Director of Insider Threat
Click the Facebook, Google+ or LinkedIn icons to share this job with your friends or contacts. Click the Twitter icon to tweet this job to your followers. Click the link button to view the URL of the job, which then can be copied and pasted into an e-mail or other document.
Chicago, IL 60601
The Director of the Insider Threat program is responsible for the strategic planning, development and oversight of Northern Trust’s Insider Threat program. As the lead this individual will be expected to develop / enhance policies, standards, procedures and technology with the goal of predicting, detecting and responding to insider threats while also addressing various components of malicious technical activity originating from misuse of authorized access to systems or data.
This role requires working closely with other Information Security peers, Compliance and Risk groups, business areas, Human Resource and Legal partners to develop a mature enterprise wide program.
? Operational management of an enterprise insider threat program – build, manage, recruit, document, and maintain a vibrant and dynamic program responsive to changing threats.
? Evaluation, review and approval of information protection policies and standards in order to establish a foundation for appropriately managing systems and insider threat.
? Active and professional engagement of business partners in conversations that drive insider risk informed decisions.
? Lead highly sensitive, complex and confidential high-tech insider threat investigations into incidents. These might include data loss / intellectual property theft, technology misuse and conflict of interest.
? Oversight of forensic preservation of electronically stored information and data analysis in support of insider threat cases and other corporate matters as required.
? Conduct and memorialize investigative interviews and generate investigative summary reports outlining the investigation process and results.
? Establishment and oversight of the tools, processes, and operations of user behavior analytics as well as the investigation team’s portion of an enterprise insider threat program.
? Conduct risk-based analysis of users and groups across entire enterprise; develop investigative action plans based on findings.
? Assurance that the program meets the requirements of our global regulatory agencies and company supported frameworks.
? Development of the program to ensure historical events and incidents are available and used to identify trends and methods of data loss.
? Work closely with our Security Awareness team to promote a culture of insider threat awareness within the organization.
? Ensure program is built to comply with NISTs Cyber Security Framework as well as other international regulatory frameworks.
? Minimum 7 years professional experience, including at least three years of insider threat program experience and two years involving financial services investigations or relevant insider threat, investigative or counter intelligence experience.
? History of independently leading investigations with minimal supervision.
? Experience performing security event and incident detection and handling in a large corporate environment, gathering and analysis of threat intelligence, computer network surveillance/monitoring.
? Strong background in performing insider threat analysis.
? Experience in IT cyber threat management, vulnerability testing, data security, security management reports and metrics.
? Aptitude for understanding internal organizational environments, their relationship to the external business environment and associated insider threats.
? Ability to develop a full and deep understanding of the information protection program as well as business operations.
? Developed understanding of how business initiatives create value and risk for organizations.
? Strong ability to convey complex information risk and security issues in a manner that is easily understood and actionable and constructively challenges prevailing thoughts and processes.
? Able to consistently, effectively defend approaches and solutions.
? Demonstrates an ability to construct, challenge, and manage choices.
? Able to effectively analyze risk within the context of business problems.
? Excellent analytical and problem-solving skills.
? Clear and concise written and verbal communication skills.
? Strong technical writing skills, with emphasis on policy/process development.
? Strong familiarity with cyber security technology and trends.
? Strong written and verbal communication skills with both technical and non-technical audiences.
? Self-starter with great personal initiative and the ability to work autonomously.
Required Education, Training &/or Certification:
? Bachelor’s degree; Master’s degree a plus.
? Industry-accepted certifications a plus (EnCE, CCE, GCFE, GCFA, GCIH, GREM, CFCE, CISSP, etc.).
About Northern Trust:
Northern Trust provides innovative financial services and guidance to corporations, institutions and affluent families and individuals globally. With 130 years of financial experience and nearly 20,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service.
Working with Us: As a Northern Trust partner, you will be part of a flexible and collaborative work culture, which has a strong history of financial strength and stability. Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company that is committed to strengthening the communities we serve!
We recognize the value of inclusion and diversity in culture, in thought, and in experience, which is why Forbes ranked us the top employer for Diversity in 2018.
We’d love to learn more about how your interests and experience could be a fit with one of the world’s most admired and ethical companies. Build your career with us and apply today.