Senior Trust and Safety Investigator, Nation-State Threats

LinkedIn is the world’s largest professional network, built to create economic opportunity for every member of the global workforce. Our products help people make powerful connections, discover exciting opportunities, build necessary skills, and gain valuable insights every day. We’re also committed to providing transformational opportunities for our own employees by investing in their growth. We aspire to create a culture that’s built on trust, care, inclusion, and fun – where everyone can succeed.

Join us to transform the way the world works.

At LinkedIn, our approach to flexible work is centered on trust and optimized for culture, connection, clarity, and the evolving needs of our business. The work location of this role is hybrid, meaning it will be performed both from home and from a LinkedIn office on select days, as determined by the business needs of the team.

This role can be hybrid in LinkedIn’s Sunnyvale, New York City, Washington DC, or Omaha office locations.

This role is for a Senior Trust and Safety Investigator supporting the investigation and disruption of state-sponsored threats through sophisticated data exploitation and manipulation, innovating and building complex detection logic, and piloting innovative use of artificial intelligence in our workflows. This role will work collaboratively across the team, gain familiarity with varied and dynamic threat actor accounts, and advance our disruption efforts to achieve measurable gains against high harm abuse of the platform. 

Our Trust Investigators play a key role in protecting LinkedIn’s members and our platform from outside threats; we are looking for a self-starter who takes ownership over their work and enjoys being part of a fast-paced, collaborative team that values results.

Responsibilities: 

• Investigate potential abuse of the platform by state-sponsored threat actors.

• Lead the team’s development of scalable and automated detection workflows that can keep pace with evolving threat actor signals and behaviors.

• Analyze large and complex datasets to identify emerging threat patterns and adversary behaviors. 

• Investigate artifacts of abuse (e.g., indicators of compromise, malicious infrastructure, behavior patterns) to inform detection strategies across all threat actor portfolios.

• Operationalize new detection methods or analytic findings through threat intel delivery, and collaboration across Trust Investigations and with XFN

• Collaborate with fellow investigators, and partners in Engineering and Product to ensure that our threat actor detection and measurement capabilities are aligned with Trust goals.

• Help foster relationships with external partners who help strengthen our insights into threat actors.

• Contribute to threat hunting and incident response, as appropriate.

Basic Qualifications:

• BA/BS Degree in Cybersecurity, Computer Science, Information Technology, or related technical discipline, or equivalent practical experience.

• 3+ years of professional experience conducting investigations relating to state-sponsored threats or platform abuse

• Experience managing complex, technical investigations

• Experience translating threat actor insights into behavior detection logic using Python

• Experience writing SQL queries

• Experience analyzing threat actor signals and behaviors and deriving relevant insights for cross-functional partners.

Preferred Qualifications:

• Master’s or PhD in Cybersecurity, Computer Science, Information Technology, or related technical discipline

• 5+ years of professional experience conducting investigations relating to state-sponsored threats or platform abuse within a trust and safety, social media, or online platform.

• Experience in Python for data manipulation, automation, and scripting 

• Experience using Pandas and Jupyter for data analysis

• Experience creating or using AI agents in investigative workflows

• Experience applying statistical methods to identify patterns, anomalies, and trends 

• Experience building YARA rules

• Experience using Tableau, PowerBI or similar tools for data visualization.

Suggested Skills:

• Trust Investigations

• State-sponsored threat investigations

• Platform Abuse Prevention

You will Benefit from our Culture

We strongly believe in the well-being of our employees and their families. That is why we offer generous health and wellness programs and time away for employees of all levels. LinkedIn is committed to fair and equitable compensation practices. The pay range for this role is $133,000 - $216,000. Actual compensation packages are based on a wide array of factors unique to each candidate, including but not limited to skill set, years & depth of experience, certifications and specific office location. This may differ in other locations due to cost of labor considerations. The total compensation package for this position may also include annual performance bonus, stock, benefits and/or other applicable incentive compensation plans. For additional information, visit: https://careers.linkedin.com/benefits

Equal Opportunity Statement 

We seek candidates with a wide range of perspectives and backgrounds and we are proud to be an equal opportunity employer. LinkedIn considers qualified applicants without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, marital status, pregnancy, sex, gender expression or identity, sexual orientation, citizenship, or any other legally protected class.

LinkedIn is committed to offering an inclusive and accessible experience for all job seekers, including individuals with disabilities. Our goal is to foster an inclusive and accessible workplace where everyone has the opportunity to be successful.

If you need a reasonable accommodation to search for a job opening, apply for a position, or participate in the interview process, connect with us at [email protected] and describe the specific accommodation requested for a disability-related limitation.

Reasonable accommodations are modifications or adjustments to the application or hiring process that would enable you to fully participate in that process. Examples of reasonable accommodations include but are not limited to:

• Documents in alternate formats or read aloud to you
• Having interviews in an accessible location
• Being accompanied by a service dog
• Having a sign language interpreter present for the interview

A request for an accommodation will be responded to within three business days. However, non-disability related requests, such as following up on an application, will not receive a response.

LinkedIn will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by LinkedIn, or (c) consistent with LinkedIn's legal duty to furnish information.

San Francisco Fair Chance Ordinance ​

Pursuant to the San Francisco Fair Chance Ordinance, LinkedIn will consider for employment qualified applicants with arrest and conviction records.

Pay Transparency Policy Statement ​

As a federal contractor, LinkedIn follows the Pay Transparency and non-discrimination provisions described at this link: https://lnkd.in/paytransparency.

Global Data Privacy Notice for Job Candidates ​

Please follow this link to access the document that provides transparency around the way in which LinkedIn handles personal data of employees and job applicants: https://legal.linkedin.com/candidate-portal.