERT Insider Threat Program Manager, CCITP, GCITP, etc.), Counterintelligence, analytical and/or security (e.g., Security+, Network+, CEH) tradecraft training and certifications

OTHER DETAILS

$74,900 – $86,800 / year 
Pay determined based on job-related knowledge, skills, experience, and location.
This position may be eligible for a discretionary bonus.

Cathay Bank offers its full-time employees a competitive benefits package which is a significant part of their total compensation. It is our goal to provide employees with a comprehensive benefits package to fit their needs which includes, coverage for medical insurance, dental insurance, vision insurance, life insurance, long-term disability insurance, and flexible spending accounts (FSAs), health saving account (HSA) with company contributions, voluntary coverages, and 401(k). 

Cathay Bank may collect personal information from potential job candidates and applicants. For more information on how we handle personal information and your applicable rights, please review our California Job Applicant Privacy Policy.

Cathay Bank is an Equal Opportunity and Affirmative Action Employer. We welcome applications for employment from all qualified candidates, regardless of race, color, ethnicity, ancestry, citizenship, gender, national origin, religion, age, sex (including pregnancy and related medical conditions, childbirth and breastfeeding), reproductive health decision-making, sexual orientation, gender identity and expression, genetic information or characteristics, disability or medical condition, military status or status as a protected veteran, or any other status protected by applicable law.

Click here to view the “Know Your Rights: Workplace Discrimination is Illegal” Poster:
Poster- English

Poster- Spanish 

Poster- Chinese Traditional 
Poster- Chinese Simplified

Cathay Bank endeavors to make www.CathayBank.comaccessible to any and all users.  If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact, Mickey Hsu, FVP, Employee Relations Manager, at (626) 582-7370 or mickey.hsu@cathaybank.com.  This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.