CrawlJobs Logo
Marriott Bonvoy Logo Marriott Bonvoy · IT - Administration

Senior Manager, Insider Threat Incident Response

United States, Bethesda Employment contract 110400.00 - 184300.00 USD / Year · Job Posted June 29, 2026
Apply Position
Job Link Share

Job Description

Responsible for operating and evolving a framework for insider risk incident response and mitigation supporting the Global Insider Threat Management Program. Duties will include overseeing incident response to insider incidents and collaborating with multiple areas of the business, including managers, human resources, franchise services, legal, investigations, physical security, SOC/CIRT, and information technology groups. The Sr. Manager will manage cradle-to-grave incident management through problem and vulnerability mitigation through additional controls, processes and training. This includes assisting with program metrics (KPI/KRI) to ensure the advancement of the program across the enterprise, while mitigating human risk to the organization.

Job Responsibility

  • Operate and improve an existing process to respond and mitigate insider threats
  • Conduct complex, confidential investigations into potential insider threats involving data exfiltration, sabotage, fraud, or behavioral anomalies in partnership with CIRT/SOC, Department of Investigations, HR, Legal teams and others
  • Responsible for gathering relevant intelligence regarding insider threat tactics, techniques, and procedures
  • Contribute to the continuously evolving the Global Insider Threat Management Program roadmap, technology stack, and governance
  • Act as a technical subject matter expert to enhance adjacent programs such as incident response, threat hunting, and custom detection development
  • Develop and report on key metrics of the insider threat management program
  • Perform analysis of incident trends and outcomes for Insider Threat hunt pivoting and business communications to address identified issues
  • Manage the analysis of artifacts to determine potential specific adversary and motives
  • Respond to crisis or urgent situations within the pertinent domain to mitigate immediate and potential threats and comply with relevant data breach laws
  • Conduct assessments of threats and vulnerabilities, determine deviations from acceptable configurations or enterprise or local policy, assess the level of risk, and develop and/or recommend and operationalize appropriate mitigation countermeasures
  • Identify and assess the capabilities and activities of
  • produce findings to help initialize or support law enforcement and counterintelligence investigations or activities
  • Synthesizes and places regulatory and intelligence information in context
  • draws insights about the possible implications

Requirements

  • Bachelor's degree or equivalent experience/certification
  • 7+ years' experience in insider threat/risk, or information security that includes cross-functional incident response, risk assessments, threat mitigation, and/or investigative support
  • Experience conducting interviews of witnesses, subjects of wrongdoing, and producing written documentation for legal and HR counterparts
  • Strong computer use skills, including Microsoft Outlook, Word, Excel, SharePoint and other applications

Nice to have

  • Current certifications, including Certified Insider Threat Program Manager, Certified Insider Threat Vulnerability Assessor, Certified Threat Manager
  • Project management skills
  • Excellent communication skills and problem-solving ability
  • Demonstrated ability to work independently and with others
  • Ability to manage the details and compliance with standards and expectations
  • Prior experience with SIEM, UEBA, and DLP

What we offer

  • 401(k) plan
  • stock purchase plan
  • discounts at Marriott properties
  • commuter benefits
  • employee assistance plan
  • childcare discounts
  • medical
  • dental
  • vision
  • health care flexible spending account
  • dependent care flexible spending account
  • life insurance
  • disability insurance
  • accident insurance
  • adoption expense reimbursements
  • paid parental leave
  • educational assistance
Marriott Bonvoy - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Senior Manager, Insider Threat Incident Response

