Insider Risk Subject Matter Expert / Program Manager III
Responsibilities
• Develop and implement Insider Risk Management (IRM) strategies as a SME and Program Manager. This involves creating policies, procedures, and frameworks to proactively address insider risk.
• Leverage Artificial Intelligence (AI), focused on designing, implementing, and managing programs that proactively identify, assess, and mitigate insider threats using AI-powered tools and techniques to analyze user activity and behavior.
• Build strong relationships across business lines and with technical partners to develop and implement AI-driven insider risk solutions and effectively communicate findings and risks to senior leadership.
• Initiate, supervise, and/or develop requirements from a project’s inception to conclusion for complex to extremely complex programs; and provide strategic and expert advice and technical guidance, to program and project staff.
• Conduct risk assessments, identifying critical assets, evaluating potential vulnerabilities, and prioritizing risks based on their potential impact and likelihood.
• Lead and coordinate cross-functional team operations, including analysts, engineers, and other team members, to ensure cohesive execution of the insider risk mission.
• Serve as the primary escalation point for complex or high-risk insider cases in the absence of other team leads, triaging events, and briefing leadership on threat posture, findings, and recommended actions.
• Oversee the development and refinement of insider threat detection frameworks, ensuring alignment with organizational risk tolerance, policies, and evolving threats.
• Provides detailed analysis, evaluation and recommendations for improvements, optimization development, and/or maintenance efforts for client-specific or mission critical challenges/issues; and consults with client to define needs or challenges.
• Represent the IRO team in meetings, working groups, and leadership briefings, translating operational findings into executive-level insights.
• Program Manager must be specific to the Insider Risk
Technical Skills
• Insider Risk expertise.
• Utilize AI-powered platforms like User and Entity Behavior Analytics (UEBA) to identify anomalous activities and patterns indicative of insider threats.
• Develop and optimize AI models to refine detection capabilities by leading the creation and tuning rules, alerts, and risk scoring models to enhance efficiency and accuracy.
• Proven leadership ability to direct multidisciplinary teams and coordinate investigative, analytical, and technical workflows under pressure.
• Knowledge of cyber telemetry and insider risk indicators, including behavioral analysis, digital forensics, UEBA, DLP, and SIEM.
• Excellent communication and executive briefing skills, with the ability to synthesize complex data into actionable insights for senior leadership.
• Familiarity with legal, ethical, and privacy considerations in insider monitoring and response, including how to manage cases involving personnel and protected data.
• Experience in developing operational playbooks, escalation protocols, and incident handling processes insider threat or equivalent environments.
• Ensure compliance and promote awareness for AI/ML. Develop and deliver training to educate employees about security policies and best practices
Preferred Qualifications
• A degree from an accredited College/University in the applicable field of services is required. If the individual’s degree is not in the applicable field then four additional years of related experience is required.
• 8+ years of experience with a strong understanding of cybersecurity fundamentals, network and endpoint security, and various security tools and technologies.
• Graduate certificates, specifically in Insider Risk Management and Mitigation to provide in-depth expertise in understanding, investigating, and managing insider threats.
• Knowledge of AI/ML concepts, algorithms, and applications in insider threat detection, including supervised and unsupervised learning, deep learning, and anomaly detection.
• Need a blend of technical and leadership expertise, analytical capabilities, and hard skills to navigate the complex world of AI-driven insider threat detection and prevention.
• Hands-on experience in insider threat analysis.
