Overview Surveillance Investigator - Full Time Columbia, SC Area CoventBridge Group is growing—and we’re looking for experienced investigators to join our elite surveillance team. In this role, you’ll conduct discreet, vehicle-based field investigations to help uncover insurance fraud and deliver trusted results to our clients. As a leader in the fraud investigation industry, CoventBridge offers the opportunity to work remotely with flexible scheduling, advanced tools, and the support of a nationwide team. Responsibilities/ Requirements Key Responsibilities: - Case Prep: Use social media and database tools to conduct initial research and gather intel on subjects. - Surveillance in the Field: Carry out discreet, mobile and stationary surveillance—track movements and capture high-quality video evidence. - Reporting: Write thorough, court-ready reports that clearly document key activities and findings. - Evidence Submission: Wrap up each day by uploading reports and video footage from your personal laptop. - Team Collaboration: Stay connected with your field supervisor for ongoing support, guidance, and mentorship. Essentials for this Role: - PI License: Must currently hold—or be eligible to obtain—Private Investigator licenses in South Carolina. - Driver's License: Active driver's license that is not currently suspended or revoked. - Personal Vehicle: A well-maintained vehicle that is always reliable (preferably with tinted windows). Proof of auto insurance coverage is required. - Travel Expectations: While we aim to keep assignments within a reasonable drive of your residence, occasional further travel and overnight stays (covered by the company) may be required. - Technology: A reliable laptop, cell phone, and internet service are needed for communication and administrative tasks. - Required Skills: Strong computer & internet proficiency. Excellent communication, verbal & writing skills. Possess or is willing to purchase covert camera, digital video camera with uploading capabilities, and laptop computer with Windows Operating System with access to Microsoft Word Additional Responsibilities: Duties and responsibilities include essential functions of positions assigned to this classification. Depending on assignment, the employee may perform a combination of some or all the following duties: - Conduct Fixed and Mobile Video Surveillance: Capture high-quality video footage of subjects to assist in case investigations. - Gather Evidence: Obtain videotaped documentation, photos, and audio recordings as part of thorough surveillance. - Background and Activity Checks: Perform courthouse research, background checks, and monitor subject activities to build robust case reports. - Investigative Reporting: Draft clear, concise, and detailed investigative reports summarizing findings and evidence. - Evidence Management: Upload all video, photographic, and audio evidence into the case management system in a timely and organized manner. - Drive Safely and Responsibly: Remain alert and practice safe driving while traveling to and from investigation sites. Working Conditions: - Most surveillance cases start at 6:00AM. End time can vary depending on activity. - Weekends/holidays are common workdays as claimants are more likely to be active. - This is an independent role often requiring long hours alone in your vehicle, regardless of weather conditions. - Must remain alert with no external distractions, ready to use videography equipment to document subjects. Benefits Compensation & Perks That Work For You: We believe great work deserves great rewards. Here’s what you can expect when you join our team: Competitive Pay On-the-Road Support: - Monthly vehicle allowance - Company fuel card - Company-issued cell phone - Monthly internet stipend - Travel & report writing compensation - Fast, hassle-free expense reimbursements (minimal out-of-pocket costs) Full Coverage Benefits: - Medical, dental, and vision insurance - Employer-paid life insurance, short-term & long-term disability Future-Focused Perks: - Company-matching 401(k) to help you build for the future - Paid time off to recharge and reset - Company-paid investigator licensing fees Career Growth: - Ongoing paid training and advancement opportunities to help you grow your skills and your career About Us: CoventBridge Group is the global leader in full-service investigations providing: Surveillance, SIU and Compliance, Claims Investigation, Counter-Fraud Programs, Desktop Investigations, Social Media, Record Retrieval, Canvasses and Vendor Management programs. The company provides top tier data privacy and security practices, deploys robust case management technology customized to clients’ needs and delivers worldwide coverage via its 1000 employees and affiliates worldwide. CoventBridge Group is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, caste, disability, veteran status, and other legally protected characteristics and maintains a drug-free workplace. CoventBridge Group is committed to the full inclusion of all qualified individuals. As part of this commitment, CoventBridge will ensure that persons with disabilities are provided reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact: Human Resources; 888-932-7364; humanresources@coventbridge.com. At this time, CoventBridge is not considering candidates who require visa sponsorship, currently or in the future, including but not limited to H-1B, H-2B, E-3, TN, O-1, F-1 (OPT/CPT, or J-1 Visa Statuses.) CoventBridge (USA) Inc. South Carolina License # 2845

• Perform advanced investigations of complex alerts, correlating logs from multiple sources such as endpoints, firewalls, network devices, and cloud environments. • Manage the incident response lifecycle, from technical containment to recommending eradication measures. • Execute threat hunting activities, proactively searching for threats that did not trigger automated alerts. • Administer and configure next-generation firewalls (NGFW), including access control lists (ACLs), IPS/IDS policies, content filtering, and SSL inspection. • Manage endpoint protection platforms (EDR/XDR), including alert analysis, creation of exclusion policies, and performing remote scans. • Analyze security logs and events in SIEM tools, creating queries and dashboards to identify attack patterns. • Provide technical support to the Level 1 team, refining playbooks and correlation rules to reduce false positives. • Document incidents, investigations, evidence, and post-incident technical reports (post-mortems).

• Perform active monitoring of security events using SIEM platforms (such as Wazuh, Splunk, Microsoft Sentinel, or QRadar) and endpoint protection tools (EDR/XDR). • Analyze and triage alerts generated by security tools, identifying potential incidents and reducing false positives. • Execute initial containment actions according to defined security playbooks (e.g., host isolation or credential resets). • Log and document incidents and activities in ITSM ticketing systems, ensuring traceability and organized information. • Perform structured escalation of more complex incidents to N2 or N3 teams, ensuring the full investigation context is handed over. • Track operational detection and incident response metrics and indicators.

• Manage and operate the AlgoSec platform, including its main modules such as AFA (AlgoSec Firewall Analyzer), FireFlow, AppViz and CloudFlow. • Use AlgoSec for analysis and optimization of security policies, ensuring visibility and governance over rules and communication flows between applications. • Use features like AppViz to analyze connectivity between applications and map communication dependencies between systems and networks. • Support connectivity and security policy analysis in hybrid and cloud environments, utilizing features like CloudFlow. • Identify redundant, obsolete, or overly permissive rules and propose improvements to security policies. • Perform advanced troubleshooting related to network flows, inter-application communication, and protocol behavior across different network layers. • Build and maintain dashboards and data visualizations in Kibana to support monitoring, analysis, and event investigation activities. • Develop scripts and automations (Python, Bash, or similar) to support operational activities and security data analysis. • Document procedures, configurations, and infrastructure changes to ensure operational continuity.