8 matching positions

Risk Manager, Insider Threat

The Risk Manager, Insider Threat represents a unique opportunity for those with ...
Location
Location
United States , McLean; Richmond; Plano; New York
Salary
Salary:
179400.00 - 245600.00 USD / Year
capitalone.com Logo
Capital One
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree or military experience
  • At least 3+ years of experience in the financial services industry or highly regulated industry (healthcare, energy, telecommunications)
  • At least 3+ years of experience in Insider Threat, including identifying imposters and fraudsters
  • At least 2+ years of experience in Incident Response within a Security Operations Center
  • At least 2+ years of experience with User and Entity Behavior Analytics (UEBA) or Security Incident and Event Management (SIEM) platforms
  • At least 2+ years of experience defining or tuning rules in UEBA and SIEM platforms
  • At least 2+ years of consulting, audit, or risk management experience
Job Responsibility
Job Responsibility
  • Provide advisory, oversight, and effective challenge to the 1st Line of defense
  • Provide technical assessments of cybersecurity controls design and effectiveness
  • Draft assessments for senior management and other stakeholders, to include regulatory agencies and the Board of Directors, as needed
  • Stay current on emerging cyber threats and potential implications to the firm
  • Collaborate effectively with colleagues, stakeholders, and leaders across multiple organizations to achieve objectives
  • Coordinate program-related activities and deliverables to ensure effective collaboration within the team and across stakeholder groups
  • Proven track record of leading, mentoring, and influencing others
  • Ability to communicate clearly in written and verbal form
  • Ability to manage multiple projects while maintaining superior results
  • Ability to work individually and cross-functionally
What we offer
What we offer
  • comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being
  • performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI)
  • Fulltime
Read More
Arrow Right

Senior Security Engineer, Threat Intelligence

As a Senior Security Engineer specializing in Threat Intelligence on the Detecti...
Location
Location
United States; Canada
Salary
Salary:
156000.00 - 210000.00 USD; CAD / Year
https://www.1password.com Logo
1Password
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in technical security engineering roles
  • 3+ years focused on threat intelligence
  • Strong understanding of modern attacker TTPs, including cloud-native, SaaS, identity-focused, and insider-adjacent threat patterns
  • Experience developing intelligence requirements, prioritization frameworks, analysis workflows, and emulation scenarios
  • Hands-on experience with scripting or automation (e.g., Python, APIs, SOAR workflows) to improve operational efficiency and cross-team execution
  • Ability to produce concise, high-quality written intelligence, including executive-level summaries
  • Familiarity with security telemetry, logs, and investigative workflows used by detection and response teams
  • Willingness to participate in an on-call rotation and support security incidents during high-severity or off-hours events
Job Responsibility
Job Responsibility
  • Research, track, and assess the threat landscape by analyzing relevant threat actors, campaigns, and behaviors affecting 1Password’s attack surface, identity systems, brand, third-party ecosystem, and insider risk scenarios
  • Analyze and prioritize information to develop actionable intelligence that informs detection coverage, hunting activities, and response readiness
  • Partner with Detection Engineering to design and validate threat-based detections, including through adversary emulation, simulation, or controlled testing
  • Use automation and scripting to improve how threat intelligence is collected, enriched, distributed, and actioned across Security workflows
  • Curate and deliver threat intelligence reporting for both technical teams and executive stakeholders
  • Build and maintain repeatable threat intelligence processes, workflows, and documentation that scale with the Detection & Response program
  • Participate directly in security operations by triaging alerts, supporting investigations, managing incidents, and contributing to post-incident learning
What we offer
What we offer
  • Health benefits
  • Dental benefits
  • 401k/RRSP
  • Generous paid time off
  • Equity grant
  • Participation in incentive programs
  • Maternity and parental leave top-up programs
  • RSU program for most employees
  • Retirement matching program
  • Free 1Password account
  • Fulltime
Read More
Arrow Right

