Sr. Investigator, Cyber Security

Job Description

The Senior Investigator role leads and supports investigations involving cyber incidents, insider risk, data loss, unauthorized disclosure, suspicious user activity, employee-related security concerns, high-risk users, and other sensitive matters requiring coordinated handling.

This is an investigation led role. The investigator will triage alerts, scope activity, collect and preserve evidence, correlate technical and behavioral indicators, document findings, brief stakeholders, and recommend proportionate mitigation actions. The role requires incident response judgment, strong documentation, discretion, and working knowledge of SIEM, SOAR, EDR, DLP, identity, endpoint, and threat intelligence tools.

Core Responsibilities

Cyber & Sensitive Investigations

• Lead and support investigations involving cyber incidents, insider-risk alerts, data misuse, policy violations, unauthorized disclosure, suspicious user activity, and other sensitive security matters
• Triage alerts, scope activity, identify affected users, systems, data, and business processes, and determine investigation priority based on risk and impact
• Prepare clear investigation summaries, findings, recommendations, and executive-ready updates for Cyber Security leadership, Legal, HR, Compliance, and business stakeholders

Threat Analysis

• Apply incident response methodology to assess suspicious activity, determine root cause, validate impact, and support containment or remediation actions
• Correlate endpoint, network, identity, cloud, email, and user-behavior evidence to distinguish benign activity from policy violations, compromise, or intentional misuse
• Use threat intelligence and investigative tooling to enrich cases, validate indicators, improve detections, and support proactive risk reduction

Insider Risk Detection & Management

• Identify and assess insider-risk indicators across DLP, UEBA, identity, endpoint, cloud, collaboration, and security monitoring platforms
• Investigate potential data exfiltration, unauthorized access, abnormal file movement, misuse of sensitive information, and risky behavior by employees, contractors, or privileged users
• Monitor high-risk scenarios including employee departures, role changes, privileged access, high-risk travel, sensitive projects, and repeat policy violations

Case Management, Evidence & Documentation

• Maintain complete case documentation from intake through closure, including timeline, evidence sources, investigative actions, findings, risk assessment, and mitigation decisions
• Preserve evidence integrity and maintain chain of custody where required for cyber, employee, legal, or compliance-sensitive matters
• Ensure cases are handled confidentially, consistently, and in alignment with company policy, privacy expectations, legal guidance, and HR direction

Cross-Functional Coordination & Mitigation

• Serve as a trusted investigation partner to Cyber Security, Legal, HR, Compliance, IT, business leadership, and other stakeholders involved in sensitive cases
• Coordinate escalation, containment, access changes, monitoring, employee action, clean-device workflows, post-travel review, or other mitigation steps with the appropriate owners
• Translate technical findings into clear business risk language for non-technical stakeholders while preserving investigative accurac

Qualifications

• Experience in incident response, security operations, cyber investigations, threat intelligence, insider-risk investigations, or sensitive security matters with a focus on APT groups.
• Hands-on familiarity with SIEM, SOAR, EDR, DLP, case management, identity, endpoint, cloud, and threat intelligence platforms
• Experience briefing technical and non-technical stakeholders, including Cyber Security leadership, Legal, HR, Compliance, and executive audiences
• Background in operations security, information security, personnel security, physical security, intelligence, compliance, or security program management
• Strong written documentation, evidence handling, judgment, discretion, collaboration, and time-management skills; bilingual communication and cleared-environment experience are advantageous

Key Outcomes

• Consistent, defensible handling of cyber and sensitive employee-related investigations
• Earlier identification and mitigation of insider threat, data misuse, and human-driven security risk
• Improved investigation quality through better evidence collection, case documentation, and stakeholder reporting
• Stronger alignment between Cyber Security, Legal, HR, Compliance, IT, and business leadership on sensitive cases

Additional Information

As part of our selection process, external candidates may be required to attend an in-person interview with a VERSANT Media employee at one of our locations prior to a hiring decision. VERSANT Media's policy is to provide equal employment opportunities to all applicants and employees without regard to race, color, religion, creed, gender, gender identity or expression, age, national origin or ancestry, citizenship, disability, sexual orientation, marital status, pregnancy, veteran status, membership in the uniformed services, genetic information, or any other basis protected by applicable law.

For LA County and City Residents Only: VERSANT Media will consider for employment qualified applicants with criminal histories, or arrest or conviction records, in a manner consistent with relevant legal requirements, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance, the Los Angeles County Fair Chance Ordinance for Employers, and the California Fair Chance Act, where applicable.

If you are a qualified individual with a disability or a disabled veteran and require support throughout the application and/or recruitment process as a result of your disability, you have the right to request a reasonable accommodation. You can submit your request to [email protected].

VERSANT Media is committed to fair and equitable compensation practices. We include a good faith pay range for each position to comply with applicable state and local pay transparency laws and to promote equity across our organization. Actual compensation will be based on factors such as the candidate's skills, qualifications, experience, and location and may include additional forms of compensation and benefits such as health insurance, retirement plans, paid time off, etc.

VERSANT Media is not accepting unsolicited assistance from search firms for this employment opportunity. All resumes submitted by search firms to any employee at VERSANT via-email, the Internet, or in any form and/or method without a valid written Statement of Work in place for this position from VERSANT's Talent Acquisition team will be deemed the sole property of VERSANT. No fee will be paid in the event the candidate is hired by VERSANT as a result of the referral or through other means.