Insider Risk Program Manager- Office of the Chief Operating Officer

Minimum Education

Bachelor's Degree or Equivalent Experience

Minimum Experience

6

Summary

Under the general direction of the managing Officer, the Insider Risk Program Manager serves as the operational leader
for the development and implementation of the Insider Risk Management (IRM) Program for the Board. The IRM PM
serves as the primary representative to executive leadership, stakeholders, the hub, and potentially the broader Board
workforce. The position is responsible for developing, implementing, and managing the Federal Reserve System’s (FRS)
insider risk and threat programs. The Program Manager will integrate user activity monitoring, behavioral analytics, threat
intelligence, and investigative workflows to identify and mitigate malicious, negligent, or compromised insider activity. The
incumbent leads cross-functional efforts to detect, deter, assess, monitor, and mitigate risks posed by trusted insiders and
ensures alignment with organizational objectives, legal and privacy requirements, and business continuity priorities while
fostering a culture of security awareness and ethical conduct. The incumbent will lead day-to-day operations, including
triaging alerts, identifying relevant intelligence, conducting link analysis and inquiries, and presenting findings to invest ed
stakeholders. This position is also responsible for developing key risk indicators and metrics to report program
effectiveness.

Duties and Responsibilities

• Analyzes and evaluates a high volume of classified and sensitive information, threat intelligence, behavior
  analytics, and law enforcement information and helps to determine the significance in terms of the protection of
  the Federal Reverse System (FRS) personnel, infrastructure, information, and other critical assets.
• Develops and conducts oral briefs/presentations to the IRM Executive Steering Committee on the development
  and implementation of the program as well as identified insider risk events.
• Uses and leverages data-mining technology across a range of intelligence, law enforcement, insider threat, and
  other classified and unclassified data, information, and product sources to identify malicious or negligent actors
  that may pose a risk to the system or be of interest to the FRS.
• Develops the framework, policy, and standard operating procedures for insider risk detection, response, and
  escalation.
• Provides ongoing liaison coordination with the hub, Executive Steering Committee, the Reserve Bank’s IRM
  program, working groups, and committees regarding insider threats and risk in support of FRS interest.
• Integrate the Board’s IRM program with the Reserve Bank’s IRM program to ensure congruence and alignments
  without overlapping or conflicting processes and workstreams.
• Implement process and policy in accordance with the approved strategic vision of the ESC and IRM Program.
• Develops and implements insider risk training for all Board personnel and identifies role specific training for
  members of the insider risk hub.
• Maintains situational awareness across the full spectrum of threats to the FRS, i.e., leadership, staff , processes,
  and insider threat/risk to the FRS.
• Leads efforts on data analysis of multiple sources to identify, assess, analyze, inform and report on suspected
  insider threats.

About the Insider Risk Program

 

The purpose of the work is to provide a high-specialized level of support for the insider risk management needs of the Federal Reserve System. Sound judgement, initiative, and the ability to work with occasional guidance are required to identify and act on information of significance to the Federal Reserve. The programs, policies, plans, activities, and resources devoted to ensuring financial stability and public confidence in the monetary system, and the supporting enterprise that provides integrity, confidentiality, and availability to the data at the System level that the Board is dependent upon. The work of the program reduces organizational liability by proactively identifying, detecting, and mitigating both malicious and negligent actors from engaging in risky behaviors. Prevention of insider risk events reduces reputation risk, prevents data loss and disruption of operations, and helps avoid significant costs associated with recovery efforts and liability following a security breach.

 

Required Skills/Experience/Knowledge

 

• Knowledge of insider risk/threat methodologies, frameworks, and best practices.
• Knowledge of intelligence analysis, risk management concepts, privacy, civil liberties, and regulatory considerations, as it relates to monitoring and insider threat inquiries.
• Knowledge of cybersecurity analysis, insider risk detection strategies, counterintelligence, law enforcement, and insider risk and threat policy and governance.
• Familiarity with insider risk technologies, SIEM platforms, DLP tools, UEBA solutions, and insider risk case management systems.
• Experience developing or managing an enterprise insider threat/risk program.
• Ability to manage multiple priorities and adapt to evolving threats and operational demands.
• Ability to synthesize intelligence and operational and behavioral data into actional insights.
• Ability to handle sensitive and classified information with discretion and professionalism.
• Ability to work collaboratively in a multidisciplinary environment.
• Excellent interpersonal, verbal, and written communication skills, including executive briefing experience.
• Must have strong analytical and investigative skills with the ability to assess complex risk scenarios.
• Must have understanding of the financial sector and critical infrastructure protection best practices.
• Must have excellent writing and analysis skills of disparate sources.
• Must have project management experience.

 

Notes

 

• TS/SCI clearance is not required to apply but must be able to obtain and maintain a TS/SCI clearance for the position.

• This position requires an on-site presence in Washington, DC.
• US citizenship is required for this position.
• A writing assessment will be administered during the interview process.
• The expected salary range for this role is $140,500 - $190,900. Final offers are determined by experience and education, as well as internal and external factors.