Senior Security Monitoring and Response Analyst

Mastercard powers economies and empowers people in 200+ countries and territorie...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
mastercard.com Logo
Mastercard
Expiration Date
November 30, 2026
Flip Icon
Requirements
Requirements
  • Direct experience in a Security Operations Center (SOC)
  • Experience working in an incident response or digital forensics role
  • Demonstrated experience with cybersecurity related disciplines, not limited to: e.g. vulnerability research, network traffic analysis, static and dynamic malware analysis, digital forensics, memory analysis, web-security and threat hunting.
Job Responsibility
Job Responsibility
  • Providing monitoring coverage, triage and investigation of escalated alerts (T3) from various sources
  • Responding to cybersecurity incidents through critical thinking, defining, and applying playbook responses
  • Applying root cause analysis and lessons learned to improve security posture and processes
  • Working closely with security engineering, threat intelligence, insider threat and a managed SOC service, providing critical feedback to improve and automate monitoring and response
  • Strong collaboration with the team to develop knowledge base, playbook and use cases
  • Proactive initiatives and project-related support by providing subject matter expertise
  • Ability to work independently as well as collaborate with different teams to assess impact, mitigate risk, and resolve security incidents.
  • Fulltime
Read More
Arrow Right

Senior Security Engineer

The Senior Security Engineer is a hands-on technical expert responsible for desi...
Location
Location
United States , Houston
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong hands-on experience securing Microsoft enterprise environments, including: Microsoft Entra ID identity governance and administration
  • Privileged Identity Management (PIM) implementation and operations
  • Endpoint and identity protection using Microsoft Defender XDR
  • Endpoint management and hardening with Microsoft Intune
  • Data protection and monitoring using Microsoft Purview including: Data Loss Prevention (DLP), Insider Risk Management / Insider Threat monitoring
  • Deep operational and engineering experience with: CyberArk Privileged Access Manager
  • Experience designing and managing enterprise PKI environments including: Microsoft Active Directory Certificate Services, Certificate lifecycle management platform (Keyfactor, Secitgo, etc), TLS certificate automation and renewal processes
  • Hands-on engineering experience with enterprise network security platforms: F5 BIG-IP Local Traffic Manager (LTM), F5 Advanced WAF / Web Application Firewall configuration, Load balancing architecture and traffic management, High availability and disaster recovery design for network security platforms, Cisco Secure Access – Web Security
  • Strong foundational knowledge in: Enterprise networking (routing, segmentation, firewalls, load balancing), Windows enterprise environments, Active Directory architecture and security, Authentication protocols and identity infrastructure, VMware ESXi Architecture & operation
  • Strong capability in security operations including: Threat hunting, Incident detection and response, Incident containment and remediation, Root cause analysis and post-incident improvements
Job Responsibility
Job Responsibility
  • Designing, implementing, and operating security technologies in mid-size Enterprise environment
  • Engineering, maintaining, and continuously improving enterprise security controls across identity, endpoint, network, and application security domains
  • Collaborating closely with infrastructure, networking, and development teams to ensure security controls are seamlessly integrated into enterprise systems and services
  • Strengthening and advancing the organization’s overall security posture
  • Architecting and troubleshooting production-grade deployments
  • Leading investigations and coordinating response actions
What we offer
What we offer
  • Medical, vision, dental, and life and disability insurance
  • Enrollment in company 401(k) plan
Read More
Arrow Right

Facility Security Officer (FSO)

