We are UMG, the Universal Music Group. We are the world’s leading music company. In everything we do, we are committed to artistry, innovation and entrepreneurship. We own and operate a broad array of businesses engaged in recorded music, music publishing, merchandising, and audiovisual content in more than 60 countries. We identify and develop recording artists and songwriters, and we produce, distribute and promote the most critically acclaimed and commercially successful music to delight and entertain fans around the world.
 

How you’ll LEAD:

Senior Insider Threat Analyst, Global Insider Threat Management reports to the Sr. Director, Global Insider Threat Management. The Senior Insider Threat Analyst will play a crucial role in identifying, analyzing, and mitigating potential insider threats that could compromise the security of our organization’s assets, data, and personnel.

The Senior Insider Threat Analyst will perform duties as assigned.

The Senior Insider Threat Analyst creates documentation for the tools and processes utilized by the Global Insider Threat Management Team. The Senior Insider Threat Analyst manages the Insider Threat Management collaboration OneDrive and Microsoft Team Channel. This role supports the other efforts in the Global Insider Threat Management, Security Operations and Business Resiliency Global Security Office (GSO).

How you’ll CREATE:

• Conduct in-depth investigations of suspected insider threat incidents, including unauthorized access, data exfiltration, and policy violations.
• Hands-on investigation and threat hunting in SIEM, UEBA and DLP tools.
• Prepare detailed reports on investigation findings, risk assessments, and recommended remediation actions.
• Assess potential insider threats by evaluating the risks associated with users, data, and systems.
• Perform insider risk assessments for global teams such as social engineering penetration tests, network penetration tests, and penetration testing of privileged access applications.
• Creates documentation for the tools and processes utilized by the Global Insider Threat Management team.
• Gathers documentation and manages the Global Insider Threat Management Team collaboration SharePoint site.
• Manages the Global Insider Threat Management Team collaboration OneDrive and Microsoft Team Channel.
• Organizes and facilitates cross-function insider threat project alignment with all applicable stakeholders to accomplish common goals.
• To assist with managing the pen test lifecycle from gathering requirements, working with the security researchers and engineers and filing the outcome of pen tests. Gathers all the information and statistics around pen tests and provides reporting. Works with the Vulnerability Management Team to file any outcome of the insider risk pen test assessments.
• Duties as assigned.
• Investigation and threat hunting skills
• Ability to work under pressure and handle multiple projects with tight deadlines across a global enterprise
• Self-motivated, detail oriented with analytical skills
• Good written and verbal communication skills, with the ability to convey complex technical information to non-technical stakeholders.
• High level of integrity and the ability to handle sensitive information with discretion
• Good interpersonal and group dynamic skills
• Strong collaborator and a team player
• Good ability to influence without explicit authority
• Willingness to participate in on-call rotations and respond to incidents outside of normal business hours if necessary.

Bring your VIBE:

• 3-5 years of experience in cybersecurity, information security, or a related field with a focus on insider threat analysis and investigation.
• Proven experience in digital forensics, incident response, or threat hunting.
• Hands-on investigation and threat hunting in SIEM (Security Information and Event Management), DLP (Data Loss Prevention), UEBA (User and Entity Behavior Analytics) and other relevant security technologies.
• Bachelor’s degree in Cybersecurity, Information Assurance, or related field.
• Experience with insider threat detection platforms like SIEM, DLP, and UEBA.
• Knowledge of relevant legal and regulatory requirements related to data protection and privacy.

#LI-remote

Perks Playlist:

• Be part of an entrepreneurial, global organization that values authenticity, drive, creativity, relationships, and a competitive spirit

• Comprehensive medical, dental, vision, and FSA options, as well as:

  • 100% coverage for out-patient mental health services

  • Wellbeing reimbursements for fitness classes, spa treatments, meal services, travel, and so much more (up to $720/year)

  • A lifetime fertility support allowance of $30,000 to plan participants

  • Student Loan Repayment Assistance and Tuition Reimbursement

  • 100% immediately vested 401(k) match on the first 5% of your contribution on eligible compensation

• Variety of ways to prioritize much-needed time away from work including:

  • Flexible Paid Time Off (PTO) for exempt employees

  • 3-weeks PTO for non-exempt employees

  • 2-weeks paid Winter Break

  • 10 Company Holidays (including Juneteenth and Wellbeing Day)

  • Summer Fridays (between Memorial Day and Labor Day)

  • Generous paid parental leave for every type of parent

Check out our full overview of benefits on the Perks Playlist page of the career site.

Disclaimer: This job description only provides an overview of job responsibilities that are subject to change.

Universal Music Group is an Equal Opportunity Employer

We are an E-Verify employer in Alabama, Arizona, Georgia, Mississippi, North Carolina, South Carolina, Tennessee, and Utah.

For more information, please click on the following links.

E-Verify Participation Poster: English / Spanish

E-Verify Right to Work Poster: English | Spanish

Job Category:

Technology

Salary Range:

$116,890 - $125,050

The actual base salary offered depends on a variety of factors, which may include, as applicable, the qualifications of the individual applicant for the position, years of relevant experience, specific and unique skills, level of education attained, certifications or other professional licenses held, and the location in which the applicant lives and/or from which they will be performing the job.  All candidates are encouraged to apply.