Enterprise Insider Threat Investigations Manager

About The Position

Requirements

• Bachelor’s degree or an equivalent combination of education and related training preferably in criminal justice, regulatory affairs, insider threat/internal investigations, organizational or compliance law, or financial services.
• Ten years related experience at a large financial institution or related industry leading insider threat/internal investigations, compliance, information security, incident response and/or risk management.
• Strong knowledge of insider threat and cybersecurity risks, frameworks, best practices and industry/regulatory requirements.
• Demonstrated knowledge in evidence gathering, investigation, and documentation.
• Demonstrated leadership experience with critical thinking, time management skills and ability to effectively communicate with all levels of leadership.
• Industry certification in Interview & Interrogations techniques (Ex. The Reid Technique, Basic Law Enforcement Interview & Interrogations, etc.) or other relative credentials
• Ability to lead projects of moderate complexity and notable risk exposure.

Responsibilities

• Serve as primary support and delegate to the EIT Senior Manager. Contributing responsibilities include, but are not limited to, general supervision of EIT personnel; preparing and/or delivering insider threat presentations; assist program manager with development of insider threat key risk indicators (KRI) and key performance indicators (KPI), insider threat training, and related insider threat initiatives/projects.
• Provide strategic investigation direction, subject matter expertise and leadership, including the development and implementation of best-in-class solutions to designated business units to ensure compliance with the Bank’s Enterprise Insider Threat.
• Manage a team of dedicated investigators responsible for executing upon the relevant components of the Enterprise Insider Threat. Sets the team's direction and communicates individual and team priorities. Manages deliverables for the team against expected results. Makes judgments about priorities and the team's approach to work based on an understanding of how the team contributes to the achievement of broader objectives.
• Contributes to the development of cyber governance strategies and manages all aspects of internal and external audits. Respond to audit findings, develop, and document remediation plans.
• Advise lines of business and/or functional areas of their insider risk management responsibilities as it relates to Enterprise Insider Risk Program policy and ensure operating procedures are appropriately defined and implemented.
• Liaise effectively with business units and collaborators to provide details of the Enterprise Insider Threat and EIT investigations.
• Maintain a comprehensive understanding of the bank's entities, assets, personnel, geographic locations, and potential insider threat risks associated with those assets/personnel.
• Comprehend business details, risk of operations/processes and technology, risk culture, accountability, and organizational nuances.
• Analyze information to determine, recommend, and plan the use of new information security technologies, or modifications to existing systems that will provide capability for proposed project or work load, efficient operation and effective use of allotted resources.
• Make leadership decisions within established policies, procedures, and established objectives. Leads complex and visible projects with moderate to high risk and complexity.

Benefits

• Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax-preferred savings accounts, and a 401k plan to teammates.
• Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full-time or part-time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays.
• Depending on the position and division, this job may also be eligible for Truist’s defined benefit pension plan, restricted stock units, and/or a deferred compensation plan.