Cryptic Vector is looking for an experienced Facility Security Officer (FSO)/Con...
Location
Location
United States , Atlanta
Salary
Salary:
Not provided
crypticvector.com Logo
Cryptic Vector
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years’ experience in an AFSO, FSO, or CPSO role
  • Bachelor’s degree or 3 years of directly applicable real-world or military service is required
  • Experience with US Government programs such as the Defense Information System for Security (DISS), Electronic Questionnaires for Investigations Processing (e-QIP), and National Industrial Security System (NISS)
  • Must have a working knowledge of: 32 Code of Federal Regulation Part 117, NISPOM Rule
  • DoD Manuals 5200.01 volumes 1-4, 5105.21 volume 3, 5205.07, and 5205.11
  • DoDI 5200.48 and NIST SP 800-171, Controlled Unclassified Information (CUI)
  • (ICD) intelligence community directives 703, 704, and 705
  • DoD Cybersecurity Maturity Model Certification (CMMC)
  • Excellent verbal and written communication skills
  • Must be proactive, able to perform in a dynamic environment and work independently
Job Responsibility
Job Responsibility
  • Manage all industrial security program functions, including physical and personnel security, investigations, education, operations security (OPSEC), and communications security (COMSEC) operations
  • Serve as the Contractor Program Security Officer (CPSO) for one or more projects
  • Serve as the primary COMSEC Custodian
  • Coordinate with the Information Systems Security Manager (ISSM) to ensure compliance with Risk Management Framework (RMF) and Controlled Unclassified Information (CUI) directives
  • Ensure compliance with applicable security directives
  • Comply with all corporate policies and procedures
  • Resolve security issues, identify changes to government policy, and update the corporate security program based on government policy changes
  • Conduct and maintain Insider Threat Program and serve as the Insider Threat Program Senior Official (ITPSO)
  • Conduct self-inspections for all classified programs and report results to senior leadership
  • Provide security input and draft security responses in proposals
What we offer
What we offer
  • 100% Company-paid medical insurance for employees
  • 100% Company-paid dental and vision insurance
  • Competitive salary and bonus
  • 25% 401k company contribution
  • Generous PTO, parental leave, bereavement leave, and volunteer time
  • Flexible work hours
  • Tuition reimbursement, training allowance, internal mobility opportunities
  • Free beverages and snacks, Donut Fridays, monthly social events
  • Fulltime
Read More
Arrow Right

Senior Data Loss Prevention (DLP) Analyst

The Senior Data Loss Prevention (DLP) Analyst is a subject matter expert respons...
Location
Location
United States , San Jose
Salary
Salary:
152000.00 - 180000.00 USD / Year
archer.com Logo
Archer Aviation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Security, Computer Science, or related fields
  • 3+ years of experience in cybersecurity, with a focus on data loss prevention, insider threat, or data protection
  • Deep technical expertise in DLP solutions (e.g., Microsoft Purview, Cyberhaven, Digital Guardian, Netskope)
  • Experience with data discovery, classification, and protection technologies
  • Strong analytical, investigative, and incident response skills
  • Familiarity with SIEM tools and user behavior analytics (UBA)
  • Excellent written and verbal communication skills
  • ability to convey technical concepts to non-technical stakeholders
  • Ability to work collaboratively in cross-functional teams and manage multiple priorities
Job Responsibility
Job Responsibility
  • Design, implement, and maintain enterprise DLP technology solutions across endpoints, servers, cloud, and network environments
  • Act as a subject matter expert for DLP tools (Cyberhaven, Digital Guardian, Case Management)
  • Develop and refine DLP policies and technical architecture diagrams
  • Oversee DLP endpoint agent deployment, configuration, and maintenance
  • Lead data discovery and classification efforts using DLP and information protection tools
  • Collaborate with privacy, engineering, and cybersecurity teams to ensure data is classified and protected
  • Monitor and analyze DLP alerts to detect and respond to potential data loss or exfiltration incidents
  • Investigate and resolve incidents involving the theft or loss of sensitive data
  • Manage insider risk using dedicated tools
  • Tune DLP policies and rules to reduce false positives and enhance detection accuracy
  • Fulltime
Read More
Arrow Right
New

