Job description Posted 10 May 2022

Insider Threat Manager

£400.51 PAYE / £520 Umbrella


6 months Contract

Role Summary:

An Engineer with Insider Trust is a critical partner across multiple tech and business segments, helping bridge the gap between user behaviour analytics and other data sources within the company which can be used as strategic indicators or potential for disruptive/malicious behaviour. This position will build, mature and sustain a program which does not lose sight of company culture and employee experience, but instead builds on the trust between the company and its employees through protecting brand, reputation and corporate proprietary secrets as a competitive advantage in the market. This mission and role help ensure corporate commitment to helping our customer and ensuring maximum value to our shareholders. An Engineer with the Insider Trust Program will work with Human Resources, Privacy, Legal, Corporate Security and other partners to ensure the program works in an effective manner while avoiding impact to policy and regulatory requirements. Through this process this role will be a key part of the overall Cyber Security plan to sustain and improve the corporate security posture for our data and networks. This strategy and program will help ensure a proper level of Cyber Security protection to deal with the constant change of the threat landscape and the ongoing targeting / monetization of data theft related to intellectual property and patient information. 

If you feel as though you fit the criteria below, please do not hesitate to apply!

Key Responsibilities:

Overall Role Responsibilities:

·      Providing leadership updates related to threat landscape, progress with maturing the Insider Trust program and strategic needs for path forward

·      Provide direct technical recommendations for the program to include building process and governance around how the team operates across business segments to include HR, Privacy, Corporate Investigations and Legal

·      Working with peers across the company and industry peers to understand technology and other data sources which play a role in building user behaviour analytics within the IT and OT (Operational Technology) environments

·      Providing strategic program management and value add updates related to how the program is maturing to include strategic prioritization of monitoring and alerting

·      Working with strategic vendor partners across the business to ensure visibility to data sets and vendor access/usage of GSK corporate network resources

·      Working with GSK M&A teams to help build onboarding program for employees and technology stacks, minimizing timeline to increasing security access and overall strength of security posture with new acquisitions

·      Work to build employee and corporate communications plans related to program

·      Investigate security incidents using data analytics, computer forensics, and automation in production and corporate environments

·      Analyse the latest insider threat techniques and apply solutions to detect them holistically

Key Experience / Skills:

Experience and skills that are required for this role are as follows:

·      DLP tool knowledge & experience – Forcepoint DLP, Microsoft DLP, Proofpoint Information Protection

·      Experience dealing with DLP alerts, managing events, and escalating to SOC, Incident Response etc

·      DLP Analyst knowledge & experience

·      Experience in DLP rule building and tuning

·      Experience in DLP lifecycle management