Senior Manager, Insider Threat Investigations

When you join Verizon

You want more out of a career. A place to share your ideas freely — even if they’re daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love — driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together — lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife.

 What you'll be doing:

Verizon is looking for an innovative and driven leader with experience leading an insider threat security operations team. This role is responsible for managing a 24x7x365 geographically dispersed team who detects, analyzes, and responds to suspicious activities and potential insider threats. In this role, you will be responsible for maturing and enhancing our existing insider threat defense capabilities by collaborating on efforts to design and implement improved processes and technologies within Verizon's unique security landscape. You will work closely with key cross-functional stakeholders to develop a program tailored to utilizing proactive and mitigating measures to detect and respond to potential threats to Verizon’s infrastructure, employees, and intellectual property.  

This role is a part of Verizon Cyber Defense’s Insider Threat Operations (ITO) team under the Chief Information Security Office (CISO). The mission of the ITO team is to protect Verizon by preventing, detecting, and investigating all insider threats by malicious or negligent employees, contractors and vendors with minimal disruption to the line of business.

Primary Job Duties and Responsibilities:

• Overseeing day-to-day operations for insider threat investigations, ensuring the case management and alert development life cycles are followed or adjusted when necessary. 

• Ensuring continuous enterprise-wide insider threat monitoring is conducted within the designated detection and response times. 

• Responsible for accurate and complete investigations and ensuring tasks like lessons learned, root cause analysis, and risk assessments related to insider threat gaps or risks are mitigated.   

• Reviewing and providing feedback to analysts about case work and escalations.

• Establishing enterprise-level KPIs to ensure effectiveness, efficiency, and overall customer satisfaction. This includes defining key metrics and trends in the day-to-day operations and implementing changes to support the reduction of time to detect, respond, and remediate key technical security risks.

• Assisting with the development and implementation of global insider threat use cases surrounding data exfiltration, internal fraud, privilege escalations, as well as IT sabotage for desktops, laptops, servers, mobile, virtual and multi-cloud environments.

• Researching industry trends and best practices in order to ensure alerting and case management processes are evolving with the cybersecurity field. 

• Coordinating and leading meetings with relevant stakeholders, business partners, and vendors when necessary.

• Collaborating on efforts to implement mitigating controls to support the growth and maturity of ITO’s enhanced monitoring capabilities of critical data and high valued assets. 

• Supporting internal and external audit reviews. This includes producing and presenting artifacts and executive summaries to support the overall team’s mission. 

• Producing executive-level operational read-outs, metrics, and case reviews that accurately capture the effectiveness of ITO’s Data Security & Prevention team. This includes leveraging internal data, threat trends, and operational metrics to clearly communicate the Verizon landscape to senior executives.

• Executing long-term and short-term strategies goals and ensuring proper updates are socialized to appropriate stakeholders. 

• Developing and setting clear goals and team expectations to successfully achieve organizational objectives. This includes defining key metrics and trends in the day-to-day operations and implementing changes to support the reduction of time to detect, respond, and remediate key technical security risks.

• Conducting team performance management activities like conducting reviews, check-ins and disciplinary action, as needed.

• Motivating, mentoring, and advising analysts on how to build and maintain skills and techniques needed to produce quality and consistency analysis. This includes hosting focused training sessions to teach new and specialized skill sets.

• Promoting an environment of collaboration and individual accountability when it comes to problem-solving, decision-making, and process improvements. 

What we're looking for:

You'll need to have:

• Bachelor’s Degree and six or more years of relevant work experience.

• Six or more years of relevant experience required, demonstrated through one or a combination of job-related work experience, military experience, or specialized training or education (non-collegiate).

• Experience with managing employees through change, autonomy and empowerment.

• Previous experience managing projects or teams to develop, execute and complete assignments.

• Previous experience leading security operations, insider threat analysis and/or mitigation programs. 

• Experience writing and presenting high and low level security reports and briefings for insider threat investigations. 

• Experience with implementation of cybersecurity, network defense, and investigative frameworks (such as NIST CSF, ISO 27000 series, MITRE ATT&CK, Lockheed Martin Cyber Kill Chain, etc.) into network defense processes.

Even better if you have one or more of the following:

• Previous experience managing a 24x7x365 geographically dispersed team that focuses on insider threats. 

• Knowledge of SOC or similar environment methodology, including threat monitoring, intrusion detection, analysis, threat determination, incident handling and remediation tracking.

• Experience defending against insider threats by leveraging tools like UEBA, DLP and OSINT.

• Experience interpreting data from network security tools and infrastructure technologies such as SIEM, firewall, proxies, IPS/IDS devices, full packet capture (FPC), and email platforms.

• Knowledge of the cyber threat landscape, including types of adversaries, campaigns, and the motivations that drive them.

• Experience working with analysis techniques, identifying indicators of compromise, threat hunting, and identification of intrusions and potential incidents.

• Experience integrating subject profiling and criminal examination best practices into investigative procedures to supplement technical evidence.

• Understanding of system development life cycle (waterfall & agile) experience.

• Certifications like: CERT's ITPM, Network+, Security+, CISSP, CISM, CFE, CISA, CPCI, CCP, and/or Six Sigma Greenbelt or Lean certification.

If Verizon and this role sound like a fit for you, we encourage you to apply even if you don’t meet every “even better” qualification listed above.

Scheduled Weekly Hours

Equal Employment Opportunity 

Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to veteran status, disability or other legally protected characteristics.

Benefits and Compensation

Our benefits are designed to help you move forward in your career, and in areas of your life outside of Verizon. From health and wellness benefit options including: medical, dental, vision, short and long term disability, basic life insurance, supplemental life insurance, AD&D insurance, identity theft protection, pet insurance and group home & auto insurance. We also offer a matched 401(k) savings plan, stock incentive programs, up to 8 company paid holidays per year and up to 6 personal days per year, parental leave, adoption assistance and tuition assistance, plus other incentives, we’ve got you covered with our award-winning total rewards package. Depending on the role, employees have the opportunity to receive compensation in the form of premium pay such as overtime, shift differential, holiday pay, allowances, etc. Newly hired employees receive up to 15 days of vacation per year, which grows with additional service. For part-timers, your coverage will vary as you may be eligible for some of these benefits depending on your individual circumstances.