Director, Insider Threat

• Lead the insider threat program, including the development of standards, procedures, and processes to detect, prevent, and respond to insider threats
• Drive continuous improvement by integrating lessons learned, industry best practices, and emerging threat intelligence
• Utilize advanced detection tools, behavioral analytics, and security monitoring systems
• Collaborate with stakeholders across the firm to evaluate and address potential insider risks across systems, networks, and organizational processes
• Lead and manage investigations of suspected insider threat incidents, ensuring that investigations are thorough, timely, and conducted in accordance with legal and regulatory requirements
• Produce reports on insider threat risks, incidents, and mitigation efforts for executives to aid in their decision making
• Work with the intelligence team to develop threat modeling deliverables

Qualifications:

• 6-10 years of progressive experience in information security (cyber security) field, preferable in Security Operations, Incident Response, or Threat Intelligence roles
• 5 years of experience in Insider Threat
• Experience with insider threat detection tools (UEBA, DLP, SIEM) and knowledge of advanced threat intelligence techniques
• Knowledge of fundamentals of threat actors' TTPs and MITRE Telecommunication & CK Framework
• Understanding of security frameworks, incident response, and risk management practice
• Knowledge of relevant legal and regulatory considerations, including privacy laws an data protection requirements
• Excellent interpersonal and relationship management skills
• Bachelor's Degree in Cybersecurity studies, Computer Science, Intelligence Studies, International Relations, or related discipline
• Security certification such as CERT Insider Threat Program Manager (ITPM) Certificate (or equivalent) ideally or working towards certification (or equivalent)
• Experience with threat intelligence and SOC/CIRT interaction
• Splunk experience is highly preferred
• Expertise in managing complex investigations, coordinating with multiple departments, and resolving security incidents efficiently
• Strong written and verbal communication skills
• Ability to work on-site at least twice a week in New York and/or participate in local intelligence sharing groups
• Financial sector experience preferred