AIG is seeking an enthusiastic, seasoned, and highly capable individual to lead the development of the AIG Cyber Insider Threat Program. With guidance from Information Security leadership, this individual will be responsible for program establishment, including program framework, strategy, technology and program governance standards and procedures.
The cyber insider threat team, as a whole will be responsible for the ongoing development of insider threat use cases both independently and through collaboration with other AIG subject-matter experts. Expertise with various classes of technologies, such as User-based Analytics, and Data Loss Prevention is preferred as this position will also influence program governance over both.
Position Responsibilities:
• Lead the development of the cyber insider threat program framework, strategy, and program governance standards and procedures in collaboration with Legal, Privacy, and Human Resources.
• Establish an Insider Threat Detection and Response capability maturity model.
• Use metrics to identify and communicate evolving maturity, team performance, technology gaps, and other measurements that will illustrate our progress toward the strategic plan.
• Lead the development and operationalization of Cyber Insider Threat Incident Response practices
• Develop and maintain strong relationships with Legal, Privacy, HR, and Corporate Security.
• Establish relationships with leaders across the Information Technology organization to assure that the team has the proper privileges and access to rapidly identify and collect intelligence.
• Oversee development of insider threat use cases capitalizing on available detection platform data sources.
• Work closely with the Information Security architecture and engineering team to develop new tools and techniques for predicting, detecting and preventing insider threats.
• Continually evaluate changes to actor tactics, techniques and procedures to ensure technology strategy maintains pace with a changing threat landscape.
• Ensure the protection of AIG confidential information against unnecessary/unauthorized disclosure or access.
• Become recognized within AIG as an expert in Cyber Insider Threat Prevention, Detection, and Response.
Position Requirements:
Minimum Requirements (Knowledge, Skills, and Abilities):
• At least 10 years of relevant insider threat, intelligence, or investigative experience
• Demonstrated success in close working collaboration with cyber operations, intelligence, Human Resources, Legal, and senior leadership.
• Demonstrated expertise in both working in and handling extremely sensitive areas/materials, respectively.
• Experience handling investigations, leveraging legally sound practices (including chain of custody), the results of which are prosecutable case files.
• Experience developing and communicating recommendations to non-technical business areas.
Personal Attributes:
• Self-starter with a sense of urgency who takes ownership and responsibility for service delivery
• Works independently with minimal guidance to drive projects to completion, while also working collaboratively with the team to achieve strategic goals
• Professional, clear, and concise communication to both technical and non-technical audiences
• Analytical ability, attention to detail, problem solving , consultative skills, and creative thinking
• Proven organizational skills (time management and prioritization), and also employ a rigorous process for all follow-up / coordination activities
• Position requires access to highly sensitive confidential material, integrity and discretion are mandatory
Experience: Minimum of ten (10) years of experience in eDiscovery, computer forensics, investigations, or similar Information Security discipline.
Formal Education & Certification
• Bachelor of Science in Computer Science, Information Systems, Software Engineering, or relevant military or law enforcement experience
• Active or previously held Security Clearance preferred
• Preferred Certifications:
o Certified Information Systems Security Professional – CISSP
o Insider Threat Program Manager – ITPM
Send To A Friend
Posts
