We are looking for a Cyber Hunter and Technical Leader to build a next-generation Insider Risk program. You will lead a team of analysts and engineers, utilizing AI-driven behavioral analytics and cutting-edge Data Security Posture Management tools to detect anomalies in behavior .
As the Team Lead for Insider Risk & Data Defense, you will hold one of the most critical mandates in the organization: safeguarding our proprietary data, financial assets and trust aware culture.
What Youll Do:
Lead the "Internal Hunter" strategy: define the roadmap for the Insider Risk function, manage day-to-day operations, and mentor a team of high-performing analysts and engineers.
Architect and operate advanced protection suites: serve as the technical owner for DLP (Microsoft Purview), Insider Risk and DSPM solutions to visualize data flow and block unauthorized movement.
Build AI-driven risk models: leverage Machine Learning (ML) to establish user behavior baselines and detect subtle deviations indicative of account compromise, data exfiltration, or sabotage.
Oversee high-stakes investigations: manage the full incident lifecycle from initial alert and digital forensics to Root Cause Analysis (RCA) and executive reporting.
Drive automated response (SOAR): develop playbooks that trigger "containment" actions (e.g., revoking access, isolating endpoints) when high-confidence malicious activity is detected.
Optimize signal-to-noise ratio: relentlessly tune SIEM and UEBA logic to ensure the team is hunting real threats.
Harden lifecycle security: collaborate with IT and HR on "Joiner, Mover, Leaver" processes to ensure access is strictly governed at every stage of the employee journey.
Enable deep visibility: ensure telemetry coverage across all critical systems-from employees to privileged IT staff-to eliminate blind spots.
As the Team Lead for Insider Risk & Data Defense, you will hold one of the most critical mandates in the organization: safeguarding our proprietary data, financial assets and trust aware culture.
What Youll Do:
Lead the "Internal Hunter" strategy: define the roadmap for the Insider Risk function, manage day-to-day operations, and mentor a team of high-performing analysts and engineers.
Architect and operate advanced protection suites: serve as the technical owner for DLP (Microsoft Purview), Insider Risk and DSPM solutions to visualize data flow and block unauthorized movement.
Build AI-driven risk models: leverage Machine Learning (ML) to establish user behavior baselines and detect subtle deviations indicative of account compromise, data exfiltration, or sabotage.
Oversee high-stakes investigations: manage the full incident lifecycle from initial alert and digital forensics to Root Cause Analysis (RCA) and executive reporting.
Drive automated response (SOAR): develop playbooks that trigger "containment" actions (e.g., revoking access, isolating endpoints) when high-confidence malicious activity is detected.
Optimize signal-to-noise ratio: relentlessly tune SIEM and UEBA logic to ensure the team is hunting real threats.
Harden lifecycle security: collaborate with IT and HR on "Joiner, Mover, Leaver" processes to ensure access is strictly governed at every stage of the employee journey.
Enable deep visibility: ensure telemetry coverage across all critical systems-from employees to privileged IT staff-to eliminate blind spots.
Requirements:
5-6+ years of experience in cybersecurity, investigations, or risk analytics
2+ years in a leadership role (Team Lead or acting lead), with a passion for mentoring and developing talent
Knowledge of insider threat frameworks (CERT, NIST, ISO) and behavioral monitoring concepts
Experience working with internal stakeholders (HR, Legal, Compliance, IT, Security Operations)
Understanding of access governance, user activity telemetry, and internal policy enforcement
Strong communication skills – able to translate technical findings into clear business risk
Strategic mindset with strong attention to detail and operational execution
Investigative Mindset – You know how to connect the dots between digital logs
5-6+ years of experience in cybersecurity, investigations, or risk analytics
2+ years in a leadership role (Team Lead or acting lead), with a passion for mentoring and developing talent
Knowledge of insider threat frameworks (CERT, NIST, ISO) and behavioral monitoring concepts
Experience working with internal stakeholders (HR, Legal, Compliance, IT, Security Operations)
Understanding of access governance, user activity telemetry, and internal policy enforcement
Strong communication skills – able to translate technical findings into clear business risk
Strategic mindset with strong attention to detail and operational execution
Investigative Mindset – You know how to connect the dots between digital logs
This position is open to all candidates.
