Full-Time Detection Engineering Lead (Insider Risk)

This is an exciting opportunity for a technically strong cybersecurity professional to take the next step into a leadership role. As Detection Engineering Lead (Insider risk), you'll play a central role in building a scalable insider risk management program from the ground up. You'll use your hands-on experience in incident response, threat detection, and forensic analysis to lead investigations, develop processes for detecting and responding to insider threats. This role is for someone looking to expand from technical execution to owning strategy, process design, and stakeholder collaboration. You'll work closely with cross-functional teams (HR, Legal, Cybersecurity, and Technology) to assess insider risks, manage cases, and implement mitigation strategies.

Key Responsibilities Include:

1. Building a resilient insider threat program aligning with business goals and security standards.
2. Developing and maintaining automations, workflows, tools, and processes to detect and respond to high-risk insider activities.
3. Working with cross-functional teams to classify, report, and resolve insider risks, enhancing incident response procedures.
4. Serving as a reliable point of contact for insider risk matters, ensuring timely updates and alignment with senior leadership.
5. Implementing and overseeing monitoring systems for behavioral anomalies, enabling early detection of suspicious insider activities.
6. Collaborating with awareness teams to identify emerging threat tactics, promote risk-reducing behaviors, and prevent data loss/misuse.
7. Breaking down complex security challenges into clear, understandable messages to empower leaders.
8. Coordinating with Business Units, Security Operations, HR, Legal, and Compliance teams to address insider risks holistically and efficiently, maintaining strict confidentiality.
9. Creating and maintaining meaningful use cases in UEBA and monitoring tools for early detection and prioritization of risky behaviors.
10. Defining metrics and KPIs to clearly communicate program health and progress to senior leadership.
11. Continuously refining rules, analytics, and detection logic to adapt to evolving threats and elevate detection capabilities.
12. Aligning the insider risk program roadmap with organizational priorities for long-term relevance and impact.
13. Identifying and scoping insider risks through detailed analysis, evidence collection, and sound judgment.
14. Monitoring unauthorized activities while adhering to legal and privacy guidelines.
15. Evaluating and refining behavioral detection models to stay ahead of insider threat patterns and false positives.
16. Producing intelligence reports synthesizing diverse data points into actionable insights.
17. Aligning team projects and goals with broader organizational strategy.
18. Mentoring junior analysts to build a strong team culture.

What is the last date for applying to the job?

Which countries are accepted for this remote job?