Cybersecurity Risk Management Expert/Program Manager (Hybrid)

Overview

• Tier One Technologies is looking for a Cybersecurity Risk Management Expert/Program Manager to support our direct US Government client.
• This hybrid contract-to-hire position can be located in Falls Church, VA, Morrisville, NC or Eagan, MN.
• SELECTED CANDIDATES WITHOUT REQUIRED CLEARANCE WILL BE SUBJECT TO A FEDERAL GOVERNMENT BACKGROUND INVESTIGATION TO RECEIVE IT.

Responsibilities

• Develop and implement Insider Risk Management (IRM) strategies as a SME and Program Manager. This involves creating policies, procedures, and frameworks to proactively address insider risk.
• Leverage Artificial Intelligence (AI), focused on designing, implementing, and managing programs that proactively identify, assess, and mitigate insider threats using AI-powered tools and techniques to analyze user activity and behavior.
• Ensure compliance and promote awareness for AI/ML. Develop and deliver training to educate employees about security policies and best practices
• Build strong relationships across business lines and with technical partners to develop and implement AI-driven insider risk solutions and effectively communicate findings and risks to senior leadership.
• Utilize AI-powered platforms like User and Entity Behavior Analytics (UEBA) to identify anomalous activities and patterns indicative of insider threats.
• Develop and optimize AI models to refine detection capabilities by leading the creation and tuning rules, alerts, and risk scoring models to enhance efficiency and accuracy.
• Initiate, supervise, and/or develop requirements from a project’s inception to conclusion for complex to extremely complex programs; and provide strategic and expert advice and technical guidance, to program and project staff.
• Conduct risk assessments, identifying critical assets, evaluating potential vulnerabilities, and prioritizing risks based on their potential impact and likelihood.
• Lead and coordinate cross-functional team operations, including analysts, engineers, and other team members, to ensure cohesive execution of the insider risk mission.
• Serve as the primary escalation point for complex or high-risk insider cases in the absence of other team leads, triaging events, and briefing leadership on threat posture, findings, and recommended actions.
• Oversee the development and refinement of insider threat detection frameworks, ensuring alignment with organizational risk tolerance, policies, and evolving threats.
• Provide detailed analysis, evaluation and recommendations for improvements, optimization development, and/or maintenance efforts for client-specific or mission critical challenges/issues; and consult with client to define needs or challenges.
• Represent the IRM team in meetings, working groups, and leadership briefings, translating operational findings into executive-level insights.

Qualifications

• Bachelor’s Degree or Master’s Degree in Computer Science, Information Technology or Information Security.
• 8+ years of experience with a strong understanding of cybersecurity fundamentals, network and endpoint security, and various security tools and technologies.
• Insider Risk expertise.
• Proven leadership ability to direct multidisciplinary teams and coordinate investigative, analytical, and technical workflows under pressure.
• Strong knowledge of cyber telemetry and insider risk indicators, including behavioral analysis, digital forensics, UEBA, DLP, and SIEM.
• Strong knowledge of AI/ML concepts, algorithms, and applications in insider threat detection, including supervised and unsupervised learning, deep learning, and anomaly detection.
• Familiarity with legal, ethical, and privacy considerations in insider monitoring and response, including how to manage cases involving personnel and protected data.
• Experience in developing operational playbooks, escalation protocols, and incident handling processes insider threat or equivalent environments.
• Need a blend of technical and leadership expertise, analytical capabilities, and hard skills to navigate the complex world of AI-driven insider threat detection and prevention.
• Hands-on experience in insider threat analysis.
• Graduate certificates, specifically in Insider Risk Management and Mitigation to provide in-depth expertise in understanding, investigating, and managing insider threats is a plus.
• Excellent communication and executive briefing skills, with the ability to synthesize complex data into actionable insights for senior leadership.
• Must be able to obtain Public Trust Clearance.
• Be able to pass a drug screening, criminal history, and credit checks.
• Must be a US Citizen or Green Card holder.
• Must have lived in the United States for the past 5 years.
• Cannot have more than 6 months travel outside the United States within the last five years. Military Service excluded. (Exception does not include military family members.)