Engineer II - Insider Threat

Our team members are at the heart of everything we do. At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on that purpose. If you want to make a difference at the center of health, come join our innovative company and help us improve the lives of people and animals everywhere. Apply today!
Job Details
Position Summary:
The Engineer II, Insider Threat, is a mid-level technical role within the Cyber Defense organization responsible for monitoring, investigating, and responding to risks posed by malicious, negligent, or compromised insiders. This role conducts investigative analysis of user activity, escalates complex cases, and supports the development of detection and monitoring capabilities. The Engineer II will also play a key role in administering and tuning Data Loss Prevention (DLP) technologies, ensuring that sensitive data is safeguarded against unauthorized disclosure. The Engineer II will collaborate with Human Resources, Legal, Compliance, and Corporate Security on sensitive investigations and contribute to the continuous improvement of the insider threat program.
Primary Duties and Responsibilities

• Monitor and analyze user activity logs, alerts, and behavioral indicators to identify potential insider threats.
• Conduct investigations into moderate-complexity insider threat cases, including data misuse, exfiltration, fraud, and policy violations.
• Administer, monitor, and tune Data Loss Prevention (DLP) technologies to detect and prevent unauthorized movement of sensitive data.
• Investigate and respond to DLP alerts, escalating incidents when necessary with clear documentation and supporting evidence.
• Support the development and refinement of insider threat detection rules, analytics, and use cases.
• Contribute to the creation and improvement of playbooks and investigative workflows, including DLP-related scenarios.
• Collaborate with HR, Legal, and Corporate Security to ensure coordinated responses to insider incidents.
• Document findings and prepare clear reports for management and other stakeholders.
• Share knowledge with Engineer I analysts and contribute to team training efforts.
• Participate in awareness and deterrence initiatives by providing technical input to educational campaigns

Education and Qualifications

• Bachelor's degree in Cybersecurity, Computer Science, Information Systems, Behavioral Science, or equivalent work experience.
• Knowledge of insider threat detection methodologies, user activity monitoring, DLP, and investigative practices.
• Familiarity with privacy, compliance, and employment standards (e.g., GDPR, HIPAA, SOX, CCPA).

Preferred Certifications

• Certified Insider Threat Program Manager (CITPM) or Certified Insider Threat Vulnerability Assessor (CITVA)
• GIAC Cyber Threat Intelligence (GCTI)
• CompTIA Security+ or CySA+
• Certified Ethical Hacker (CEH)

Work Experience

• 3-5 years of progressive experience in cybersecurity, investigations, or risk management, with at least 1-2 years dedicated to insider threat or DLP operations.
• Hands-on experience with insider threat monitoring platforms, behavioral analytics, and DLP tools.
• Demonstrated ability to handle confidential investigations with discretion.
• Strong communication and writing skills for documenting findings and Briefing Stakeholders.

What Cencora offers
We provide compensation, benefits, and resources that enable a highly inclusive culture and support our team members' ability to live with purpose every day. In addition to traditional offerings like medical, dental, and vision care, we also provide a comprehensive suite of benefits that focus on the physical, emotional, financial, and social aspects of wellness. This encompasses support for working families, which may include backup dependent care, adoption assistance, infertility coverage, family building support, behavioral health solutions, paid parental leave, and paid caregiver leave. To encourage your personal growth, we also offer a variety of training programs, professional development resources, and opportunities to participate in mentorship programs, employee resource groups, volunteer activities, and much more. For details, visit https://www.virtualfairhub.com/cencora
Full time
Equal Employment Opportunity
Cencora is committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status or membership in any other class protected by federal, state or local law.
The company's continued success depends on the full and effective utilization of qualified individuals. Therefore, harassment is prohibited and all matters related to recruiting, training, compensation, benefits, promotions and transfers comply with equal opportunity principles and are non-discriminatory.
Cencora is committed to providing reasonable accommodations to individuals with disabilities during the employment process which are consistent with legal requirements. If you wish to request an accommodation while seeking employment, please call 888.692.2272 or email [email protected]. We will make accommodation determinations on a request-by-request basis. Messages and emails regarding anything other than accommodations requests will not be returned
Affiliated Companies
Affiliated Companies: AmerisourceBergen Services Corporation