Insider Threat Program Lead - SME

Job Requirements Washington, DC Clearance Unspecified Polygraph not specified Management (Manager/Director of Staff) Salary not specified Join Premium to unlock estimated salaries

Job Description Insider Threat Program Lead Location:

Washington, DC The Insider Threat Lead will design, mature, and oversee insider threat detection, analysis, and investigative support capabilities for a federal enterprise environment. The Lead will integrate user activity monitoring, behavioral analytics, threat intelligence, and investigative workflows to identify and mitigate malicious, negligent, or compromised insider activity. The ideal candidate possesses experience supporting insider threat programs within federal, intelligence community, law enforcement, or highly regulated environments.

• Contingent upon award Key Responsibilities
• Lead insider threat operations, analytics, and investigative support activities.
• Develop insider threat detection methodologies and behavioral analytics use cases.
• Coordinate with SOC, CTI, HR, legal, counterintelligence, and security stakeholders.
• Develop insider threat monitoring strategies leveraging: o UEBA, o SIEM, o EDR, o DLP, o and identity telemetry.
• Lead investigations involving: o data exfiltration, o privilege misuse, o anomalous behavior, o credential abuse, o and policy violations.
• Develop insider threat reporting, escalation, and case management procedures.
• Conduct threat assessments and risk-based prioritization.
• Support development of insider threat dashboards, metrics, and executive briefings.
• Assist with policy development, governance, and workforce awareness initiatives.
• Participate in oral presentations and technical solution development. Required Qualifications
• 10+ years of cybersecurity, counterintelligence, investigations, or insider threat experience.
• 5+ years supporting insider threat or behavioral analytics programs.
• Experience supporting federal agencies or classified environments.
• Experience with: o UEBA platforms, o SIEM analytics, o DLP, o identity analytics, o and investigative workflows.

Knowledge of:

o NIST insider threat guidance, o behavioral analytics, o digital forensics, o and investigative methodologies.

• Strong briefing and stakeholder coordination skills. Preferred Certifications
• CISSP
• CISM
• GCFE
• GCFA
• CIPP
• Insider Threat Program Manager certifications
• Behavioral analytics or fraud investigation certifications group id: 91135725 N Name Hidden Senior Technical Recruiter Apply now