CrawlJobs Logo

Risk Manager, Insider Threat

capitalone.com Logo

Capital One

Location Icon

Location:
United States , McLean

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

179400.00 - 245600.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

The Risk Manager, Insider Threat represents a unique opportunity for those with hands-on cybersecurity technical and operational experience who have a desire to leverage and enhance that expertise in a risk management organization. This individual will have the ability to use technical skills and cyber subject matter expertise to provide effective oversight, credible challenge, and expert advice to help manage and control risk associated with cyber operations. This position will play a key and influential role in assessing and challenging cybersecurity capabilities and operational effectiveness to drive action against areas of risk and concern. This role will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of cybersecurity controls, operational capabilities, and associated processes. This individual will provide subject matter expertise and oversight and effective challenge of key cybersecurity domains of Insider Threat, Threat Detection, and Incident Response. This role will contribute to the imposter and candidate integrity working groups and create materials for the conduct risk council.

Job Responsibility:

  • Provide advisory, oversight, and effective challenge to the 1st Line of defense
  • Provide technical assessments of cybersecurity controls design and effectiveness
  • Draft assessments for senior management and other stakeholders, to include regulatory agencies and the Board of Directors, as needed
  • Stay current on emerging cyber threats and potential implications to the firm
  • Collaborate effectively with colleagues, stakeholders, and leaders across multiple organizations to achieve objectives
  • Coordinate program-related activities and deliverables to ensure effective collaboration within the team and across stakeholder groups
  • Proven track record of leading, mentoring, and influencing others
  • Ability to communicate clearly in written and verbal form
  • Ability to manage multiple projects while maintaining superior results
  • Ability to work individually and cross-functionally
  • Execution oriented and a self-motivator

Requirements:

  • Bachelor’s degree or military experience
  • At least 3+ years of experience in the financial services industry or highly regulated industry (healthcare, energy, telecommunications)
  • At least 3+ years of experience in Insider Threat, including identifying imposters and fraudsters
  • At least 2+ years of experience in Incident Response within a Security Operations Center
  • At least 2+ years of experience with User and Entity Behavior Analytics (UEBA) or Security Incident and Event Management (SIEM) platforms
  • At least 2+ years of experience defining or tuning rules in UEBA and SIEM platforms
  • At least 2+ years of consulting, audit, or risk management experience

Nice to have:

  • 2+ years of Threat Intelligence experience, including the curation and operationalization of threat intelligence feeds
  • Familiarity with NIST Cybersecurity Framework controls, NIST 800-53, ISO 27000-1
  • Cybersecurity certifications such as: Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • or Certified in Risk and Information Systems Control (CRISC)
  • Cloud certifications for Amazon Web Services (AWS) or Google Cloud Platform (GCP)
What we offer:
  • comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being
  • performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI)

Additional Information:

Job Posted:
March 22, 2026

Employment Type:
Fulltime
Work Type:
On-site work
Icon
Capital One - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Risk Manager, Insider Threat

Security Manager – Data Protection

The GPC Data Protection Manager leads the enterprise strategy to detect, investi...
Location
Location
Poland , Krakow
Salary
Salary:
Not provided
genpt.com Logo
Genuine Parts Company
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Management: Experience in managing at least 10 employees
  • Typically requires 5–10 years in cybersecurity or risk management, with a focused background in insider threat analysis or data protection
  • Extensive experience with data discovery/cataloging and insider risk tools
  • Proficiency in querying large datasets using SQL or Python to identify emerging threat patterns and fraud indicators
  • Strong cross-functional collaboration skills, with the ability to influence without direct authority and translate technical risks into business impact
  • Preferred credentials include CISSP (Security), or CISM (Management)
Job Responsibility
Job Responsibility
  • Program Governance: Define and drive the multi-year technical roadmap for insider risk, aligning it with business needs and global privacy laws (e.g., GDPR, CCPA, DORA)
  • Behavioral Detection: Oversee User and Entity Behavior Analytics (UEBA) to establish behavioral baselines and detect anomalies, such as unusual data movement or unauthorized use of generative AI tools
  • Data Protection Management: Lead the selection, deployment, and optimization of the Data Protection stack (e.g., Microsoft Purview and Cyera) to identify and block risky data exfiltration
  • Incident Investigation: Participate with Global Incident Response team on deep-dive investigations into high-risk alerts, collaborating with Legal and HR to ensure ethical and defensible evidence collection
  • AI Guardrails: Implement specific controls to monitor and prevent sensitive data leaks into external Large Language Models (LLMs) and manage 'prompt injection' risks
  • Metrics & Reporting: Develop real-time dashboards to quantify risk posture and program effectiveness for executive leadership and the board of directors
  • Talent Cultivation: Prioritize hiring adaptable specialists who can navigate hybrid security environments and AI-driven threats
  • Mentorship & Coaching: Move from traditional surveillance-heavy oversight to a coaching-based model, providing 'real-time nudges' that educate employees on secure data handling rather than just penalizing mistakes
What we offer
What we offer
  • We offer comprehensive benefit plans and programs designed to support your health and wellness, provide income protection and build financial security for your retirement
Read More
Arrow Right

