Security Engineer - Insider Threat Detection

Location Details: India, Remote

At GoDaddy the future of work looks different for each team. Some teams work in the office full-time; others have a hybrid arrangement (they work remotely some days and in the office some days) and some work entirely remotely.​

This is a remote position, so you’ll be working remotely from your home. You may occasionally visit a GoDaddy office to meet with your team for events or meetings.

Join Our Team...

GoDaddy is looking for an Insider Threat Security Engineer to join our growing security team. This role focuses on technical investigation, behavioral detection development, and proactive monitoring to identify and mitigate insider risk across the enterprise. You will be part of a dynamic and collaborative environment where innovation and continuous learning are encouraged. You will have the opportunity to work alongside highly skilled professionals across Security Operations, Legal, HR, and Privacy teams — engaging in knowledge sharing that will further enhance your professional growth and development.

Your expertise in security investigations and behavioral analytics will enable us to protect our organization's most sensitive assets and ensure the integrity of our information systems!

What you'll get to do...

• Develop and refine insider threat detections using log analytics and behavioral data to build a flawless security environment

• Monitor for data exfiltration, privilege misuse, policy violations, and unusual user behavior to keep our systems highly secure

• Use SIEM (Splunk preferred), endpoint telemetry (SentinelOne preferred), and data governance platforms (Microsoft Purview preferred) to detect suspicious activity

• Build detection logic for USB transfers, cloud uploads, mass file access, and identity misuse scenarios

• Support the development of risk scoring models and behavioral analytics refinements

• Conduct structured insider threat investigations using endpoint, identity, cloud, and collaboration platform telemetry

• Correlate evidence across multiple data sources to establish timelines and assess risk

• Produce investigation summaries suitable for Legal, HR, and executive collaborators

• Support chain-of-custody documentation and evidence preservation guidelines

• Advance high-risk findings in accordance with detailed procedures

• Partner with SOC, Detection Engineering, CTI, HR, Legal, and Privacy teams during active security incidents

• Assist in identifying control gaps and recommending improvements to monitoring capabilities

• Contribute to development and refinement of insider threat playbooks and SOPs

• Support monitoring of sensitive data activity using Microsoft Purview and related tooling

• Assist in tuning DLP policies and reviewing alert efficiency

Your experience should include...

• 2+ years of direct and detailed experience in information security investigations, incident response, SOC operations, or related cybersecurity roles

• Experience working with SIEM platforms (Splunk preferred)

• Experience interpreting endpoint telemetry (SentinelOne preferred or a comparable EDR)

• Experience working with data governance or data loss prevention tools (Microsoft Purview preferred)

• Strong understanding of Windows, macOS, and enterprise authentication systems

• Experience examining data exfiltration, privilege misuse, or account compromise

• Ability to write and tune log queries for investigation and detection use cases

• Strong analytical and documentation skills

You might also have...

• Experience building behavioral detections or supporting UEBA use cases

• Familiarity with identity lifecycle monitoring and access control auditing

• Experience working in highly regulated or enterprise environments

• Exposure to insider threat program development or risk scoring methodologies

• Industry certifications (GCTI, GCIA, Security+, etc.)

• Ability to manage sensitive investigations with discretion and integrity

• Strong written and verbal communication skills

• Capacity to operate autonomously in a remote setting

• Strong prioritization skills in fast-paced situations

• Collaborative approach and ability to work across technical and non-technical teams

We've got your back...  We offer a range of total rewards that may include paid time off, retirement savings (e.g., 401k, pension schemes), bonus/incentive eligibility, equity grants, participation in our employee stock purchase plan, competitive health benefits, and other family-friendly benefits including parental leave. GoDaddy’s benefits vary based on individual role and location and can be reviewed in more detail during the interview process.

We also embrace our diverse culture and offer a range of Employee Resource Groups (Culture). Have a side hustle? No problem. We love entrepreneurs! Most importantly, come as you are and make your own way.

About us... GoDaddy is empowering everyday entrepreneurs around the world by providing the help and tools to succeed online, making opportunity more inclusive for all. GoDaddy is the place people come to name their idea, build a professional website, attract customers, sell their products and services, and manage their work. Our mission is to give our customers the tools, insights, and people to transform their ideas and personal initiative into success. To learn more about the company, visit About Us.

At GoDaddy, we know diverse teams build better products—period. Our people and culture reflect and celebrate that sense of diversity and inclusion in ideas, experiences and perspectives. But we also know that’s not enough to build true equity and belonging in our communities. That’s why we prioritize integrating diversity, equity, inclusion and belonging principles into the core of how we work every day—focusing not only on our employee experience, but also our customer experience and operations. It’s the best way to serve our mission of empowering entrepreneurs everywhere, and making opportunity more inclusive for all. To read more about these commitments, as well as our representation and pay equity data, check out our Diversity and Pay Parity annual report which can be found on our Diversity Careers page.

GoDaddy is proud to be an equal opportunity employer. GoDaddy will consider for employment qualified applicants with criminal histories in a manner consistent with local and federal requirements. Refer to our full EEO policy.

Our recruiting team is available to assist you in completing your application. If they could be helpful, please reach out to [email protected].

GoDaddy doesn’t accept unsolicited resumes from recruiters or employment agencies.