-
Summary
Insider Threat Program Lead
Location: Washington, DC The Insider Threat Lead will design, mature, and oversee insider threat detection, analysis, and investigative support capabilities for a federal enterprise environment. The Lead will integrate user activity monitoring, behavioral analytics, threat intelligence, and investigative workflows to identify and mitigate malicious, negligent, or compromised insider activity.
The ideal candidate possesses experience supporting insider threat programs within federal, intelligence community, law enforcement, or highly regulated environments.
*Contingent upon award Key Responsibilities
• Lead insider threat operations, analytics, and investigative support activities.
• Develop insider threat detection methodologies and behavioral analytics use cases.
• Coordinate with SOC, CTI, HR, legal, counterintelligence, and security stakeholders.
• Develop insider threat monitoring strategies leveraging: o UEBA, o SIEM, o EDR, o DLP, o and identity telemetry.
• Lead investigations involving: o data exfiltration, o privilege misuse, o anomalous behavior, o credential abuse, o and policy violations.
• Develop insider threat reporting, escalation, and case management procedures.
• Conduct threat assessments and risk-based prioritization.
• Support development of insider threat dashboards, metrics, and executive briefings.
• Assist with policy development, governance, and workforce awareness initiatives.
• Participate in oral presentations and technical solution development. Required Qualifications
• 10+ years of cybersecurity, counterintelligence, investigations, or insider threat experience.
• 5+ years supporting insider threat or behavioral analytics programs.
• Experience supporting federal agencies or classified environments.
• Experience with: o UEBA platforms, o SIEM analytics, o DLP, o identity analytics, o and investigative workflows.
• Knowledge of: o NIST insider threat guidance, o behavioral analytics, o digital forensics, o and investigative methodologies.
• Strong briefing and stakeholder coordination skills. Preferred Certifications
• CISSP
• CISM
• GCFE
• GCFA
• CIPP
• Insider Threat Program Manager certifications
• Behavioral analytics or fraud investigation certifications -
Job Description
Insider Threat Program Lead
Location: Washington, DC The Insider Threat Lead will design, mature, and oversee insider threat detection, analysis, and investigative support capabilities for a federal enterprise environment. The Lead will integrate user activity monitoring, behavioral analytics, threat intelligence, and investigative workflows to identify and mitigate malicious, negligent, or compromised insider activity.
The ideal candidate possesses experience supporting insider threat programs within federal, intelligence community, law enforcement, or highly regulated environments.
*Contingent upon award Key Responsibilities
• Lead insider threat operations, analytics, and investigative support activities.
• Develop insider threat detection methodologies and behavioral analytics use cases.
• Coordinate with SOC, CTI, HR, legal, counterintelligence, and security stakeholders.
• Develop insider threat monitoring strategies leveraging: o UEBA, o SIEM, o EDR, o DLP, o and identity telemetry.
• Lead investigations involving: o data exfiltration, o privilege misuse, o anomalous behavior, o credential abuse, o and policy violations.
• Develop insider threat reporting, escalation, and case management procedures.
• Conduct threat assessments and risk-based prioritization.
• Support development of insider threat dashboards, metrics, and executive briefings.
• Assist with policy development, governance, and workforce awareness initiatives.
• Participate in oral presentations and technical solution development. Required Qualifications
• 10+ years of cybersecurity, counterintelligence, investigations, or insider threat experience.
• 5+ years supporting insider threat or behavioral analytics programs.
• Experience supporting federal agencies or classified environments.
• Experience with: o UEBA platforms, o SIEM analytics, o DLP, o identity analytics, o and investigative workflows.
• Knowledge of: o NIST insider threat guidance, o behavioral analytics, o digital forensics, o and investigative methodologies.
• Strong briefing and stakeholder coordination skills. Preferred Certifications
• CISSP
• CISM
• GCFE
• GCFA
• CIPP
• Insider Threat Program Manager certifications
• Behavioral analytics or fraud investigation certifications -
ABOUT THE COMPANY
-
-
Government Careers
Show moreGovernment jobs offer stability, competitive benefits, and the chance to make a meaningful impact on your community and country.
Whether you’re starting your career or seeking new opportunities, these roles provide pathways for growth, security, and service.
Explore positions across a wide range of fields and take the first step toward a rewarding future in public service.
-