Cloud Solution Architecture -Security (French Speaker)

We are looking for a Cloud Solution Architect (CSA), specializing in Security & ...
Location
Location
France , Multiple Locations
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Computer Science, Information Technology, Engineering, Business, or related field AND experience in cloud/infrastructure technologies, information technology (IT) consulting/support, systems administration, network operations, software development/support, technology solutions, practice development, architecture, and/or consulting
  • OR equivalent experience
  • French language fluency
  • experience working in a customer-facing role (e.g., internal and/or external)
  • experience working on technical projects
  • Technical Certification in Cloud (e.g., Azure, Amazon Web Services, Google, security certifications)
  • Azure and Cloud Security Engineering
  • Infrastructure, Databases, Networking, Virtual Machines Security
  • Secrets and Keys security practices
  • Azure Identity (service principals - managed identities)
Job Responsibility
Job Responsibility
  • Drive positive Customer Satisfaction & become a trusted advisor and be the Voice of Customer to share insights and best practices, connect with Global Security teams at Microsoft, Engineering and Product teams to remove blockers and influence the solution roadmap
  • Land an end-to-end value proposition for Security (i.e., Zero Trust) which spans the breadth of Microsoft Security offerings and with focus on Threat Protection, ID + Access Management and Cloud Security as you seek to understand customer requirements and map the adoption and optimization of Microsoft technology solutions accordingly
  • Position and deliver solutions that drive Security product usage as well as develop opportunities to drive Customer Success business results & help Customers get value from their Microsoft investments in alignment with the Customer Success Account Manager or other Account Team members
  • Identify resolutions to Customer blockers by leveraging SA subject matter expertise
  • Deliver according to Microsoft best practices & using repeatable IP and accelerate Business Value of overall Security adoption by improving security posture and ensuring that the solution exhibits “Secure by Design” framework, such as high-performance levels, security, scalability, maintainability, appropriate reusability, and reliability upon deployment
  • Align individual skilling to team/area demands & Customer Success goals and accelerate customer outcomes - Share expertise, contribute to IP creation & re-use to accelerate customer outcomes
  • Run Architectural Design Sessions to build a plan for implementing the solution – governing design in line with customer business goals and their technical environment
  • Collaborate and orchestrate with others in developing complex end-to-end Enterprise solutions with the Microsoft Security platform and modify and deliver existing intellectual property (IP) or, where applicable, create new content
  • Fulltime
Read More
Arrow Right

