Insider Risk Lead

About The Position

Requirements

• 7+ years of experience in cybersecurity, insider threat, digital forensics, SOC operations, or similar roles.
• Proven experience developing or managing insider risk or behavioral analytics programs.
• Strong understanding of data protection, access management, monitoring tools, and investigative methodologies.
• Superior communication and judgment, especially in sensitive or confidential situations.
• Bachelor's degree in cybersecurity, information technology, risk management, or related field (or equivalent experience).

Nice To Haves

• Experience in decentralized or federated enterprise environments (preferred)
• Relevant certifications (e.g., CISSP, CISM, CEH, GIAC certified tracks) (preferred)
• Experience with UBA, SIEM, DLP, endpoint detection, or cloud analytics platforms (preferred)
• Experience working with HR, legal, or compliance leadership on risk matters (preferred)

Responsibilities

• Program Strategy & Development Lead the design, governance, and maturity roadmap of the Insider Risk Program.
• Develop policies, standards, and procedures aligned to enterprise cybersecurity objectives and regulatory expectations.
• Establish operational models for monitoring, escalation, and executive reporting.
• Threat Detection & Investigation Oversee behavioral and technical monitoring tools (e.g., UBA, DLP, and privileged activity analytics).
• Conduct and/or coordinate insider risk investigations, ensuring accuracy, discretion, and appropriate documentation.
• Partner with Cybersecurity Operations to triage and interpret insider related alerts.
• Enterprise Collaboration Serve as the primary liaison to Legal, HR, Compliance, Technology, and business units for insider risk processes.
• Facilitate communication and training to promote a culture of awareness and shared accountability.
• Work within Brown & Brown’s decentralized structure to ensure alignment, transparency, and consistent practices.
• Risk Reporting & Governance Develop and deliver dashboards, reports, and insights for cybersecurity leadership and executive stakeholders.
• Integrate insider risk into formal risk assessments and enterprise governance processes.
• Ensure adherence to compliance standards, audit requirements, and enterprise documentation practices.
• Other duties as assigned.

Benefits

• Health Benefits: Medical/Rx, Dental, Vision, Life Insurance, Disability Insurance
• Financial Benefits: ESPP; 401k; Student Loan Assistance; Tuition Reimbursement
• Mental Health & Wellness: Free Mental Health & Enhanced Advocacy Services
• Beyond Benefits: Paid Time Off, Holidays, Preferred Partner Discounts and more.