CISO managing information security and privacy governance at Puzzel, a leading cloud - based contact center provider in Europe. Engaging with stakeholders for compliance and risk management.
EB
Hybrid Lead, Cybersecurity Insider Risk Management
Posted last month
About the role
- Lead Cybersecurity Insider Risk Management role protecting sensitive data at Equitable Bank. Joining a top FinTech in advancing insider risk strategy and cybersecurity capabilities.
Responsibilities
- Own and lead the insider risk program strategy, governance framework, and roadmap.
- Define policies, standards, and procedures for insider risk management aligned with regulatory and organizational requirements.
- Develop and report on KPIs and metrics to measure program effectiveness and maturity.
- Lead the selection, assessment, and proof-of-concept (POC) for insider risk management tools (e.g., DLP, UEBA, SIM, CASB).
- Architect and implement advanced insider risk detection and response capabilities leveraging behavioral analytics, machine learning, and automation.
- Leverage AI-driven tools and automation to enhance efficiency, accuracy, and scalability of the insider risk management program.
- Integrate insider risk monitoring with broader cybersecurity platforms and threat intelligence feeds.
- Oversee day-to-day insider risk operations, ensuring timely detection, triage, and resolution of alerts.
- Define and maintain high-risk user groups, implementing automation for dynamic updates.
- Direct investigations into suspicious activities, ensuring proper documentation, evidence handling, and escalation.
- Monitor insider risk users through IRM alerts, DLP alerts, UEBA alerts, and database activity monitoring (DAM) alerts.
- Detect anomalous queries, unauthorized schema changes, or mass data exports, correlating database activity with user behavior analytics (UEBA).
- Deploy DAM tools to track queries, changes, and access patterns; set alerts for suspicious activities like bulk data extraction or unusual query patterns.
- Integrate DAM logs with SIEM for centralized monitoring.
Requirements
- Bachelor in Computer Science or related field.
- At least seven (7) years of information security and information risk experience.
- Expertise in insider risk platforms and technologies: DLP, IRM, UEBA, SIEM, CASB, EDR
- Strong knowledge of database security principles, encryption, and DAM tools
- Proficiency in scripting and automation (Python, PowerShell) for alert enrichment and remediation workflows.
- CISSP or similar certification is preferred.
- Ability to work in a fast-paced environment with minimal guidance and supervision.
- Ability to adapt to constantly changing technical, regulatory, and compliance environments.
- Good verbal and written skills are important.
- Experience working in a banking or financial services environment is an asset.
- Ability to think out of the box for solutions to technical problems.
Benefits
- Competitive discretionary bonus
- Market leading RRSP match program
- Medical, dental, vision, life, and disability benefits
- Employee Share Purchase Plan
- Maternity/Parental top-up while you care for your little one
- Generous vacation policy and personal days
- Virtual events to connect with your fellow colleagues
- Annual professional development allowance and a comprehensive Career Development program
- A fulfilling opportunity to join one of the top FinTechs and help create a new kind of banking experience
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Manager of IT Support & Endpoint Security overseeing service desk operations and endpoint security strategies. Leading a team to deliver high - quality technical support and manage IT security policies.
Senior Security Officer responsible for security and safety duties in acute care settings. Providing armed presence and response, coordinating with law enforcement as required.
Security Officer overseeing sensitive information protection and compliance with regulations. Collaborating with internal teams ensure security policy implementation and risk management under EU standards.
Technical consultant addressing information security risks for USAA and guiding strategic security direction. Leading peers in assessing security strategies and educating on best practices.
Technical Recruiter for BGS managing recruitment of Cybersecurity and IT professionals. Collaborating with technical teams to identify skill requirements and enhance talent acquisition processes.
Security and Privacy SME at Dynanet Corporation responsible for data management compliance and governance guardrails. Ensuring secure data handling and adherence to federal regulations.
PAM Manager responsible for strategy, roadmap, and operations of PAM program at Intact. Leading a team to safeguard privileged identities and secrets across various environments.
Senior Cybersecurity Vulnerability Management Versatilist at Boeing. Protecting the IT ecosystem by innovating vulnerability management solutions and leading security initiatives.
Entry level Associate Security Engineer at Navy Federal securing technical infrastructure and workloads with operational capabilities and threat monitoring practices.