Cloud Solution Architect - Security

Empower customers to achieve their goals through their investments in Microsoft ...
Location
Location
United States , Multiple Locations
Salary
Salary:
106400.00 - 203600.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Computer Science, Information Technology, Engineering, Business, Liberal Arts, or related field AND 4+ years experience in cloud/infrastructure technologies, information technology (IT) consulting/support, systems administration, network operations, software development/support, technology solutions, practice development, architecture, and/or consulting OR equivalent experience.
  • Strong understanding of data security principles, including data classification, encryption, sensitivity labeling, and information protection policies
  • Deep knowledge of On-Prem Active Directory and Microsoft Entra ID
  • Proven experience delivering end-to-end Data Security projects using enterprise platforms
  • Microsoft Purview experience preferred (Information Protection, Data Loss Prevention, Insider Risk Management)
  • Hands-on experience with Data Loss Prevention (DLP), Microsoft Information Protection (MIP), sensitivity labels, Insider Risk Management (IRM), eDiscovery, Audit, Communication Compliance, and Data Lifecycle Management
  • Strong understanding of risk and compliance posture management
  • Proficiency with Microsoft Defender Suite (Endpoint, Identity, Office 365) and incident response workflows
  • Experience integrating Microsoft Defender with Microsoft Sentinel for advanced threat detection
  • Deep knowledge of Microsoft Entra ID (Azure AD), including RBAC, Conditional Access, authentication models (PTA/PHS, Federation), Privileged Identity Management (PIM), and governance features
Job Responsibility
Job Responsibility
  • Drive positive customer satisfaction, act as a trusted advisor, and serve as the Voice of the Customer by sharing insights and best practices.
  • Collaborate with Microsoft Global Security, Engineering, and Product teams to remove blockers and influence solution roadmaps.
  • Deliver an end-to-end value proposition for Microsoft Security (e.g., Zero Trust) across the full portfolio, with emphasis on Threat Protection, Identity & Access Management, and Cloud Security.
  • Position and deliver solutions that increase security product usage, identify opportunities to drive Customer Success outcomes, and help customers realize value from Microsoft investments in partnership with Customer Success Account Managers and account teams.
  • Resolve customer blockers by leveraging subject matter expertise and Microsoft best practices.
  • Use repeatable IP to accelerate business value, improve security posture, and ensure solutions follow the “Secure by Design” framework for performance, scalability, maintainability, and reliability.
  • Align individual skilling with team and customer success goals.
  • Share expertise, contribute to IP creation and reuse, and accelerate customer outcomes.
  • Lead Architectural Design Sessions to define solution implementation plans aligned with customer business objectives and technical environments, achieving consensus on design and next steps toward production.
  • Collaborate and orchestrate with cross-functional teams to develop complex, end-to-end enterprise solutions using the Microsoft Security platform.
  • Fulltime
Read More
Arrow Right

Asia Cyber Security Operations Lead

Citigroup seeks an experienced, proactive, and innovative Asia Cybersecurity Ope...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 15+ years of experience in cybersecurity and financial services
  • Demonstrated leadership experience within security operations or similar functions
  • Proven track record of contributing to and managing security operations and supporting transformative change
  • Strong understanding of the cyber threat landscape, attack vectors, and mitigation strategies
  • Expertise in aspects of Security Operations Centers (SOC), Incident Response, Hunting Operations, Threat Defense, Penetration Testing, Vulnerability Management, Red Team operations, threat intelligence, and cybersecurity models
  • Strong communication, interpersonal, and team collaboration skills, with the ability to operate effectively across diverse regional cultures
  • Ability to work effectively in a fast-paced, high-pressure environment
  • Cybersecurity Leadership: Demonstrated ability to lead and motivate cybersecurity teams, manage projects, and contribute to strategic direction under pressure across multiple functions (SOC, Offensive Security, VM, Fusion Center)
  • Strategic Thinking: Capacity to assist in developing and implementing comprehensive Cybersecurity strategy aligned with business objectives and industry best practices across the JANA and Asia South regions
  • Transformation & Innovation: Experience supporting large-scale cyber and digital transformations, fostering a culture of innovation and continuous improvement
Job Responsibility
Job Responsibility
  • Contribute to and manage aspects of Cybersecurity Incident Response and Crisis Management within the JANA and Asia South regions
  • Oversee Hunting Operations and Threat Defense initiatives to proactively identify and neutralize threats
  • Lead and manage Penetration Testing, Vulnerability Management, and Red Team activities within the cluster
  • Support Third-party incident response and management processes
  • Assist in Critical Vulnerability response and remediation initiatives
  • Participate in and lead specific Cyber Exercises Program activities
  • Contribute to Cyber Threat Intelligence efforts and analysis
  • Support Cyber Data Analytics and reporting for regional operations
  • Assist in the development and implementation of Cybersecurity risk mitigation programs
  • Pro-actively support the Global Head in evolving the Cyber Fusion function and other cybersecurity operational capabilities, contributing to the development and implementation of a comprehensive strategy aligned with Citigroup's business enablement & efficiency objectives and security posture within the JANA and Asia South regions
  • Fulltime
Read More
Arrow Right
New

