Job Summary
At NiSource, our Enterprise Security department engineers sophisticated defenses to protect the critical cyber and operational infrastructure that powers our business. The Sr Cybersecurity Engineer – Insider Threat serves as a senior technical leader responsible for designing, engineering, and operationalizing capabilities that detect, prevent, and respond to insider risk across enterprise IT, cloud, and operational environments.
This role focuses on the identification of malicious, negligent, and compromised-user behaviors through advanced monitoring, analytics, behavioral detection, and data protection controls. The Sr Cybersecurity Engineer partners closely with Security Operations, HR, Legal, Compliance, Privacy, and Data Governance to ensure insider risk capabilities are technically sound, legally defensible, and aligned to regulatory obligations (e.g., NIST CSF, NERC CIP where applicable).
The engineer builds and sustains technical controls across identity systems, endpoint telemetry, DLP platforms, UEBA solutions, cloud environments, and security data platforms. This role is responsible for translating insider threat risk into actionable detection logic, automation, and engineered safeguards that protect intellectual property, customer data, and critical infrastructure.
This position plays a strategic role in enabling trusted workforce operations while reducing organizational risk through measurable, defensible insider threat detection and mitigation capabilities.
Key Disciplines for Insider Threat Engineering
User & Entity Behavior Analytics (UEBA): Designing behavioral baselines and anomaly detection models leveraging SIEM, XDR, and data lake platforms.
Data Loss Prevention (DLP) & Data Protection Engineering: Engineering and tuning controls across endpoint, cloud, email, collaboration platforms, and SaaS applications.
Identity & Access Risk Engineering: Advanced IAM integrations, privileged access monitoring, identity anomaly detection, and federation risk analysis.
Security Data Engineering & Analytics: Integrating telemetry from endpoints, identity providers, SaaS platforms, badge systems, and HR systems into unified detection pipelines.
Insider Threat Detection Engineering: Developing high-fidelity use cases aligned to insider kill chains (data staging, privilege abuse, exfiltration, policy violations).
Cloud & SaaS Monitoring: Engineering monitoring for M365, Azure, collaboration platforms, and other enterprise SaaS environments.
Forensics & Investigative Support: Engineering audit retention, chain-of-custody readiness, and evidence collection capabilities.
Automation & Response Orchestration: Building automated workflows for investigation, containment, and escalation.
Regulatory & Privacy-Aware Monitoring: Designing monitoring solutions that balance workforce privacy considerations with enterprise risk reduction.
AI/ML-Driven Risk Modeling: Leveraging advanced analytics to enhance anomaly detection, insider risk scoring, and alert prioritization.
Essential Functions
Develop and fine-tune security monitoring tools.
Engineer solutions for incident detection and response.
Implement patches and remediations.
Engineer secure network and system architectures.
Implement IAM solutions.
Automate compliance monitoring and reporting.
Integrate threat intelligence into security tools.
Develop training materials and simulations.
Implement cloud security controls and measures.
Analyze pen-testing results and engineer defenses.
Enforce policy adherence through technical solutions.
Pilot new security solutions.
Required Qualifications For Position
Bachelor's Degree in Computer Science, Information Technology, Cybersecurity, or a related field is preferred. However, equivalent professional experience, military service, relevant certifications, substantial industry tenure, or technical training may be considered as a substitute for formal education.
5+ years of experience in designing and implementing robust security solutions.
Experience with secure coding practices and Application Security.
Proficiency in Cybersecurity principles, IT infrastructure, and Application Security. High
Understanding of Network Security protocols, Cryptography, and secure network architectures. High
Familiarity with Cloud Security, including IaaS, PaaS, and SaaS models. High
Knowledge of Cybersecurity frameworks such as NIST CSF. Medium
Expertise in Penetration Testing and Ethical Hacking. Low
In-depth knowledge of developing secure network architectures and defense strategies. High
Expertise in secure software development lifecycle practices. Medium
Demonstrated leadership and team mentoring abilities. Medium
Preferred Additional Qualifications for Position
Advanced degrees or professional certifications such as CISSP, CISM, CEH, or equivalent.
Contributions to Cybersecurity research or thought leadership in industry forums.
Experience with AI and ML technologies in Cybersecurity.
Physical Demands
Standing - Occasionally
Walking - Occasionally
Sitting - Constantly
Lifting - Rarely
Carrying - Rarely
Pushing - Rarely
Pulling - Rarely
Climbing - Rarely
Balancing - Rarely
Stooping - Rarely
Kneeling - Rarely
Crouching - Rarely
Crawling - Rarely
Reaching - Rarely
Handling - Occasionally
Grasping - Occasionally
Feeling - Rarely
Talking - Constantly
Hearing - Constantly
Repetitive Motions - Frequently
Eye/Hand/Foot Coordination - Frequently
The preceding description is not designed to be a complete list of all duties and responsibilities required of the position.
As a public utility, NiSource is required to provide continuous service to customers at all times. To ensure we fulfill that obligation, employees may be required to work outside their normal work hours and perform tasks outside of their normal responsibilities in support of emergency operations.
Work Authorization
Authorized to work in the United States without requiring sponsorship.
Workplace Connection
Value inclusion within your day to day responsibilities by respecting others perspectives/convictions, engaging others opinions, creating a safe environment where people, ideas, and opinions are valued within your Team/Customers and external partners.
Respect the unique lived experiences within your Team/Customers and external work partners by valuing different world views, challenges, and cultures that represents all walks of life and all backgrounds.
Treat others with respect and consideration. Actively participate in creating and contributing to a positive work environment.
Equal Employment Opportunity
NiSource is committed to providing equal employment opportunities in each of its companies to all employees and applicants for employment without regard to race, color, religion, national origin or ancestry, veteran status, disability, gender, age, marital status, sexual orientation, gender identity, sex (including pregnancy, lactation, childbirth or related medical conditions), genetic information, citizenship status, or any protected group status as defined by law. Each employee is expected to abide by this principle.
By applying, you may be considered for other job opportunities.
ADA Accommodations
If you need a reasonable accommodation to participate in any part of the hiring process or to perform the essential functions of the position, please contact OneHR at OneHR@nisource.com or 1-888-640-3320
Safety Statement
Promote a safe work environment by actively participating in all aspects of our employee safety program. Report any unsafe conditions and take actions to prevent personal injuries. Support our interdependent safety culture by ensuring the safety of your co-workers. Stay focused on the task at hand and promote productivity through good work habits.
E-Verify
NiSource participates in the U.S. Department of Homeland Security’s E-Verify program. As part of this process, we provide the following notices to all job applicants: These documents inform you of your rights and responsibilities under U.S. law. You can view or download them using the links below:
Salary Range*:
$113,500.00 - $170,300.00*The salary offered to a candidate is based on several factors including but not limited to the candidate’s skills, job-related knowledge, and relevant experience, as well as internal pay equity.
Posting Start Date:
2026-03-19Posting End Date (if applicable):
2026-04-02