Director of UEBA/Insider Risk

Director of UEBA/Insider Risk

Requirements

• Experience implementing security controls in SaaS platforms like Workday, O365, Box.com, SalesForce, etc.
• Experience working with User Behavior products (Securonix) and Splunk.
• Hands on experience with Cloud Access Security Brokers, MCAS, AIP and similar tools.
• Experience leveraging protection technology subject matter expertise to design, build, and implement tools to safeguard from cyber risks for data in use, in motion, and at rest.
• 10+ years of hands-on technical experience combined with at least eight years of strong management experience in a similar technical and business environment.
• BA/BS degree in Computer Information Systems, Computer Science or equivalent experience is required.
• Certifications: CISSP (Certified Information Systems Security Certified Professional), SSCP (Systems Security Certified Practitioner), CISA (Certified Information Systems Auditor), CISM (Certified Information Security Management), CCNA, CCNP, MSCE preferred.
• Extensive experience with architecture design of large-scale data platforms, machine learning, analytics, and data-drive applications
• Experience in DLP information protection technology from both a managerial/strategic level and hands on technical design and implementation
• Expert with Data Protection technologies (CASB, proxy, network DLP, endpoint DLP, data discovery, key management, tokenization, encryption, etc.); seen as the ‘go to’ to person for the toughest technical or leadership challenges.
• Experience in building and managing strong technical teams.
• Proven experience attracting, retaining, and growing top engineering talent across geographically distributed teams.

Responsibilities

• Design, build and drive overall strategy, methodology, and roadmap for the processes, systems, tools, and technologies in support of Insider Risk, User Behavior programs and process to secure our Data assets.
• Manage, support, and oversee the implementation and development of the Insider Risk Lifecycle processes, User Behavior Analytics in support of multiple Identity programs and Data loss prevention mechanisms in our environment.
• Lead teams for fast-growing cloud services to provide next-generation data security for Network and enterprise SaaS applications such as Box, Dropbox, GitHub, Google Apps, Slack, Salesforce and many more.
• Using User Behavioral tooling to build Identity analytics of understanding of HOW and WHY access is being used.
• Enhance and integrate Insider Risk Program outcomes that support assurance of Data Security outcomes.
• Provide engineering and operational leadership to our global team.
• Lead the Insider Risk, User Behavior and DLP analysts and engineering teams to design solutions that improve overall security posture.
• Track and report key performance indicators and metrics Identify gaps in controls, processes, systems and recommend solutions.
• Lead team to apply technical skills to recommend, implement, support, improve, and operate information protection technologies.
• Manage the Information Security team comprised of technical team members and managers from varied disciplines.
• Authorize projects, approve project designs and cost estimates. Report projects’ status and critical issues to IT senior management.
• Set objectives and priorities and ensure the effective allocation and use of department resources.
• Develop and administer department budget with input from work group managers.
• Develop long-range plan for the department and is a key participant in strategic planning for the IT Operations function. Translate strategic goals and priorities into technical strategies and objectives for his/her department.
• Introduce best practices and ensure the timeliness and quality of his/her department’s delivery of products and services.
• Coordinate activities and efforts among different internal organizational groups, customers and vendors.
• Prepare and maintain job descriptions for positions that report to him/her.
• Write and conduct performance reviews, provide ongoing performance feedback. Establish salary budget and approve salary increases. Make hiring decisions.
• Frequently interface with executives inside and outside the company to make operational and project-related decisions, to resolve critical issues, to gather industry and competitive information and to foster a productive professional network.
• Required to perform duties outside of normal work hours based on business needs.
• Results and progress toward goals is periodically reviewed by functional executive.

Preferred Qualifications

• Ability to nurture and support a strong operations culture – customer/service focus excellent technology – high quality implementations – self-motivated innovation and problem-solving.
• Has experience building security products and is well versed with the security landscape.
• Demonstrated ability of establishing and maintaining metrics-based process improvement.
• Demonstrated ability to develop strong partnerships with those outside of your immediate organization.
• Successful track record designing, developing and executing critical complex projects in more than one area of functional expertise.
• Ability to establish and maintain effective working relationships at the senior management level across functional groups and business units. Ability to change the thinking of, or gain acceptance from, others in sensitive situations, using influence and preventing damage to the relationship.