Cloud Solution Architect- Security

Empower customers to achieve their goals through their investments in Microsoft ...
Location
Location
United States , Redmond
Salary
Salary:
106400.00 - 203600.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Computer Science, Information Technology, Engineering, Business, Liberal Arts, or related field AND 4+ years experience in cloud/infrastructure technologies, information technology (IT) consulting/support, systems administration, network operations, software development/support, technology solutions, practice development, architecture, and/or consulting OR equivalent experience
  • This position is not eligible for visa sponsorship. Candidates must have authorization to work in the United States that does not now or in the future require employer sponsorship
  • Strong understanding of data security principles, including data classification, encryption, sensitivity labeling, and information protection policies
  • Deep knowledge of On-Prem Active Directory and Microsoft Entra ID
  • Proven experience delivering end-to-end Data Security projects using enterprise platforms
  • Microsoft Purview experience preferred (Information Protection, Data Loss Prevention, Insider Risk Management)
  • Microsoft Security certifications such as SC-401, SC-200, SC-100, AZ-500
  • Microsoft Certified Trainer or equivalent
  • Industry-recognized certifications such as CISSP or equivalent
  • Hands-on experience with Data Loss Prevention (DLP), Microsoft Information Protection (MIP), sensitivity labels, Insider Risk Management (IRM), eDiscovery, Audit, Communication Compliance, and Data Lifecycle Management
Job Responsibility
Job Responsibility
  • Drive positive customer satisfaction, act as a trusted advisor, and serve as the Voice of the Customer by sharing insights and best practices
  • Collaborate with Microsoft Global Security, Engineering, and Product teams to remove blockers and influence solution roadmaps
  • Deliver an end-to-end value proposition for Microsoft Security (e.g., Zero Trust) across the full portfolio, with emphasis on Threat Protection, Identity & Access Management, and Cloud Security
  • Position and deliver solutions that increase security product usage, identify opportunities to drive Customer Success outcomes, and help customers realize value from Microsoft investments in partnership with Customer Success Account Managers and account teams
  • Resolve customer blockers by leveraging subject matter expertise and Microsoft best practices
  • Use repeatable IP to accelerate business value, improve security posture, and ensure solutions follow the “Secure by Design” framework for performance, scalability, maintainability, and reliability
  • Align individual skilling with team and customer success goals
  • Share expertise, contribute to IP creation and reuse, and accelerate customer outcomes
  • Lead Architectural Design Sessions to define solution implementation plans aligned with customer business objectives and technical environments, achieving consensus on design and next steps toward production
  • Collaborate and orchestrate with cross-functional teams to develop complex, end-to-end enterprise solutions using the Microsoft Security platform
  • Fulltime
Read More
Arrow Right

Staff Security Risk and Compliance Program Manager

We are seeking a highly experienced and technically proficient Staff Risk & Comp...
Location
Location
United States
Salary
Salary:
213200.00 - 250500.00 USD / Year
confluent.io Logo
Confluent
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of experience in security program management
  • At least 5 years dedicated to Insider Threat, Corporate Security, or Data Loss Prevention (DLP) programs
  • Deep technical understanding of security controls, network architecture, endpoint security, cloud environments (e.g., AWS, Azure, GCP), and User and Entity Behavior Analytics (UEBA) or similar advanced detection technologies
  • Experience with evaluating & implementing identity & access management tools, endpoint security platforms, data loss prevention tools
  • Familiarity with forensic analysis techniques and legal hold processes related to electronic evidence
  • Strong project management and organizational skills
  • Exceptional analytical and problem-solving skills, with a data-driven approach to decision-making
  • Experience in running long-term, complex security programs that deliver iterative improvements and risk reduction
  • Excellent written and verbal communication skills
  • The ability to influence and lead without direct authority
Job Responsibility
Job Responsibility
  • Define and drive the multi-year technical roadmap for the Insider Threat program, focusing on advanced detection methods, behavioral analytics, technical countermeasures, and integration with existing security and IT infrastructure
  • Lead the planning, execution, and delivery of complex, multi-functional technical projects within the Insider Threat domain
  • Act as the primary liaison between Trust & Security and key partners and stakeholders
  • Translate operational needs and intelligence into clear technical requirements and specifications for engineering implementation
  • Drive the selection, deployment, and optimization of technical tools and platforms such as DLP, endpoint security platform, to identify, score, and alert on anomalous or high-risk user behavior
  • Partner with Legal and HR to ensure all technical controls and monitoring capabilities are compliant with global privacy laws, company policies, and ethical guidelines
  • Establish and refine the technical incident response and mitigation processes for insider threats
  • Develop metrics and dashboards to track program effectiveness & and technical control performance
  • Develop training content, ensure employees understand the expectations of Acceptable User Policy
What we offer
What we offer
  • Remote-First Work
  • Robust Insurance Benefits
  • Flexible Time Away
  • The Best Teammates
  • Experience Ambassadors
  • Open and Honest Culture
  • Well-Being and Growth
  • Offers Equity
  • Fulltime
Read More
Arrow Right

