Junior Cyber Security Analyst

O projekcie: At Bayer we’re visionaries, driven to solve the world’s toughest challenges and striving for a world where 'Health for all Hunger for none’ is no longer a dream, but a real possibility. We’re doing it with energy, curiosity and sheer dedication, always learning from unique perspectives of those around us, expanding our thinking, growing our capabilities and redefining ‘impossible’. There are so many reasons to join us. If you’re hungry to build a varied and meaningful career in a community of brilliant and diverse minds to make a real difference, there’s only one choice. The Cyber Data Defense team at Bayer is seeking Junior Investigations Analyst to join our security team. This role is a cybersecurity professional supporting insider risk investigations operating under the Insider Risk Management Service. This role focuses on triaging, analyzing, and documenting insider risk-related indicators using established processes, tools, and playbooks. The analyst works closely with senior investigators, service owners, Legal, Data Privacy, Corporate Global Security, and other internal teams to support fact-based assessments of potential insider risk scenarios. This role operates under the guidance of experienced investigators, following defined procedures to analyze risk indicators, assess supporting evidence, and contribute to high‑quality, fact‑based investigative outcomes. Wymagania: - Bachelor’s degree in cybersecurity, information security, computer science, or a related field or equivalent practical/professional experience.- Exposure to monitoring or analysis tools such as SIEM platforms, DLP solutions, or endpoint security tooling – Microsoft Purview with Insider Risk Management (IRM) is preffered.- Familiarity with cybersecurity concepts such as logging, alerts, access controls, and data protection.- Ability to produce clear, factual, and well-structured documentation suitable for audit and governance review.- Demonstrated analytical thinking skills and attention to detail, with the ability to assess information, identify patterns or inconsistencies, and draw fact‑based conclusions.- Strong written and verbal communication skills, with the ability to clearly explain technical information and investigative findings to both technical and non‑technical audiences.- Ability to work effectively as part of a team, managing tasks and priorities in a collaborative and fast‑paced environment.- Sound professional judgment and ethical mindset when handling sensitive or confidential information. Preferred Qualifications: - Knowledge of cybersecurity or risk frameworks (e.g., NIST, ISO 27001)- Relevant security certifications or coursework- Experience working in regulated or privacy-sensitive environments- Experience working within an insider risk function Codzienne zadania: - Perform initial triage and analysis of insider risk-related alerts, cases, or referrals in accordance with approved procedures and playbooks. - Collect, preserve, and review relevant technical evidence (e.g., logs, alerts, system artifacts). - Apply established investigative techniques to identify risk indicators, patterns, or anomalies related to potential data misuse or policy violations. - Clearly document investigative findings in case management systems using standardized, audit-ready language. - Collaborate with senior investigators, service owners, and Cyber Defense teams to support ongoing investigations and follow-ups. - Support coordination with Legal, Data Privacy, Corporate Global Security, and other governance stakeholders by contributing accurate and timely technical inputs - Follow security, privacy, and evidence-handling standards to ensure defensible and compliant investigation support. - Contribute to continuous improvement by identifying gaps and improvement opportunities in investigation playbooks and workflows. - Build foundational competency in insider risk concepts, investigation methodologies, and relevant cyber defense tools. - Stay informed on basic cybersecurity threats, data protection risks, and insider risk use cases relevant to the service.