Remote Risk Data Analyst Jobs

Peraton is seeking an Insider Risk & Data Protection Engineer to join the Insider Risk and Data Protection (IR/DLP) Team within Corporate Security Compliance & Risk. This is an individual contributor role focused on the day-to-day technical execution of the enterprise Data Loss Prevention (DLP) program, digital activity reviews, and response to data spills and compromises involving Controlled Unclassified Information (CUI) and other sensitive data.

The analyst will work closely with the IR/DLP team, Cybersecurity, Legal, HR, Privacy, and program security stakeholders to detect, investigate, and remediate insider risk and data protection events. Ideal candidates are technically hands-on, detail-oriented, exercise strong discretion, and are comfortable operating defensible investigative processes in a regulated government-contracting environment.

Responsibilities

DLP Administration & Program Expansion

• Administer, tune, and expand coverage of the enterprise DLP platform(s) across endpoint, email, network, cloud, and SaaS channels.

• Build, test, and refine DLP policies, rules, classifications, and detection use cases aligned to insider risk scenarios and regulatory drivers (CUI, DFARS, ITAR/EAR, PII, IP).

• Triage DLP alerts, reduce false positives, and continuously improve alert fidelity and analyst workflow.

• Support onboarding of new data sources, business units, and telemetry feeds into the DLP and user activity monitoring stack.

• Document standard operating procedures, runbooks, and configuration baselines for the DLP program.

Digital Activity Reviews

• Conduct digital activity reviews of user behavior, data movement, and endpoint activity in support of insider risk inquiries, HR referrals, Legal holds, and management-requested reviews.

• Correlate activity across DLP, EDR, SIEM, identity, email, and cloud audit logs to build clear, fact-based timelines.

• Produce concise written findings appropriate for HR, Legal, and security leadership audiences.

• Maintain defensible documentation, chain-of-custody, and evidence-handling practices throughout each review.

Data Spill & Compromise Response (CUI / DFARS 252.204-7012)

• Serve as a primary responder for data spills and suspected compromises involving CUI, export-controlled, proprietary, or other sensitive data.

• Execute containment, eradication, and sanitization actions in accordance with DFARS 252.204-7012, NIST SP 800-171, and Peraton internal incident response procedures.

• Coordinate notifications and reporting obligations (e.g., DoD Cyber Crime Center / DC3 reporting timelines, customer notifications) with Legal, Contracts, Program Security, and the CSOC.

• Maintain incident records, lessons-learned, and after-action reporting; recommend control improvements to prevent recurrence.

Collaboration & Continuous Improvement

• Partner with the CSOC, IT Operations, Privacy, Legal, HR, and Program Security on cross-functional investigations and response actions.

• Contribute to development of insider risk policies, standards, awareness content, and training.

• Support data analytics, automation, and scripting initiatives that improve investigative efficiency and metrics.

• Provide periodic reporting on DLP, digital activity review, and data spill metrics to IRDP leadership.

• Periodic on-call responsibilities in support of after-hours data spill and insider risk events.

• 8+ years of relevant experience with a Bachelor's degree in Cybersecurity, Information Systems, Intelligence, Criminal Justice, or related field
• 12+ years of relevant experience may be considered in lieu of degree.
• Minimum 5 years of combined experience across DLP administration, insider risk / user activity monitoring, digital forensics, or cybersecurity incident response.
• Minimum 3 years hands-on experience administering an enterprise DLP platform (e.g., Microsoft Purview, Symantec/Broadcom DLP, Forcepoint, Zscaler, Netskope, or equivalent), including policy authoring and tuning.
• Demonstrated experience conducting digital activity reviews or insider-risk investigations, including correlating data across endpoint, email, network, and cloud sources.
• Working knowledge of CUI handling requirements, DFARS 252.204-7012, and NIST SP 800-171.
• Basic proficiency with at least one scripting language (Python, PowerShell, KQL, SPL, or equivalent) for log analysis, automation, or data wrangling.
• Strong written and verbal communication skills, including the ability to translate technical findings into clear, audience-appropriate narratives for HR, Legal, and leadership.
• Strong attention to detail, sound judgment, discretion, and professional demeanor when handling sensitive matters.
• US Citizenship required.
• Ability to obtain a Top Secret security clearance.
• Ability to attend in-person meetings on occasion in Reston, VA.

Preferred Qualifications

• Experience supporting cybersecurity operations within a government contractor, DoD, or other regulated environment.
• Hands-on experience with EDR (e.g., CrowdStrike, Defender for Endpoint, SentinelOne) and SIEM (e.g., Splunk, Sentinel) for investigative workflows.
• Experience with insider risk platforms or UAM tools (e.g., Microsoft Purview Insider Risk Management, DTEX, Proofpoint ITM, Everfox/Forcepoint Insider Threat).
• Familiarity with digital forensics fundamentals (disk, memory, network, and cloud artifacts) and chain-of-custody practices.
• Experience reporting cyber incidents to DC3/DCISE or supporting customer cyber incident notifications.
• Relevant certifications such as GCFE, GCFA, GCIH, GCIA, CFE, CCFP, CISSP, CISM, or vendor-specific DLP/EDR certifications.

Key Success Traits

• Technically curious and operationally pragmatic — comfortable both tuning a policy and writing up an investigation.
• Strong judgment and discretion when handling sensitive personnel and data matters.
• Collaborative; works well across Cyber, Legal, HR, Privacy, and Program Security.
• Calm and methodical under time pressure, particularly during data spill response.
• Comfortable operating in ambiguous or evolving environments.

Target Salary Range: $104,000 - $166,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.

Benefits Statement: Peraton offers eligible employees a variety of benefits including medical, dental, vision, life, health savings account, short/long term disability, EAP, parental leave, 401(k), paid time off (PTO) for vacation, and company paid holidays. A full listing of available benefits can be viewed at https://www.careers.peraton.com/benefits.

Application Statements: The application period for the job is estimated to be 30 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates. By applying to this job, you are expressing interest in the role and the Company. During the review of your application, you may be required to participate in an on-camera interview, as well as participate in a process to verify your identity.