1

Insider Risk Jobs in Illinois (NOW HIRING)

Senior Cloud Engineer

Chicago, IL · On-site +1

$70K - $144K/yr

Secure M365 workloads with a strong focus on tenant hardening, conditional access, DLP, and insider risk policies Your Skills And Experience Required Qualifications : * US Citizenship or Green Card ...

next page

Showing results 1-20

Insider Risk information

What are the key skills and qualifications needed to thrive as an Insider Risk Analyst, and why are they important?

To thrive as an Insider Risk Analyst, you need a solid background in information security, risk assessment, and data analysis, often supported by a degree in cybersecurity or a related field. Familiarity with security information and event management (SIEM) tools, user behavior analytics, and certifications such as CISSP or CISA are commonly required. Strong analytical thinking, discretion, and communication skills are crucial for identifying threats and collaborating with cross-functional teams. These skills ensure prompt detection and mitigation of internal security threats, protecting organizational assets and data integrity.

What is an Insider Risk professional?

An Insider Risk professional is responsible for identifying, assessing, and mitigating threats posed by individuals within an organization, such as employees, contractors, or business partners. These threats can include data theft, fraud, sabotage, or unintentional errors that could harm the company. Insider Risk professionals develop policies, monitor user behavior, and implement security controls to protect sensitive information and assets. Their goal is to balance organizational security with privacy and productivity.

What is the difference between Insider Risk vs Insider Threat Analyst?

AspectInsider RiskInsider Threat Analyst
Primary FocusIdentifying and managing potential risks posed by insiders to prevent security breachesDetecting, analyzing, and responding to insider threats and security incidents
Required CredentialsSecurity certifications (CISSP, CISA), risk management experienceCybersecurity certifications (CEH, GIAC), threat analysis experience
Work EnvironmentRisk management teams, security departments, corporate settingsSecurity operations centers, incident response teams, cybersecurity units

Insider Risk professionals focus on proactively identifying and mitigating potential insider-related threats, emphasizing risk management strategies. In contrast, Insider Threat Analysts are more involved in detecting and responding to actual threats and security incidents. Both roles require cybersecurity knowledge and certifications but differ in their primary responsibilities within security teams.

What are some common challenges faced by professionals in Insider Risk roles, and how can they be addressed?

Professionals in Insider Risk roles often face challenges such as balancing employee privacy with security needs, detecting subtle behavioral indicators of risk, and fostering a culture of trust while enforcing policies. Addressing these challenges requires strong communication skills, collaboration with HR and IT departments, and the utilization of advanced monitoring tools that respect privacy regulations. Additionally, ongoing training and clear protocols help teams respond effectively while maintaining organizational transparency.

Managing Director - Insider Threat Program

Koitecc Solutions

Chicago, IL • On-site

$225 - $300/hr

Other

Medical, Life, Retirement

Posted yesterday

New


Job description

Enterprise Insider Threat Program Leadership

Leads the Bank's enterprise insider threat program, defining strategy, governance, and operating model to proactively identify, assess, mitigate, and prevent insider-driven risk. Establishes a risk-based approach to insider threat, strengthening the Bank's ability to anticipate emerging threats, close control gaps, and enhance operational resilience. Maintains a forward-looking view of emerging insider risks, including employee-enabled fraud, credential misuse, data exfiltration, collusion, third-party insider risk, and cyber-enabled activity.

