Insider Threat Investigations Lead - VP

We are seeking a highly motivated and skilled Insider Threat Investigations Lead to join a newly formed Insider Threat Team. This role focuses on identifying, preventing, and responding to risks posed by individuals with authorized access to organisational assets, including employees, contractors, and third-party vendors.

The position requires collaboration with cross-functional teams to mitigate risks of malicious, negligent, or unintentional insider actions that could cause security breaches, data loss, or reputational damage. It will also involve building strong relationships with internal stakeholders and driving continuous programme improvements.

This role suits someone with strong investigative skills, an analytical mindset, the ability to interpret and act on data, and the capability to execute initiatives that strengthen the insider threat programme.

Key Responsibilities

• Support the delivery of the insider threat programme, including developing tools, standards, and procedures to detect, prevent, and respond to insider threats.

• Utilise advanced detection tools, behavioural analytics, and security monitoring systems.

• Drive continuous improvement by applying lessons learned, industry best practices, and emerging threat intelligence.

• Partner with stakeholders to identify and mitigate potential insider risks across systems, networks, and processes.

• Lead investigations into suspected insider threat incidents, ensuring they are thorough, timely, and compliant with legal and regulatory standards.

• Produce reports on risks, incidents, and mitigation efforts for executive decision-making.

• Collaborate with intelligence teams to develop threat modelling deliverables.

Experience & Skills Required

• 8+ years of experience in information security, preferably in Investigations, Analysis, Security Operations, Incident Response, or Threat Intelligence.

• 3+ years' experience specifically in Insider Threat or equivalent roles.

• Proficiency with insider threat detection tools (UEBA, DLP, SIEM) and knowledge of advanced threat intelligence techniques.

• Understanding of threat actor tactics, techniques, and procedures (TTPs) and the MITRE ATT&CK Framework.

• Familiarity with security frameworks, incident response, and risk management practices.

• Knowledge of legal and regulatory considerations, including privacy and data protection laws.

• Excellent interpersonal, relationship management, and communication skills.

Qualifications & Certifications

• Bachelor's degree in Cybersecurity, Information Systems, Computer Science, Business Analytics, Intelligence Studies, Criminology, or a related discipline.

• Hands-on experience with security monitoring and analytical tools (eg, UEBA, DLP, SIEM).

• Demonstrated ability to manage complex investigations and coordinate across departments.

• Relevant security certifications (eg, SANS, CERT ITPM, CISA) preferred.

• Experience with threat intelligence and SOC/CIRT operations.

• Ability to handle sensitive information with discretion.

• Strong written and verbal communication skills.

• Ability to work on-site in London at least twice a week and engage with local intelligence-sharing networks.