Job Description

The Principal Cyber Insider Risk Lead is responsible for leading the enterprise insider risk and e-Discovery program, with a strong emphasis on data protection, regulatory compliance, and advanced threat detection. This role leverages Microsoft security technologies and collaborates across Legal, HR, Compliance, and IT to safeguard sensitive data, investigate insider threats, and ensure defensible e-Discovery practices.

This role is hybrid for Charlotte, NC only.

KEY RESPONSIBILITIES

Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time.

Data Protection & Privacy

• Implement and enforce data protection policies and controls to prevent unauthorized access, misuse, or exfiltration of sensitive data.
• Ensure compliance with global data privacy regulations (e.g., GDPR, CCPA, HIPAA).
• Partner with Data Governance and Privacy teams to align insider risk and e-Discovery efforts with enterprise data protection strategy.
• Monitor and report on data handling practices, retention schedules, and access controls.

IRM Triage & Investigations

• Lead triage of IRM alerts leveraging AI to enhance fidelity and automate alert triage.
• Lead investigations into insider-related incidents with discretion and professionalism.
• Coordinate cross-functional response efforts and document findings for executive and legal review.

Risk Assessment & Mitigation

• Conduct risk assessments to identify insider vulnerabilities and recommend mitigation strategies.
• Develop and maintain playbooks and workflows for insider threat, e-Discovery,
• and data protection scenarios.

Training & Awareness

• Promote awareness and training programs around insider risk, data governance, and secure collaboration.
• Provide guidance on secure data handling and retention practices.

Metrics & Reporting

• Define KPIs and produce reports on insider risk trends, e-Discovery metrics, and data protection effectiveness.

EDUCATION AND EXPERIENCE

The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Bachelor’s (required) or Master’s (preferred) degree in Cybersecurity, Information Security, Computer Science, or related field.
• 8+ years of experience in cybersecurity, with at least 3 years in insider risk, e-Discovery, and data protection.

CERTIFICATIONS, LICENSES, REGISTRATIONS

• Certifications such as CISSP, CISM, GIAC, CEDS, CIPP, or CDPSE are preferred.

FUNCTIONAL SKILLS

• Hands-on experience with Microsoft Defender, Microsoft Purview, and Microsoft Sentinel.
• Strong understanding of data protection laws, privacy regulations, and digital forensics.
• Experience with e-Discovery platforms and workflows.
• Experience operationalizing AI in IRM, Data Protection, and eDiscovery
• Excellent communication, analytical, and stakeholder management skills.
• Strategic thinker with a proactive approach to risk and compliance.
• Ability to manage sensitive investigations with discretion and professionalism.
• Experience in regulated industries or high-security environments.

Job Tags

Similar Jobs