Insider Threat Manager, Information Security - 163701

May 24, 2022
Austin, United States
... Not specified
... Senior
Full time
... Office work


What you do at AMD changes everything 
 

At AMD, we push the boundaries of what is possible.  We believe in changing the world for the better by driving innovation in high-performance computing, graphics, and visualization technologies – building blocks for gaming, immersive platforms, and the data center. 
 

Developing great technology takes more than talent: it takes amazing people who understand collaboration, respect, and who will go the “extra mile” to achieve unthinkable results.  It takes people who have the passion and desire to disrupt the status quo, push boundaries, deliver innovation, and change the world.   If you have this type of passion, we invite you to take a look at the opportunities available to come join our team.
 

Insider Threat Manager, Information Security – 163701

 

Cyber Operations is the central nervous system for Enterprise Information Security, and is responsible for monitoring, detecting, categorizing, analyzing, and initiating response to security incidents, both from outside as well as from inside the company.

 

THE ROLE

As the Insider Threat Manager you will manage the company-wide strategy for Information Security and lead a team of experts who are tasked with identifying, investigating, and mitigating both unintentional and intentional threats from insiders. You will develop processes for identifying and responding to risk from errors and mistakes; from unwitting insiders who unknowingly facilitate an external threat actor; and yes, complicit insiders that would willfully harm the company from within.

 

 You will approach insider risk from a proactive perspective, identifying risk factors to prevent or mitigate threats before they materialize; as well as from a reactive perspective, investigating information exposures to identify and address their origin. You will have a high degree of freedom (within CSIRT best practices and the AMD incident response model) to investigate novel and complex threats. You will develop conceptual and technical detection methods tailored to the various forms of accidental, unwitting, and intentional risk; then will collaborate with teams across the enterprise including information security, information technology, HR, Legal, and business units. This role requires a high degree of judgment and discretion to seek out risk while at the same time protecting the subjects of investigation from undue harm.
 

THE PERSON

The ideal candidate will possess an insatiable curiosity to come up with ways inside access can cause harm, whether or not intentional. You understand social engineering and behavioral psychology, and how technology and human behavior come together to put company assets at risk. You are detail-oriented, skeptical but not cynical, able to discern between risky behavior and risky intent. You are an excellent communicator, comfortable in front of technology SMEs and company executives, adept at developing and strengthening partnerships with teams across the enterprise.  More than that, you are a leader, skilled at building a vision and staffing a team to achieve that vision.

 

KEY RESPONSIBILITIES

  • Develop and promote a strategic vision for identifying and addressing insider threat.
  • Assemble a team of expert threat analysts, through hiring and training/development. You will determine the skills and expertise you need to deliver your mission, and find the right people to accomplish that goal.
  • Develop detection methods and investigation processes to identify risky activity, and confirm or refute actual threat. You will lead threat modeling exercises to develop personas around which to build DLP use cases.
  • Work backward from confirmed information exposures, to identify the source and/or the cause; then collaborate with appropriate subject matter experts to recommend preventive/deterrent controls and corrective actions.
  • Incident Commander with experience handling sensitive/need-to-know incidents. You will understand CSIRT best practices and the AMD incident response model, and will adapt both as appropriate to resolve specific incidents. You will coordinate with external teams to get the support needed for incident closure.
  • Collaborate with technical and business experts from partner organizations including IT, Engineering, Finance, Audit/Compliance, HR/Legal, Corporate Investigations, and business units.
  • Collaborate with the Security Awareness team to use insider threat capabilities and appropriately-redacted case studies to educate employees and deter risky behaviors.
  • Act as mentor and lead for other team members.

 

PREFERRED EXPERIENCE

  • Combined minimum of 5 years' work experience in domains within or adjacent to insider risk, such as but not limited to Security and Risk Management, Digital Forensics, Behavioral Psychology, Threat Modeling, Fraud Prevention, and Data Protection; preferably in a large enterprise environment.
  • Proven ability to build and manage a team of subject matter experts
  • Previous experience as an insider threat investigator, preferably in a leadership capacity.
  • Experience in working with a geographically diverse team in multiple time zones around the globe
  • Deep understanding of the MITRE ATT&CK matrix, with demonstrated experience building use cases and SOPs around the TTPs most relevant to your business.
  • Expert level understanding of common and emerging security threats and vulnerabilities, and demonstrated ability to relate emerging threats to relevant TTPs and execute unstructured hunts, with or without specific IOCs.
  • Proficient technical writing skills (documenting processes and procedures);
  • Ability to solve problems and work through ambiguity and uncertainty;
  • Strong communication skills and the ability to explain complex threats clearly to audiences of varying backgrounds.
  • Working knowledge of security-related regulation and legislation
  • Self-motivated and proven ability to deliver end-to-end solutions in a high-tech and fast moving industry.
  • Industry security certifications such as CISSP, ITPM, and/or relevant GIAC certifications.

 

ACADEMIC CREDENTIALS

  • BS/MS in EE, CS, or similar.
     

LOCATION

Austin, TX


AMD does not accept unsolicited resumes from headhunters, recruitment agencies or fee based recruitment services. AMD and its subsidiaries are equal opportunity employers and will consider all applicants without regard to race, marital status, sex, age, color, religion, national origin, veteran status, disability or any other characteristic protected by law. EOE/MFDV


Requisition Number: 163701
Country: United States State: Texas City: Austin
Job Function: Information Technology


#LI-RJ1

 

Benefits offered are described here.

AMD does not accept unsolicited resumes from headhunters, recruitment agencies or fee based recruitment services. AMD and its subsidiaries are equal opportunity employers. We consider candidates regardless of age, ancestry, color, marital status, medical condition, mental or physical disability, national origin, race, religion, political and/or third party affiliation, sex, pregnancy, sexual orientation, gender identity, military or veteran status. Please click here for more information.

EMPLOYEE SIZE
5000 + employees
COMPANY JOBS
2545 available jobs
WEBSITE