The Senior Manager \u2013 Insider Risk Detection \u0026 Response (IRDR) is responsible for owning and operating the enterprise insider risk program, global operations, and managing a team focused on identifying, analyzing, and mitigating insider threats that could harm the organization\u2019s people, data, operations, or reputation while partnering closely with Cyber Security, Legal, HR, Privacy, and Physical Security.\n\nThe role oversees daily detection and response workflows, sets program strategy, ensures compliance, and drives maturity while enabling business operations safely.\n\nCore Responsibilities\n\n1\\. Program Leadership \u0026 Strategy\n\n * Develop and maintain the organization\u2019s Insider Risk Program roadmap.\n * Define governance models, policies, workflows, and escalation paths.\n * Align program outcomes with enterprise cybersecurity, legal, HR, and compliance goals.\n * Lead maturity improvements in detection, analytics, automation, and response.\n * Provide executive\u2011level posture and insights of the program\n\n\n\n2\\. Stakeholder Engagement \u0026 Cross\u2011Functional Collaboration\n\n * Partner closely with HR, Legal, Privacy, Compliance, Physical Security, and SOC leadership.\n * Communicate complex findings to executive leadership in a business\u2011friendly way.\n * Educate stakeholders on insider risk trends, escalations, and recommended controls.\n * Partner with Legal and Privacy to guide responsible data usage and handling.\n\n\n\n3\\. Team Leadership \u0026 Operational Management\n\n * Lead, mentor, and develop a team of insider threat analysts and investigators.\n * Manage workload distribution, case assignments, and performance.\n * Develop training, playbooks, and skill development pathways for the team.\n * Foster a culture of confidential, ethical handling of sensitive issues.\n\n\n\n4\\. Detection \u0026 Monitoring Oversight\n\n * Oversee insider threat detection across tools such as:\n * Microsoft Purview Insider Risk Management\n * SIEM/SOAR platforms (e.g., Sentinel, Splunk)\n * Endpoint DLP, CASB, user activity monitoring tools\n * Ensure appropriate telemetry coverage, alert logic, and risk scoring models.\n * Continuously tune detection rules to reduce false positives and improve fidelity.\n\n\n\n5\\. Incident Response \u0026 Investigations\n\n * Lead investigations into potential insider threat events involving:\n * Data exfiltration\n * Intellectual property theft\n * Privileged user / role misuse\n * Malicious or accidental violations of export control regulations (in partnership with Trade/Legal)\n * Coordinate cross\u2011functional response with HR, Legal, Privacy, Compliance, Physical Security, IT, and Security Ops.\n * Ensure investigations are conducted with a high degree of discretion and integrity.\n * Prepare and deliver incident reports, root\u2011cause summaries, and mitigation recommendations.\n\n\n\n6\\. Reporting \u0026 Metrics\n\n * Executive dashboards aligned to enterprise scorecards: Risk trend analysis, Country / BU risk scoring etc.\n * Program maturity / KPIs: detection coverage, cases handled, response times, etc.\n * Recommend policy updates, preventive controls, and automation based on insights.\n\n\n\n7\\. Technology, Vendor \u0026 Budget Management\n\n * Oversee external vendors and managed services supporting the program.\n\n\n * Own tooling strategy, vendor selection, and lifecycle management.\n * Manage budget and resources for global insider\u2011risk capabilities.\n\n\n\nRequired Skills \u0026 Qualifications\n\nTechnical Skills\n\n * Deep understanding of insider threat frameworks (NIST, MITRE, CERT Insider Threat Center, etc.).\n * Knowledge in:\n * SIEM/SOAR platforms (Google SecOps, Exabeam, Splunk, etc.)\n * Data Governance, Data Loss Prevention (FAM, DLP, CASB)\n * Endpoint and network telemetry (EDR, Email Security Gateway, Firewall etc.)\n * Identity \u0026 Access Management (IGA, Badge, SSO, MFA etc.)\n * Expertise in UEBA (User and Entity Behavior Analytics) platform / solutions.\n * Knowledge of cloud platforms and modern workplace environments (M365, Azure, SaaS apps).\n\n\n\nInvestigative \u0026 Analytical Skills\n\n * Strong case management, documentation, and evidence\u2011handling discipline.\n * Ability to analyze behavioral patterns and correlate multi\u2011source telemetry.\n * Experience conducting sensitive, confidential investigations.\n * Ability to balance technical evidence with human behavior/context.\n\n\n\nLeadership \u0026 Communication Skills\n\n * Experience managing investigations or cybersecurity teams.\n * Excellent communication skills\u2014able to present findings to executives.\n * Ability to work with cross\u2011functional partners discreetly and collaboratively.\n * Strong decision\u2011making under pressure.\n\n\n\nBehavioral \u0026 Soft Skills\n\n * High level of integrity and trustworthiness.\n * Discretion when handling sensitive employee data.\n * Strong empathy and emotional intelligence (critical for HR/legal collaborations).\n * Ability to operate in ambiguous situations with minimal information.\n\n\n\nQualifications\n\n * 10\u201315+ years in cybersecurity, threat detection, digital forensics, or incident response.\n * 5\u20137+ years in a leadership or management role.\n * Certifications such as:\n * CISSP, CISM\n * GIAC Insider Threat (GSIP)\n * GIAC Cyber Threat Intelligence (GCTI)\n * CIPP or other privacy certifications\n\n\n\nExperience implementing insider risk programs in large, matrixed global enterprises\n\n## Qualifications\n\n### Education:\n\nBachelor\u0027s Degree (Required)\n\n### Skills\n\nData Loss Prevention (DLP), Identifying Risks, Information Security Risk, Intellectual Property Protection, Risk Management\n\n### Certifications:\n\n### Languages:\n\n### Years of Experience:\n\n7 - 10 Years\n\n### Work Experience:\n\n## Additional Information\n\n### \n\n### Shift:\n\n10-Day 8-Hr (United States of America)\n\n### \n\n### Travel:\n\n### \n\n### Relocation Eligible:\n\nNo\n\n### Referral Payment Plan:\n\nEmployee Referral (Standard)\n\nU.S. Salary Range:\n\n$176,000.00 - $242,000.00\n\nThe salary offered to a selected candidate will be based on multiple factors including location, hire grade, job-related knowledge, skills, experience, and with consideration of internal equity of our current team members. In addition to a comprehensive benefits package, candidates may be eligible for other forms of compensation such as participation in a bonus and a stock award program, as applicable. \n\nFor all sales roles, the posted salary range is the Target Total Cash (TTC) range for the role, which is the sum of base salary and target bonus amount at 100% goal achievement.\n\nApplied Materials is an Equal Opportunity Employer committed to diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, national origin, citizenship, ancestry, religion, creed, sex, sexual orientation, gender identity, age, disability, veteran or military status, or any other basis prohibited by law. \n
All Job Ads are subject to GrabJobs’s Terms of Service. We allow users to flag postings that may be in violation of those terms. Job Ads may also be flagged by GrabJobs moderation team. However, no moderation system is perfect, and flagging a posting does not ensure that it will be removed.
Be the first to receive the latest Others Full-Time Jobs in the US.
Setup your job alert:
By activating job alerts, I agree to GrabJobs Terms & Privacy Policy. I can unsubscribe to job alerts anytime.
Skip
GrabJobs is the no1 job portal in the US, connecting you to thousands of jobs fast!
Find the best jobs in the US, apply in 1 click and get a job today!