Deloitte

Cyber Insider Risk Manager

Deloitte$134K — $265K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • 6+ years in insider risk, security operations, investigations, compliance, or enterprise risk management
  • 2+ years managing insider risk programs or investigations
  • Proficient in Security Information and Event Management (SIEM) and Data Loss Prevention (DLP) tools
  • Experience creating insider risk procedures and metrics
  • Collaborative experience with cross-functional teams including HR, Legal, and Security
  • Willingness to travel up to 50%
  • Limited immigration sponsorship may be available

Responsibilities

  • Develop insider risk program strategies and assessments
  • Oversee a team managing insider risk inquiries
  • Lead client workshops and document program requirements
  • Align insider risk indicators with industry standards
  • Design and implement insider risk detection use cases
  • Evaluate insider risk scenarios and prioritize monitoring capabilities

Benefits

  • Opportunity to work on a variety of risk and compliance programs
  • Access to training and mentoring for continued professional development
  • Collaboration with cross-functional teams in a dynamic environment
  • Potential for participation in an annual incentive program
  • Work in a company recognized for its advisory and implementation services
Full Job Description
Cyber Defense & Resilience - Insider Risk Manager

Recruiting for this role ends on 12/31/2026.

Work you'll do

As an Insider Risk Manager on the Cyber team, you will be responsible for:
• Developing comprehensive strategies for insider risk programs, including program assessments and roadmaps, using Deloitte's Insider Risk capability framework and industry practices
• Assisting in the operation of client insider risk programs, overseeing a dedicated team of investigators in the triage, analysis, investigation, and remediation of insider risk-related inquiries
• Leading client workshops, interviews, and process walkthroughs with cross-functional stakeholders, including Human Resources, Legal, Privacy, and Security, to document business processes, goals, and program requirements
• Aligning insider risk indicator and policy development with business needs and industry-leading standards, frameworks, and practices, including the CERT Insider Threat Framework, National Insider Threat Task Force guidelines, and MITRE ATT&CK for Enterprise
• Designing and implementing insider risk detection use cases, monitoring processes, and escalation workflows using Security Information and Event Management, User and Entity Behavior Analytics, and Data Loss Prevention capabilities
• Evaluating insider risk scenarios, high-risk user groups, and crown jewel assets to help clients prioritize and deploy monitoring, detection, response, and program management capabilities

A successful candidate would possess these skills:
• Ability to work independently and collaborate as part of a team
• Effective written and verbal communication skills
• Meticulous attention to detail and quality of work product
• Ability to build and sustain professional relationships
• Ability to lead projects or workstreams
• Ability to manage and prioritize multiple tasks in a fast-paced and dynamic environment
• Strong interpersonal skills and professional demeanor
• Ability to meet deadlines
• Ability to mentor and provide clear guidance to others

The team

Deloitte's Cyber team helps complex organizations more confidently pursue their growth, innovation and performance agendas through proactive management of the associated business and cyber risks. Our professionals provide advisory and implementation services that integrate risk, regulatory, and technology skills to help clients transform their legacy programs. We work across a variety of different risk and compliance programs that extend well beyond Cyber Risk. Learn more about Deloitte Advisory's Cyber Risk Services practice.

Qualifications

Required:
• 6+ years of experience in insider risk, security operations, investigations, compliance, data protection, or enterprise risk management
• 2+ years of experience managing an insider risk program or conducting insider risk investigations and monitoring insider risk behaviors
• Experience using Security Information and Event Management, User and Entity Behavior Analytics, and Data Loss Prevention tools to support insider risk operations
• Experience developing insider risk procedures, playbooks, workflows, metrics, or governance models
• Experience working with cross-functional stakeholders such as Human Resources, Legal, Privacy, Ethics, or Security
• Ability to travel up to 50%, on average, based on the work you do and the clients and industries/sectors you serve
• Limited immigration sponsorship may be available.

Preferred:
• Bachelor's degree or equivalent experience
• Experience in consulting or professional services
• Experience responding to and recovering from cybersecurity incidents
• Hands-on experience configuring, tuning, and operationalizing UEBA and/or User Activity Monitoring (UAM) platforms to support insider risk detection (e.g., Splunk UEBA, Proofpoint ITM, Microsoft Purview IRM, etc.)
• Hands-on experience with at least one Data Loss Prevention solution such as Microsoft Purview, Proofpoint DLP, or Zscaler DLP
• One or more of the following certifications: CERT Insider Threat Program Manager Certificate, CERT Insider Threat Analyst, CERT Insider Risk Measure Management Measures of Effectiveness, Certified Information Systems Security Professional, Certified Information Privacy Professional, Certified Information Security Manager, or Certified Information Systems Auditor

The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $134,500 to $265,100.

You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.

Recruiting tips

From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters.

About Deloitte

Deloitte is a multinational professional services network that provides audit, tax, consulting, enterprise risk and financial advisory services. The company was founded in London in 1845 and has since grown to become one of the largest professional services firms in the world. Deloitte has over 330,000 employees in more than 150 countries and territories. The company's mission is to help clients achieve their goals and make an impact that matters in their businesses and communities.
Learn more about Deloitte
Size
330,000 employees
Industry
Founded
1999

Similar Jobs

More Jobs at Deloitte

More Information Technology Jobs

Find similar Cyber Insider Risk Manager jobs: