EXPECTATIONS AND TASKS
- Coordinate development and execution of the Insider Threat Program across key stakeholders including Cyber Security (Defense and IR), Human Resources, Legal, Security Risk & Compliance
- Leverage corporate and industry frameworks to structure Insider the insider risk framework and program
- Develop a strategy to govern Insider Threats across the company working closely with the Intelligence, Threat, and Crisis Management, Cyber Threat Intelligence, Corporate Security Investigations, and various domain owners.
- Assess processes, controls, technologies, metrics, and reporting used for Insider Risk.
- Engage with various security and control teams understand the control environment, both procedural and technical
- Partner closely with programs on Insider Risk, Strategic Threats, Workplace Violence, and key stakeholders
- Collaborate on the build and implementation of processes and technologies to detect high-risk insider activities that are accidental or malicious in nature
- Develops mechanisms to monitor and test the effectiveness of insider risk solutions and associated analytical models
- Work to identify and implement opportunities for continuous program improvement.
- Liaison with external industry resources (e.g., law enforcement, government, emergency responders, industry peers & associations, etc.)
REQUIRED EDUCATION AND QUALIFICATIONS / SKILLS AND COMPETENCIES
- BS/BA Degree preferred
- 10+ years’ proven experience in program management and development of an Insider Threat/Risk Program
- Extensive knowledge of governance and risk management frameworks
- Demonstrated technical acumen and extensive experience in and knowledge of cybersecurity architecture, controls, and operations.
- Skills Required: Requires seven (7) years of experience in the following: Security Architecture; Financial Services; Security Operations; Security Monitoring; Security Incident Response; Cyber Forensics; Vulnerability Management; Desktop and Server Security; Network Security; Perimeter Security; Data Security; Cloud and Third-Party Security; and working with regulators.
- 10+ years’ proven experience in risk and security fields - e.g., cyber security, physical security, human threat detection, insider threat, behavior analytics, counterintelligence
- Knowledge of compliance, conduct, and operational risk management frameworks and processes; ability to anticipate and identify risks and effective mitigants
ADDITIONAL INFORMATION
- This position requires travel globally
- This position requires positive partnership skills, effective communications, and positive human relations in business capabilities
- This position must be able to perform the full range of strategic business planning objectives, procedure and business analytics capabilities
- Strong organizational, project management, and multi-tasking skills with demonstrated ability to manage expectations and deliver results
- The selected candidate must maintain all applicable licenses and certifications as required
We win with inclusion
PhiladelphiaJob Segment:Cyber Security, Testing, Compliance, ERP, Cloud, Security, Technology, Legal