CA Staff Pharmacist

Location
Location
United States , Red Bluff
Salary
Salary:
65.00 - 81.00 USD / Hour
https://www.cvshealth.com/ Logo
CVS Health
Expiration Date
August 17, 2026
Flip Icon
Requirements
Requirements
  • Active Pharmacist License in the state where the Store is located
  • Active National Provider Identifier (NPI)
  • Not on the DEA Excluded Parties list
  • Regular and predictable attendance, including nights and weekends
  • Ability to complete required training within designated timeframe
  • Attention and Focus: Ability to concentrate on a task over a period of time
  • Ability to pivot quickly from one task to another to meet patient and business needs
  • Ability to confirm prescription information and label accuracy, ensuring patient safety
  • Customer Service and Team Orientation: Actively look for ways to help people, and do so in a friendly manner
  • Notice and understand patients’ reactions, and respond appropriately
Job Responsibility
Job Responsibility
  • Living our purpose by helping to manage and improve patient health through safe and appropriate dispensing, counseling, and immunizing practices
  • Taking direction from the Pharmacy Manager and overseeing the pharmacy as their proxy during bench shifts without overlap, including strengthening pharmacy performance measures through effective coaching and consistent follow-up of pharmacy team members and providing feedback about pharmacy team performance to the Pharmacy Manager as needed
  • Assumes Pharmacy Manager’s day-to-day duties when serving as the only or the primary pharmacist-on-duty
  • Supporting safe and accurate prescription fulfillment by following—and directing the pharmacy team to follow—pharmacy workflow procedures and utilizing the safety guardrails at every workstation
  • Contributing to positive patient experiences by showing empathy and genuine care, and coaching the pharmacy team to do the same: demonstrating compassionate care, collaborating with the patient’s total healthcare team, and proactively resolving insurance and/or medication issues
  • Proactively offering and delivering immunizations to keep patients healthy
  • engaging and supporting Pharmacy Technicians to learn to immunize
  • Supporting the effective management of pharmacy inventory by following—and coaching the pharmacy team to follow—all inventory best practices, with a special focus on protecting cold chain products for our patients and our business
  • Partnering with the Pharmacy Manager to ensure pharmacy operations are compliant with the appropriate state Board of Pharmacy regulations at all times
  • escalating issues or concerns to the Pharmacy Manager and/or Rx DL for timely resolution if/as needed
What we offer
What we offer
  • Medical, dental, and vision coverage
  • Paid time off
  • Retirement savings options
  • Wellness programs
  • Bonus, commission or short-term incentive program
  • Fulltime
Read More
Arrow Right
New

Pharmacy Technician

We’re building a world of health around every individual — shaping a more connec...
Location
Location
United States , Canton
Salary
Salary:
17.00 USD / Hour
https://www.cvshealth.com/ Logo
CVS Health
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Must comply with any state board of pharmacy requirements or laws governing the practice of pharmacy, which includes but is not limited to, age, education, and licensure/certification
  • If the state board of pharmacy does not address or mandate a minimum age requirement, must be at least 16 years of age
  • If the state board of pharmacy does not address or mandate a minimum educational requirement, must have a high school diploma or equivalent, or be actively enrolled in high school or high school equivalency program
  • State-level licensure and national certification requirements vary by state
  • Regular and predictable attendance, including nights and weekends
  • Ability to complete required training within designated timeframe
  • Attention and Focus: Ability to concentrate on a task over a period of time
  • Ability to pivot quickly from one task to another to meet patient and business needs
  • Ability to confirm prescription information and label accuracy, ensuring patient safety
  • Customer Service and Team Orientation: Actively look for ways to help people, and do so in a friendly manner
Job Responsibility
Job Responsibility
  • Living our purpose by following all company SOPs at each workstation to help our Pharmacists manage and improve patient health
  • Following pharmacy workflow procedures at each pharmacy workstation (i.e., production, pick-up, drive-thru, and drop-off) for safe and accurate prescription fulfillment
  • Contributing to positive patient experiences by showing empathy and genuine care: creating heartfelt and personalized moments while serving patients at pick-up, drive-thru, and over the phone
  • keeping patients healthy by offering immunizations and other services at the register and over the phone
  • and demonstrating compassionate care by solving or escalating patient problems
  • Completing basic inventory activities, as permitted by law, and as directed by the pharmacy leadership team, such as accurately putting away medication deliveries and completing cycle counts, returns-to-stocks, waiting bin inventories, etc.
  • Contributing to a high-performing team, embracing a growth mindset, and being receptive to feedback
  • actively seeking opportunities to expand clinical and technical knowledge needed to better assist patients
  • Remaining flexible for both scheduling and business needs, while contributing to a safe, inclusive, and engaging team dynamic
  • voluntarily traveling to stores in the market to work shifts as needed by the business
What we offer
What we offer
  • Medical, dental, and vision coverage
  • Paid time off
  • Retirement savings options
  • Wellness programs
  • Fulltime
Read More
Arrow Right