Cybersecurity Insider Threat Manager

Job Description

Overview Position Cybersecurity Insider Risk Manager Job Code Reports to CISO Operations Director Direct Reports Division/Section CISO Partnership & Engagement Department Cybersecurity Department Sector Corporate GRC Job Family Cybersecurity Culture and Engagement Role Purpose The Insider Risk Program Manager at NEOM will be responsible for a comprehensive approach to identifying, mitigating, and responding to risks posed by individuals with authorized access to systems. This role demands a highly skilled practitioner to identify and respond to high-risk activities and anomalous behaviors, including intellectual property theft, espionage, fraud, sabotage, and unauthorized data disclosure.Responsibilities KEY ACCOUNTABILITIES & ACTIVITIES Program Management

• Functional leadership in utilizing analytical methods to identify insider risk patterns and develop forecasting models.
• Developing and maintaining comprehensive insider risk management techniques, procedures, tactics, and mitigation of risks such as data exfiltration, internal fraud, privilege escalations, and sabotage.
• Gaining an understanding of diverse systems and developing plans and analytics to obtain necessary triggers.
• Managing the programs daily operations and coordinating enterprise-wide efforts, collaborating with Cyber Security, Human Resources, Legal, Physical Security, and other departments.
• Developing and refining playbooks on insider detection processes.

Operational

• Conducting in-depth data analysis from various data sources, assembling, correlating, evaluating, and assessing information related to insider threats.
• Identifying existing and emerging insider risks, developing identification capabilities, and strategizing for investigation and mitigation.
• Utilizing threat intelligence for proactive discovery of suspicious activities and future incident prevention.
• Evaluating technical products for insider threat programs, defining specific architectures, and understanding technology implementation to build and enhance the program over time.
• Investigating or reporting on possible insider risks, either independently or in partnership with stakeholders.

Communication and Reporting

• Drafting and presenting detailed investigative reports and summaries.
• Developing and operationalizing program performance metrics and reporting mechanisms in research, hunting, and investigations.
• Monitoring, triaging, and escalating findings from detection capabilities.
• Communicating findings to stakeholders and coordinating with team members for continuous program improvement.

Program Enhancement

• Evaluating and recommending improvements to both technical and non-technical solutions for detecting and responding to potential insider threats.
• Maturing insider risk program capabilities in alignment with strategic cybersecurity operations objectives.
• Conducting evaluations of existing insider threat program elements and developing new ones, including governance and stakeholder engagement mechanisms.
• Assisting in developing business cases, resource planning, and budget justifications for insider threat programs.
• Providing thought leadership and consulting support services to other NEOM sectors and entities for the development of insider threat programs.

Background, Skills & Qualifications Knowledge, Skills, Experience and Qualifications Educational Requirements

• Bachelors degree in Information Technology, Engineering, Computer Science, Information Systems, or a related technology field. A Masters degree is an added advantage.
• Specialized certifications such as PMP, Insider Threat Professional Certification (CCITP-A or CCITP-F) are beneficial.

Experience Requirements

• Minimum of 5-7 years of experience in fields related to counterintelligence, IT security, human resources, behavioral analysis, or insider threat mitigation.
• Proficiency in user activity monitoring systems and tools like UAM, SIEM, DLP, and UEBA.
• Experience with AI/ML technologies for operational efficiency.
• Experience in developing and executing work processes in a technical environment.
• Experience with policy writing and providing subject matter expertise and thought leadership

Skills And Abilities

• Excellent analytical and problem-solving skills with attention to detail.
• Ability to prioritize risks and handle confidential matters with appropriate judgment.
• Strong communication (verbal and written), project management, and interpersonal skills.
• Experience with data collection, mining, investigative techniques, and intelligence analysis.
• Ability to work effectively in a matrixed organization and with geographically distributed teams.
• Knowledge of regulations pertaining to Insider Threat programs.

Leadership and Management

• Experience leading teams focused on security, risk mitigation, and technology implementation.
• Ability to lead teams through change and develop team members.
• Good business judgment and ability to investigate complex matters independently.

Additional Requirements

• Possession of good business judgment.
• Ability to rapidly learn and understand advanced technical security principles.
• Strong analytical and quantitative skills; ability to use data and metrics for recommendations.

COMMUNICATION - MAIN STAKEHOLDERS Internal External

• CISO Team
• Human Resources
• Compliance
• IT Operational Teams
• Sector and Regional Leaders
• Business owners
• NEOM vendors, contractors, consultants, residents and school pupils

Keyskills :
policy writing Insider Risk Management Leadership Regulations Project management Sabotage Security Interpersonal User activity monitoring systems Privilege escalations Quantitative Analytical Data exfiltration Communication Risk Mitigation

About Company

NEOM

Job Source: careers.neom.com