Training
Featured CourseView All Courses
Get a free hour of SANS training

Experience SANS training through course previews.

Learn More
Learning Paths
FeaturedView all Focus Areas
Cloud Security Training
Can't find what you are looking for?

Let us help.

Contact us
Resources
SANS Community Benefits

Connect, learn, and share with other cybersecurity professionals

CISO Network

Engage, challenge, and network with fellow CISOs in this exclusive community of security leaders

Join the SANS Community

Become a member for instant access to our free resources.

Sign Up
For Organizations
Public Sector

Mission-focused cybersecurity training for government, defense, and education

Partnerships

Explore industry-specific programming and customized training solutions

Sponsorship Opportunities

Sponsor a SANS event or research paper

Interested in developing a training plan to fit your organization’s needs?

We're here to help.

Contact Us
Talk with an expert
Talk with an expert

Insider Threat Analysis

Responsible for identifying and assessing the capabilities and activities of cybersecurity insider threats; produces findings to help initialize and support law enforcement and counterintelligence activities and investigations.

Jump to:

Insider Threat Analysts detect insider threats by analyzing behavioral patterns and correlating anomalous activities. They preserve digital evidence, provide intelligence, and coordinate strategic responses to protect critical assets.

What You'll Do

Behavioral Threat Detection

Detect insider threats by analyzing behavioral patterns, assessing anomalous activities, and identifying potential cybersecurity risks.

Evidence Network Intelligence

Collect and preserve digital evidence, perform detailed network analysis, and integrate intelligence from multiple cybersecurity sources.

Strategic Risk Coordination

Coordinate strategic risk mitigation responses, develop insider threat briefings, and advise internal and external cybersecurity partners.

Similar Roles

Threat Analysis (OPM 141)

NICE: Protection and Defense

Responsible for collecting, processing, analyzing, and disseminating cybersecurity threat assessments. Develops cybersecurity indicators to maintain awareness of the status of the highly dynamic operating environment.

Explore learning path

Digital Forensics (OPM 212)

NICE: Protection and Defense

Responsible for analyzing digital evidence from computer security incidents to derive useful information in support of system and network vulnerability mitigation.

Explore learning path

Cyber Resiliency

NICE: Protection and Defense

This Competency Area describes a learner’s capability related to architecting, designing, developing, implementing, and maintaining the trustworthiness of systems that use or are enabled by cyber resources in order to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises.

Explore learning path

Vulnerability Analysis (OPM 541)

NICE: Protection and Defense

Responsible for assessing systems and networks to identify deviations from acceptable configurations, enclave policy, or local policy. Measure effectiveness of defense-in-depth architecture against known vulnerabilities.

Explore learning path

Infrastructure Support (OPM 521)

NICE: Protection and Defense

Responsible for testing, implementing, deploying, maintaining, and administering infrastructure hardware and software for cybersecurity.

Explore learning path

Defensive Cybersecurity (OPM 511)

NICE: Protection and Defense

Responsible for analyzing data collected from various cybersecurity defense tools to mitigate risks.

Explore learning path

Incident Response (OPM 531)

NICE: Protection and Defense

Responsible for investigating, analyzing, and responding to network cybersecurity incidents.

Explore learning path

Need more guidance about cyber roles?

There are numerous different roles in cybersecurity and where you fit depends on your interest level. SANS New to Cyber offers courses, certifications, and free resources for anyone interested in getting started in cybersecurity.

Explore New to Cyber