Insider Threat & Cyber Investigations Specialist

See more jobs from AirBNB

4 months old

Apply Now

Airbnb was born in 2007 when two Hosts welcomed three guests to their San Francisco home, and has since grown to over 4 million Hosts who have welcomed more than 1 billion guest arrivals in almost every country across the globe. Every day, Hosts offer unique stays and experiences that make it possible for guests to connect with communities in a more authentic way.

The mission of the Airbnb Global Safety & Security (GSS) team is to ensure the safety and security of our Airfam as well as provide peace of mind for Airbnb’s global community through proactive security risk management.  You will work with seasoned professionals who have extensive experience developing, implementing and leading world class security programs, to include Global Security Operations, Global Security Intelligence Center, Law Enforcement Operations, Risk Intelligence, Trust & Safety Advisory Coalition, Executive Protection, Global Travel Risk Management, Global Special Events, and Global Threat Assessment Program. 

The Difference You Will Make

The Insider Threat & Cyber Investigations Specialist reports directly to the Insider Threat Prevention & Investigations Program Manager, and will be responsible for identifying and investigating potential threats against Airbnb and its workforce from internal and external actors, and operationalising strategies to mitigate those threats to protect Airbnb’s workforce, assets and reputation.   

As an Insider Threat Prevention Investigator, you will have experience in:

  • Cybersecurity Principles: A solid understanding of platforms such as Windows, Mac OS, and Google OS. While not required to be a security engineer, you must be proficient in assessing event logs, authentication logs, and other security data.
  • Leading Investigations: Managing investigations from initiation to completion.
  • Interviewing: Conducting interviews with victims, witnesses, and suspects.
  • Stakeholder Engagement: Facilitating meetings with key stakeholders, including InfoSec, HR, Employee Relations, Legal, and Engineering.
  • Case Management: Handling cases end-to-end, ensuring thorough documentation and effective follow-through.

A typical day

  • Assess and investigate complex insider risk incidents and digital behaviours of concern, providing a thorough and mature investigative process from start to end.
  • Demonstrate an expert level of business acumen and employment legal considerations throughout your investigations due to complex 3rd party incidents
  • Develop and coordinate investigative plans using open source intelligence and technical tools to gather  and analyse evidence. 
  • Lead incident management coordination as an incident commander.
  • Conduct sensitive interviews of victims, witnesses and persons of interest during investigations, both virtually and in person.
  • Document investigative results in an articulate manner utilising case management software to ensure accurate reporting, tracking and documentation of workplace violence incidents and behaviors of concern through the entire lifecycle of the incident. 
  • Participant and partner with stakeholders to identify new opportunities and solutions that will aid in the mitigation of insider risks.
  • Conduct comprehensive after action reviews to identify and implement best practices and lessons learned. 
  • Develop and maintain relationships with multi-disciplinary teams comprised of Talent, Employee Relations, Legal, Cybersecurity and Technology, business leaders and external partners.
  • Develop and refine associated policies, procedures and other documentation that are in accordance with data privacy and legal requirements and expectations.
  • Provide program analytics and case management to enable the detection, identification, and assessment of concerning behaviours and develop strategies to mitigate risks identified.
  • Communicate complex insider risk threat issues in a way that is understandable to cross functional partners who may have limited experience in the field.

Your expertise

  • 8+ years of hands-on insider threat investigations experience in law enforcement, counterintelligence, or private sector industry equivalent. 
  • 4+ years in the domain of cybersecurity with specific experience in Insider risk remediation; coordinating projects and initiatives to close identified vulnerabilities with organisational leads and owners. 
  • Experience interviewing insider risk actors, witnesses and impacted individuals.
  • High competency with industry standards of workplace investigations, employment legal considerations, and practices related to the confidentiality and integrity of information.
  • Experience in insider threat incident triage, coordinating cross-functional response,  and performing investigations across both digital and human domains. 

Our Commitment To Inclusion & Belonging:

Airbnb is committed to working with the broadest talent pool possible. We believe diverse ideas foster innovation and engagement, and allow us to attract creatively-led people, and to develop the best products, services and solutions. All qualified individuals are encouraged to apply.