Director, Cyber Defense & Response - Insider Risk

About The Position

Requirements

• Bachelor’s degree in Information Security, Computer Science, Cybersecurity, Psychology, Criminal Justice, or a related field preferred.
• 8+ years of experience in cybersecurity, insider risk, threat management, digital investigations, or incident response, with at least 3 years focused on insider risk or internal threat detection.
• Demonstrated experience leading teams and managing enterprise or global programs.
• Strong understanding of insider risk frameworks and multidisciplinary program models.
• Experience working in cross-functional environments with Human Resources, Legal, Privacy, Compliance, and Risk Management.
• Strong knowledge of insider risk detection methods, behavioral indicators, and investigative techniques used to identify and assess internal threats.
• Hands-on experience with security monitoring and analytics technologies such as SIEM, User and Entity Behavior Analytics (UEBA/UBA), Data Loss Prevention (DLP), and Endpoint Detection and Response (EDR) platforms.
• Familiarity with regulatory requirements and industry security frameworks (e.g., NIST, ISO 27001, Cybersecurity Framework) and their application to insider risk monitoring and investigations.
• Excellent communication and stakeholder engagement skills, with the ability to translate complex technical and behavioral risk insights for senior leadership.
• Demonstrated ability to handle sensitive insider-related investigations and confidential information with discretion and sound judgment.
• Strong analytical and critical thinking skills, with the ability to evaluate complex behavioral and technical indicators to assess insider risk scenarios.
• Business acumen and the ability to make risk-based decisions that balance security, legal, privacy, and operational considerations.
• Commitment to continuous learning and professional development to remain current with evolving cyber security threats, investigative practices, and technologies.

Nice To Haves

• GIAC Certified Forensic Analyst (GCFA)
• GIAC Cloud Forensics Responder (GCFR)
• Certified Insider Threat Program Manager (CITPM)
• AWS Security Specialty

Responsibilities

• Lead the global Insider Risk Program, establishing and continuously evolving operating procedures aligned with enterprise practices and standards.
• Build, mentor, and manage a team of insider risk analysts responsible for monitoring, investigations, and case management.
• Establish investigative standards, playbooks, and procedures to ensure insider risk events are handled consistently, lawfully, and with appropriate confidentiality.
• Coordinate insider risk activities across Security, HR, Legal, Privacy, Compliance, and Enterprise Risk Management to ensure cross-functional case handling.
• Oversee insider risk detection capabilities, including behavioral analytics, endpoint monitoring, and relevant security telemetry.
• Partner with technology teams to evaluate, implement, and optimize insider risk detection tools and analytics platforms.
• Lead the triage, investigation, and response to insider risk incidents, ensuring proper evidence handling and documentation.
• Conduct insider risk assessments and analyze behavioral indicators to identify potential internal threats and organizational control gaps.
• Partner with Security Awareness to develop targeted education and prevention initiatives that reduce insider risk exposure.
• Provide regular reporting and briefings to executive leadership on insider risk trends, investigations, and program effectiveness.
• Monitor emerging insider threat trends, technologies, and research to continuously enhance the insider risk program.
• Drive continuous improvement of detection, investigation, and prevention capabilities in alignment with leading practices.
• Operate effectively in ambiguous and complex situations, independently assessing risk, making timely decisions, and applying a flexible, solutions-oriented approach to resolve insider risk challenges.
• Continuously develop professional expertise by completing relevant training and pursuing industry-recognized certifications to stay current with evolving insider risk, cybersecurity, and investigative practices.

Benefits

• Market competitive base salaries, with a yearly bonus potential at every level
• Medical, dental, vision, life insurance, disability insurance, Paid Time Off (PTO), and leave of absences, such as parental and military leave
• 401(k) plan with company match (up to 4%).
• Company-funded pension plan.
• Wellness Programs including up to $1,600 a year for reimbursement of items purchased to support personal wellbeing needs.
• Work/Life Resources to help support topics such as parenting, housing, senior care, finances, pets, legal matters, education, emotional and mental health, and career development.
• Education Benefit to help finance traditional college enrollment toward obtaining an approved degree and many accredited certificate programs.
• Employee Stock Purchase Plan: Shares can be purchased at 85% of the lower of two prices (Beginning or End of the purchase period), after one year of service.
• Eligibility to participate in a discretionary annual incentive program is subject to the rules governing the program, whereby an award, if any, depends on various factors including, without limitation, individual and organizational performance.