DescriptionGlobal Security (GS) protects the firm's employees and assets throughout the world. This responsibility includes the development of security and safety policies and procedures, regulatory and legislative compliance, corporate aviation, guard management, alarm response, crisis management, ATM, branch and corporate building security and customer safety, physical crime investigations, workplace violence, fire and life safety, pre-employment screening, fraud and employee investigations.
Within GS, the Threat Detection and Analysis team is responsible for identifying potential threats against the firm and its workforce from internal and external actors and developing strategies to mitigate those threats to protect the firm’s reputation, workforce, clients, and assets.
This VP position will be responsible for development and delivery of cutting-edge enterprise-wide solutions to detect, analyze and mitigate insider risks and overseeing triage of insider events and risk analysis by a team of analysts. The candidate must be a highly motivated individual with strong interpersonal skills able to leverage their insider threat, counterintelligence, and/or threat analysis experience to work on multiple assignments in accordance with dynamic priorities in a fast-paced environment. The position will work closely with various partners within the firm including but not limited to HR, Legal, Cybersecurity, and Technology, as well as external parties. The ability to work effectively with a diverse set of stakeholders is essential. The role requires critical thinking, strong communication skills, creativity, and the ability to work effectively across a large global organization.
Scope:
- Responsible for critical strategic deliverables for the Insider Risk Program executed in accordance with data privacy and legal requirements and expectations.
- Supervise and lead a team of analysts conducting triage of events generated by monitoring use cases, producing contextual data-driven analysis of insider incidents, risk analysis, and threat assessment.
- Facilitate referral of anomalous activity for investigation, escalation to other SMEs, and cross-functional coordination of mitigation strategies.
- Monitor internal and external Intel for notable insider events & coordinate insider incident topology analysis for risk and response action assessment.
- Provide SME-level support for insider matters leveraging deep knowledge of insider risk and counterintelligence.
- Communicate complex problem sets in succinct and clear manner that is understandable to a variety of audiences across the firm.
- Align and socialize program matters across multiple stakeholders, senior managers, and executives; synthesize findings and present updates and recommendations.
- Manage program governance documentation, including definition of roles and responsibilities and ensure compliance with the control environment.
- Work and collaborate with critical stakeholders within the firm, financial sector, across other industries and the U.S. Government, to stay abreast of industry trends and best practices.
Qualifications:
- 8-10 years of work experience supporting insider threat and/or counterintelligence program, investigations or risk analysis.
- Direct experience serving as an insider threat/risk program manager or senior analyst in industry or government assessing complex threats; scoping and developing mitigation strategies in coordination with cross-disciplinary teams.
- Minimum of an Undergraduate degree, preferably a master’s degree related to Intelligence Studies, Forensic Science, Security Studies, Computer Science, Cybersecurity, Data Analysis, or a related field.
- Experience conducting risk assessments and in-depth multi-source research on threat actors, tactics, techniques, and emerging trends to inform risk scenarios, evaluate control environment and develop mitigation strategies.
- Experience conducting or providing analytical support to insider threat/risk, counterintelligence, criminal, cybersecurity, and/or other types of investigations.
- Experience supervising direct reports, defining, and managing business objectives and outcomes.
- Proven ability to strategize and demonstrate ‘out of the box’ thinking and creativity to solve complex problems and deliver practical and effective results.
- Experience in analysis, design, implementation, and management of enterprise-wide security initiatives related to insider risk.
- Experience building successful sustainable relationships across lines of business and with technical partners to develop solutions.
- Ability to handle pressure associated with complex projects in a demanding environment.
- Very strong oral and written communication skills, with focus on attention to detail; experience communicating with senior leadership levels.
- Strong negotiation and influence skills with all levels of organization to achieve business results.
Highly Desired:
- Experience in or knowledge of private sector including but not limited to the financial industry.
- Insider Threat (e.g. CERT courses, CCITP, GCITP, etc.), Counterintelligence, analytical and/or security tradecraft training and certifications
- Behavioral Science/ Behavioral Analysis/Behavioral Threat Assessment experience or training.
- Experience with User Activity Monitoring (UAM), User Behavior Analytics (UBA) principles and tools, rules and policy engines, other insider threat technical solutions and data analytics platforms.