Jobeedo
Z5

Information Protection Lead ( Insider Threat / Risk Management Expert)

Z5
Pune6-10 LPA Posted 11 Apr 2025
FULL TIME
Risk Assessment
Cloud Security
Network Security

Job Description

Job description

We are seeking a highly motivated and experienced professional to build and lead our Insider Threat & Risk Management team within the Information Security group. This role is critical in identifying, assessing, and mitigating insider risks to protect our firms critical data, intellectual property, and operational integrity.

The Lead will develop and execute an insider threat program, leveraging behavioral analytics, security tools, and cross-functional collaboration to proactively detect and respond to threats.

What You'll Do:

  • Program Development & Leadership: Design and implement a comprehensive insider threat and risk management program aligned with business and security objectives.
  • Threat Detection & Response: Utilize data analytics, behavioral indicators, and security tools (e.g., UEBA, DLP, SIEM) to monitor and investigate potential insider threats.
  • Risk Assessment & Mitigation: Conduct insider risk assessments, define detection methodologies, and recommend mitigation strategies.
  • Collaboration & Stakeholder Engagement: Work closely with Legal, HR, IT, Security Operations, and Compliance teams to develop policies, response frameworks, and training initiatives.
  • Incident Handling & Investigations: Lead investigations into potential insider threats, ensuring timely response and remediation while adhering to privacy and legal considerations.
  • Security Awareness & Training: Drive awareness programs to educate employees and leaders about insider risks and best practices.
  • Regulatory & Compliance Alignment: Ensure the program aligns with industry standards (e.g., NIST, ISO 27001, SOC2) and regulatory requirements.
  • Continuous Improvement: Regularly assess and refine the program to adapt to evolving threats and business needs.

What You'll Bring:

  • Bachelors degree in information security, Cybersecurity, or related field.
  • 6+ years of experience in information security, with a focus on information protection, DLP and data protection.
  • Strong understanding of information security frameworks, regulations, and standards (e.g., ISO 27001, NIST, GDPR).
  • Familiarity with network security, endpoint protection, and cloud security principles.
  • Ability to balance proactive prevention with reactive incident response.
  • High ethical standards and discretion when handling sensitive information.
  • Demonstrated ability to build and lead teams, with excellent communication and interpersonal skills.
  • Experience with security technologies such as data classification, DLP, encryption, SIEM, and access controls.
  • Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent.
  • Excellent analytical and problem-solving skills, with the ability to assess risks and recommend effective solutions.
  • Strong communication and interpersonal skills to collaborate with various teams and stakeholders.
  • Proven track record of successfully implementing and managing information protection programs.

Role: Risk Management & Compliance - Other

Industry Type: Analytics / KPO / Research

Department: Risk Management & Compliance

Employment Type: Full Time, Permanent

Role Category: Risk Management & Compliance - Other

Education

UG: Any Graduate

PG: Any Postgraduate

Key Skills

Skills highlighted with '' are preferred keyskills

information security

Threat Detectioncloud securitynetwork securityendpoint protectionSIEMDLPThreat Management

Required Skills

Risk AssessmentCloud SecurityNetwork Security
Join WhatsApp Channel