Insider Threat Prevention Investigator (Remote)
Job Description
Airbnb was born in 2007 when two Hosts welcomed three guests to their San Francisco home, and has since grown to over 4 million Hosts who have welcomed more than 1 billion guest arrivals in almost every country across the globe. Every day, Hosts offer unique stays and experiences that make it possible for guests to connect with communities in a more authentic way. The mission of the Airbnb Global Safety & Security (GSS) team is to ensure the safety and security of our Airfam as well as provide peace of mind for Airbnb’s global community through proactive security risk management. You will work with seasoned professionals who have extensive experience developing, implementing and leading world class security programs, to include Global Security Operations, Global Security Intelligence Center, Law Enforcement Operations, Risk Intelligence, Trust & Safety Advisory Coalition, Executive Protection, Global Travel Risk Management, Global Special Events, and Global Threat Assessment Program. The Difference You Will Make
The Insider Threat Prevention Investigator reports directly to the Insider Threat Prevention & Investigations Program Manager, and will be responsible for identifying and investigating potential threats against Airbnb and its workforce from internal and external actors, and operationalizing strategies to mitigate those threats to protect Airbnb’s workforce, assets and reputation. As an Insider Threat Prevention Investigator, you will have experience in:
- Cybersecurity Principles: A solid understanding of platforms such as Windows, Mac OS, and Google OS. While not required to be a security engineer, you must be proficient in assessing event logs, dual authentication logs, and other security data.
- Leading Investigations: Managing investigations from initiation to completion.
- Interviewing: Conducting interviews with victims, witnesses, and suspects.
- Stakeholder Engagement: Facilitating meetings with key stakeholders, including InfoSec, HR, Employee Relations, Legal, and Engineering.
- Case Management: Handling cases end-to-end, ensuring thorough documentation and effective follow-through.
A typical day
- Identify, assess, and investigate insider risk incidents and behaviors of concern, providing mitigation recommendations for highly complex problems.
- Develop and coordinate investigative plans using open source intelligence and technical tools to gather and analyze evidence.
- Lead incident management coordination as an incident commander.
- Conduct sensitive interviews of victims, witnesses and persons of interest during investigations, both virtually and in person.
- Document investigative results in an articulate manner utilizing case management software to ensure accurate reporting, tracking and documentation of workplace violence incidents and behaviors of concern through the entire lifecycle of the incident.
- Participant and partner with stakeholders to identify new opportunities and solutions that will aid in the mitigation of insider risks.
- Conduct comprehensive after action reviews to identify and implement best practices and lessons learned.
- Develop and maintain relationships with multi-disciplinary teams comprised of Talent, Employee Relations, Legal, Cybersecurity and Technology, business leaders and external partners.
- Develop and refine associated policies, procedures and other documentation that are in accordance with data privacy and legal requirements and expectations.
- Provide program analytics and case management to enable the detection, identification, and assessment of concerning behaviors and develop strategies to mitigate risks identified.
- Communicate complex insider risk threat issues in a way that is understandable to cross functional partners who may have limited experience in the field.
Your expertise
- 8+ years of hands-on insider threat investigations experience in law enforcement, counterintelligence, or private sector industry equivalent.
- 4+ years experience in Industry supporting an insider risk mitigation and remediation; conducting complex coordination of projects and initiatives to close identified vulnerabilities with organizational leads and owners.
- Experience interviewing insider risk actors, witnesses and impacted individuals.
- High competency with industry standards of workplace investigations, employment legal considerations, and practices related to the confidentiality and integrity of information.
- Experience in insider threat incident triage, coordinating cross-functional response, and performing investigations across both digital and human domains.
Our Commitment To Inclusion & Belonging
Airbnb is committed to working with the broadest talent pool possible. We believe diverse ideas foster innovation and engagement, and allow us to attract creatively-led people, and to develop the best products, services and solutions. All qualified individuals are encouraged to apply.