Financial Investigations Manager

In this role, you will lead end-to-end insider-threat investigations across AML,...
Location
Location
United States , San Francisco; New York
Salary
Salary:
120000.00 - 185000.00 USD / Year
airwallex.com Logo
Airwallex
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5 years conducting insider‑threat investigations in a financial institution, technology company, or similar regulated environment
  • Strong understanding of financial‑crime typologies, data‑privacy regulations, and investigative legal frameworks
  • Advanced data analysis skills
  • proficiency with BigQuery/SQL/Python and data‑visualization tools
  • Excellent written/verbal communication in both English and Chinese
  • ability to work independently within a globally dispersed team
  • high integrity/discretion
Job Responsibility
Job Responsibility
  • Lead end‑to‑end insider‑threat investigations (AML, CTF, anti‑bribery, sanctions, fraud, expense fraud, COI, and related risks)
  • Analyze large, complex datasets to detect patterns, anomalies, and indicators of insider activity
  • Develop and share insider‑threat typologies and intelligence
  • contribute to an intelligence‑driven feedback loop with Operations, Risk Product, and Commercial
  • Advise senior stakeholders
  • produce clear investigative reports and present findings to internal committees and leadership
  • Maintain awareness of evolving threats, best practices, and regulatory requirements relevant to insider risk and financial crime
What we offer
What we offer
  • Offers Equity
  • Offers Bonus
  • medical, dental, and vision insurance
  • a 401(k) plan
  • short-term and long-term disability
  • basic life insurance
  • well-being benefits
  • 20 paid days of vacation
  • 12 paid days of company holidays
  • Fulltime
Read More
Arrow Right

Third Party Risk Manager

A highly motivated and hands-on professional to join the Supply Chain Security (...
Location
Location
Netherlands , Amsterdam
Salary
Salary:
Not provided
levy-professionals.com Logo
Levy Professionals
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Knowledge and experience with setting up projects & deliverables within supply chain security / Third-Party Risk Management (TPRM)
  • Proven experience in executing information security risk assessments
  • Knowledgeable on one or more areas such as security processes, technology architectures, network security, application security, and vulnerability management
  • Experience with the ServiceNow TPRM module is a significant advantage
  • HBO or University degree
  • Excellent stakeholder management skills
  • A strong ability to translate technical risks into business risks and vice versa
  • Hands-on, self-organised, willing to finish and deliver (execution power)
  • Service-oriented professional who enjoys taking on an internal consultancy role
  • The working language within the team is English
Job Responsibility
Job Responsibility
  • Govern and manage IT vendor relationships concerning performance on the security aspects of underlying contractual obligations
  • Execute Vendor Security Risk Assessments and perform necessary follow-up actions, focusing on material risks
  • Ensure that information security risks are identified and managed effectively throughout all stages of the relationship with external vendors
  • Review the applicability and quality level of assurance reports issued by third parties
  • Manage the IT security-related part of vendor contracts, working closely with 2nd line functions such as legal, compliance, and procurement on contractual changes
  • Actively stay up-to-date with emerging cyber security trends, risk, and threat developments, and share this knowledge to help integrate them into the assessment program
  • Help solve security-related questions, take initiative, and escalate in time if needed
  • Signal improvements related to the way of working inside the team and contribute to improving the excellence of the service offering
  • Work according to the DevOps & Agile methodology, improving Supply Chain Security services based on user stories
  • Occasionally investigate and resolve incidents as they occur
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy