Insider Risk Management
| Company | Carrier Global |
|---|---|
| Location | Palm Beach Gardens, FL, USA |
| Salary | $Not Provided – $Not Provided |
| Type | Full-Time |
| Degrees | Bachelor’s, Associate’s |
| Experience Level | Mid Level, Senior |
Requirements
- Associate’s degree and 5+ years in cybersecurity investigations and insider threat OR a Bachelor’s Degree and 3+ years in cybersecurity investigations, and insider threat.
Responsibilities
- Build and lead a global Insider Risk Program addressing threats across data protection, sabotage, fraud, and corporate espionage.
- Conduct and coordinate investigations of insider activity using technical telemetry, user behavior analysis, and DLP event data.
- Manage and evolve the enterprise DLP program to ensure coverage across key risk areas and alignment with business operations.
- Develop detection logic, response workflows, escalation procedures, and documentation standards to support defensible, repeatable investigations.
- Collaborate with digital forensics teams on complex cases requiring deeper technical examination.
- Ensure all insider risk activities align with global privacy, data protection, and employment regulations and frameworks.
- Create governance processes and policy controls that enable consistent insider risk management across diverse regulatory environments.
- Coordinate closely with Legal, Human Resources, Compliance, and other stakeholders to ensure all investigative practices are ethical, defensible, and compliant.
- Educate global stakeholders and provide communications on insider threat trends, prevention strategies, and program capabilities.
- Review enterprise telemetry to uncover behavioral anomalies, data misuse, evasion techniques, and other indicators of insider threat.
- Translate complex technical data into investigative insights and actionable recommendations.
- Refine detection use cases through behavioral modeling and retrospective analysis.
- Apply adversarial thinking and red-team mindset to proactively uncover hidden risk.
- Define success metrics, Key Performance Indicators, and reporting standards to measure program maturity, impact, and success.
- Drive automation and scalability to support growing volumes of telemetry and investigation workload.
- Evaluate tools, processes, and threat models continuously to stay ahead of evolving insider risks.
- Serve as a trusted advisor to executive stakeholders, aligning insider risk strategy with broader enterprise security goals.
Preferred Qualifications
- Background in digital forensics, behavioral analytics, law enforcement, or threat intelligence.
- Experience developing security programs within complex, globally distributed organizations.
- Demonstrated success navigating global compliance requirements and multi-jurisdictional challenges.
- Strong communication and stakeholder engagement skills with the ability to influence across functions.
- Proven ability to assess user behavior and digital activity for indications of risk or policy violations.
- Familiarity with insider threat and/or cybersecurity frameworks (e.g., NIST, CERT, MITRE, NITTF).
- Yellow Belt in Lean Six Sigma Karate
- Experience managing or tuning enterprise cybersecurity technologies.
- Fluent in multiple languages.