Insider Threat Senior Consultant

Deloitte's Cyber and Strategic Risk practice - our people, ideas, technology and outcomes-is designed for impact. Serving commercial and federal clients across multiple industries, our team of more than 15,000 professionals brings fresh perspective to help clients anticipate disruption, reimagine the possible, and fulfill their mission promise.

• Assist in the development of Insider Threat programs from the ground up, including the development of governance structures, operational models, and processes that build on client's existing capabilities
• Implement industry standards and best practices regarding insider threat programs, including development and maintenance of programmatic gap analyses and implementation roadmaps
• Assist in the creation of a gap analyses on current tools used for the Insider Threat program and make recommendations on industry best practices
• Develop and maintain a convergence model for insider threat mitigation that reduces risk to client's personnel and assets, both overall and within the client's regional operating divisions
• Develop and improve insider threat modeling that leverages User and Entity Behavior Analytics (UEBA) and automated solutions in place, as well as non-traditional insights
• Develop and expand situational playbooks that document and inform client's operational capabilities and processes
• Leverage industry-leading interpersonal skills to coordinate with client's business and technology leaders to develop and maintain programmatic solutions to insider threats
• Lead and assist in the investigation of all incidents involving insider threats

• 3-5 years of experience focused on Insider Threat programs
• Bachelor's degree in a related field
• Familiarity with security program governance and security operations concepts
• Experience thriving in a heavily regulated environment
• Ability to collaborate with colleagues and clients on technical and programmatic topics
• Proficient with Microsoft Office Suite (PowerPoint, Word, Excel)
• Strong written and speaking communications skills
• Strong analytical, business, and technical acumen
• Competent project management skills including:
  • Contributing to project plan development
  • Planning and executing projects
  • Building client and stakeholder consensus
  • Identification and problem solving towards risks and roadblocks
  • Ability to review and improve work products
  • Leading the development of presentations and deliverables
• Ability to travel up to 20%, on average, based on the work you do and the clients and industries/sectors you serve
• Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future

• Executive-level client management including presentations and dashboard development
• Knowledge of global events and cybersecurity threats (e.g., ransomware, deepfakes, social engineering, OSINT)
• Work experience involving insider threat investigations, counterintelligence, law enforcement, technical investigations, intellectual property investigations, and/or financial fraud investigations
• Cross-industry, enterprise, or global experience
• Familiarity anti-fraud, anti-money laundering, or internal auditing functions
• Familiar with user visibility, data management, and data loss prevention tools such as Symantec, Zscaler, Defender for Cloud Applications, Forcepoint, Proofpoint, Cofense
• Familiarity with cybersecurity activity monitoring tools such as Splunk, QRadar, Chronicle, Sentinel
• Familiarity and/or certification in digital forensics (cloud, endpoint, mobile)
• Familiarity with User and Entity Behavior Analytics (UEBA) tools, such as Exabeam and Securonix
• Experience with Security Program Governance, Security Operations (Detection & Response)