Strategy & Operating Model
  • Defines and leads the enterprise insider threat strategy and long-term roadmap.
  • Builds a consistent global framework aligned to regulatory, legal, privacy and labor requirements; regulatory first design.
  • Establishes governance structures, escalation protocols, and decision‑making forums.
  • Matures capabilities from reactive investigations to proactive, intelligence‑led prevention.
Cross‑Functional Leadership & Integration
  • Partners across Cybersecurity, Fraud, Financial Crimes, Corporate Security, Operations; Legal, Global Investigations, Risk, Privacy, Human Resources.
  • Integrates insider threat capabilities across systems, platforms, and control environments.
  • Establishes clear routines for collaboration, escalation, and coordinated response.
  • Promotes a culture of proactive risk identification and responsible escalation.
Data, Analytics & Intelligence
  • Develops and optimizes insider threat analytics (e.g., user and entity behavior analytics), tools, and capabilities to support scalable, intelligence‑driven risk detection.
  • Builds a consolidated insider threat intelligence capability integrating cyber, fraud, financial crime, HR, and investigative signals (data fusion).
  • Delivers executive‑level reporting and insights on insider threat posture, emerging risks, significant cases, control effectiveness, and remediation progress.
  • Leverages data, analytics, and risk indicators to inform strategy, prioritization, and investment decisions.
Detection, Investigation & Response
  • Owns the end‑to‑end insider threat control framework, including prevention rules, risk‑based detection models, behavioral analytics, investigative protocols, case management standards, and escalation processes.
  • Embeds privacy‑by‑design and ethical monitoring practices, ensuring transparency, proportionality, and protection of employee dignity.
  • Develops and enhances intelligence‑led detection capabilities and response frameworks to enable proactive risk identification and mitigation.
  • Partners with Global Investigations to ensure consistent triage, investigation, escalation, and resolution of insider threat across the enterprise.
  • Defines standards for response actions ensuring timeliness, proportionality, governance, and defensibility.
  • Participates in complex, high‑risk investigations involving employees, contractors, third parties, cyber events, fraud activity, and control breaches, as required partnering with the Global Investigations team.
Governance, Risk & Regulatory Oversight
  • Identifies systemic control gaps and drives remediation across identity and access management, privileged access, data protection, fraud controls, vendor access, and critical operations.
  • Oversees adherence to the Bank's Risk Appetite Framework, ensuring insider threat risks are managed within defined tolerances.
  • Defines and manages key risk indicators and key performance indicators for insider threat risk appetite.
  • Supports regulatory exams, audits, and governance reviews, ensuring readiness and effective response across cyber risk, fraud, conduct risk, and operational resilience.
Leadership & Culture
  • Promotes and supports the Bank's risk culture, ensuring employees understand accountability for risk‑taking activities and fostering an environment of open communication and effective challenge.
  • Complies with the Bank's Risk Appetite framework and ensures risk‑taking activities remain within agreed limits.
  • Models driving simplicity and productivity enhancements for optimization across groups, driving continuous improvement on key measures.
  • Activates a winning culture, aligned with Purpose, igniting engagement by aligning culture to strategy and fueling exceptional execution.
  • Fosters an inclusive environment for all employees by eliminating barriers to inclusion.
  • Develops leaders, plans for succession, and fosters a high‑performance culture.
  • Drives top talent acquisition and retention, developing organizational capabilities to drive competitive advantage.
  • Leads and mentors a team with diverse risk and business experience, skills, and orientation.
  • Leads, promotes, and reinforces the Bank's Ambition; role model One Bank leadership; drives sustainable improvements in customer loyalty and business growth; adheres and supports enterprise customer experience and brand standards.
Qualifications
  • 10+ years in a global systemically important bank, large financial institution, intelligence agency, law enforcement, military, or critical infrastructure environment.
  • Experience in leading enterprise‑side or global risk or security programs.
  • Proven track record building or transforming insider threat, cyber, fraud, or security capabilities.
  • Deep experience managing complex investigations involving employees, contractors, third parties, cyber incidents, fraud activity, or data misuse.
  • Strong knowledge in one or more areas: insider threat, cybersecurity, fraud, financial crime, investigations, operational risk, or enterprise security.
  • Understanding of banking operations, conduct risk, and financial crime typologies.
  • Knowledge of regulatory expectations related to cyber, fraud, and operational resilience.
  • Working knowledge of analytics, detection models, and insider threat tools.
  • Ability to lead global distributed teams and build multidisciplinary capabilities.
  • Strong leadership presence with the ability to influence senior stakeholders.
  • High judgment and discretion in handling sensitive matters.
  • Ability to translate complete risk signals into clear, actionable insights.
  • Preferred professional certifications such as CISSP, CISM, CFE, CAMS, CPP, GIAC, CISA, CRISC, or relevant investigations/intelligence credentials.
  • Background in law enforcement, intelligence, or national security organizations; established external network across industry, law enforcement, and intelligence communities.
Salary & Compensation

Position is targeted at a base range between $225,000 USD and $300,000 USD. Pay type: salaried. Total compensation may include performance‑based incentives, discretionary bonuses, and other perks. BMO also offers health insurance, tuition reimbursement, accident and life insurance, and retirement savings plans.

Equal Employment Opportunity

BMO is proud to be an equal employment opportunity employer. We evaluate applicants without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, gender expression, transgender status, age, status as a protected veteran, or any other legally protected characteristics. We also consider applicants with criminal histories, consistent with applicable federal, state, and local law.

BMO is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please send an e‑mail to BMOCareers.Support@bmo.com and let us know the nature of your request and your contact information.

#J-18808-Ljbffr