Miami, FL, 33126, USA
86 days ago
Insider Threat Director
**Job Description** The Director of Insider Risk Management is responsible for developing, implementing, and overseeing a comprehensive insider risk management program across our global environment. This role involves identifying, assessing, and mitigating risks posed by insiders, including employees, contractors, and business partners, to protect the organization’s assets, intellectual property, and reputation. **Essential Functions:** + Develop and implement a global insider risk management program that aligns with the organization’s strategic goals and risk appetite by establishing policies, procedures, and controls to detect, prevent, and respond to insider threats. + Conduct regular risk assessments to identify potential insider threats and vulnerabilities. Develop and implement risk mitigation strategies and action plans to address identified risks. + Collaborate with Security Operations to implement and oversee monitoring systems and tools to detect suspicious activities and behaviors. + Lead investigations into suspected insider incidents, coordinating with relevant departments and external agencies as necessary. Develop and maintain an incident response plan for insider threats, ensuring timely and effective response to incidents. + Work with other security teams to design training programs to educate employees and stakeholders about insider risks and best practices for mitigating them + Collaborate with HR, Legal, IT, and other departments to ensure a holistic approach to insider risk management. Serve as the primary point of contact for insider risk management, providing regular updates and reports to senior leadership. + Ensure the insider risk management program complies with relevant laws, regulations, and industry standards. + Develop key performance indicators (KPIs) and metrics to measure the effectiveness of the insider risk management program. Prepare and present regular reports to senior leadership, highlighting trends, incidents, and program improvements **Qualifications:** + Minimum Education: Bachelor’s Degree/Master’s Degree a plus + Discipline/Major: Bachelor’s degree in security management, Information Security, Risk Management, or a related field. A master’s degree or relevant certifications (e.g., CISSP, CISM) are preferred + Required Certifications: Desired to have one of or more of the following certificates: CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor) + Required Years and Area of Professional Experience: Minimum of 10 years of experience in cybersecurity, with at least 5 years in a leadership role focused on insider threat management + Critical Professional Related Technical/Computer Skills: Experience with security information and event management (SIEM) tools, user behavior analytics (UBA), and other relevant technologies + Other Requirements: Team management and stakeholder management. Skilled at mentoring and motivating staff, communicating goals and other corporate initiatives, and driving to results + Preferred Education: Master’s degree in degrees relevant to IT + Preferred Experience & Type: At least 10 years of experience in risk management, security, or a related field, with a focus on insider threats. - Proven track record of developing and managing insider risk programs at a global scale + Knowledge, Skills & Abilities: Strong understanding of insider threat frameworks, methodologies, and best practices. - Excellent analytical and problem-solving skills, with the ability to assess complex situations and develop effective solutions. - Exceptional communication and interpersonal skills, with the ability to influence and collaborate with stakeholders at all levels. - Strong leadership and project management skills, with experience leading cross-functional teams **Decision-Making:** + Strategic: Decisions affect the long-term direction and policy of the entire company. These decisions affect the short-term and long-term performance of GCS. Strategic decisions are high-risk because their outcomes are largely unknown and have a huge impact. These types of decisions are usually made at the top level of a company. Examples are new services, acquisitions. + Tactical: Decisions focus on intermediate-term issues. The purpose of decisions made at this level are to assist and guide brands on their duties around Infrastructure, application, and data security + Operational: Decisions focus on day-to-day activities within the company. Decisions made at this level help to ensure that daily activities proceed smoothly and therefore help to move the company toward reaching a strategic goal. They have short term consequences. Examples are Handling employee conflicts, purchasing materials needed for operations Physical Demands: Must be able to remain in a stationary position at a desk and/or computer for extended periods of time. Travel: Less than 25% with non-shipboard travel likely. Work Conditions: Work primarily in a climate-controlled environment with minimal safety/health hazard potential. Offers to the selected candidates will be made on a fair and equitable basis, taking into account specific job-related skills and experience. At Carnival, your total rewards package is much more than your base salary. All non-sales roles participate in an annual cash bonus program, while sales roles have an incentive plan. Director and above roles may also be eligible to participate in Carnival’s discretionary equity incentive plan. Plus, Carnival provides comprehensive and innovative benefits to meet your needs, including: + Health Benefits: + Cost-effective medical, dental and vision plans + Employee Assistance Program and other mental health resources + Additional programs include company paid term life insurance and disability coverage + Financial Benefits: + 401(k) plan that includes a company match + Employee Stock Purchase plan + Paid Time Off + Holidays – All full-time and part-time with benefits employees receive days off for 7 company-wide holidays, plus an additional floating holiday to be taken at the employee’s discretion. + Vacation Time – All full-time employees at the manager and below level start with 14 days/year; director and above level start with 19 days/year. Part-time with benefits employees receive time off based on the number of hours they work, with a minimum of 84 hours/year. All employees gain additional vacation time with further tenure. + Sick Time – All full-time employees receive 80 hours of sick time each year. Part-time with benefits employees receive time off based on the number of hours they work, with a minimum of 60 hours each year. + Other Benefits + Complementary stand-by cruises, employee discounts on confirmed cruises, plus special rates for family and friends + Personal and professional learning and development resources including tuition reimbursement + On-site preschool program, wellness center, and health clinic at our Miami campus \#LI-SH1 \#LI-Hybrid **About Us** In addition to other duties/functions, this position requires full commitment and support for promoting ethical and compliant culture. More specifically, this position requires integrity, honesty, and respectful treatment of others, as well as a willingness to speak up when they see misconduct or have concerns. Carnival Corporation & plc is a global cruise company and one of the largest vacation companies in the world. Our portfolio of leading cruise brands includes Carnival Cruise Line, Holland America Line, Princess Cruises and Seabourn in North America; P&O Cruises, and Cunard Line in the United Kingdom; AIDA in Germany; Costa Cruises in Southern Europe; and P&O Cruises in Australia. Our employees have a responsibility to be accountable for all actions. We consider the environment in all aspects of our business and have a responsibility to put safety andsustainability first. We live and share a positive attitude which is based on fostering an environment of inclusion, trust, a willingness to listen, openness and integrity. Carnival Corporation & plc and Carnival Cruise Line is an equal employment opportunity/affirmative action employer. In this regard, it does not discriminate against any qualified individual on the basis of sex, race, color, national origin, religion, sexual orientation, age, marital status, mental, physical or sensory disability or any other classification protected by applicable local, state, federal and/or international law. Benefits as a member of Carnival's Team: + A comprehensive benefit program which includes medical, dental and vision plans + Additional programs include company paid term life insurance and disability coverage and a 401(k) plan that includes a company match + Employee Stock Purchase plan + Paid vacation and sick time + Cruise benefits + An on-site fully accredited preschool educational program located at our Doral campus + An on-site Wellness Center and Health clinic at our Doral campus To view a copy of Carnival's FMLA, EEO and EPPA posters please visit: (click or copy and paste link into your browser). https://www.dol. gov/sites/dolgov/files/WHD/legacy/ files/fmlaen.pdf https://www.dol. gov/ofccp/regs/compliance/posters /pdf/eeopost.pdf https://www.dol. gov/sites/dolgov/files/WHD/legacy/ files/eppac.pdf https: //www.dol. gov/ofccp/regs/compliance/posters /pdf/OFCCP_EEO_Supplement_Fi nal_JRF_QA_508c.pdf
Confirm your E-mail: Send Email