Insider Threat Program Manager Lead, Information Security

1 Month ago • 5-7 Years • Cyber Security

Job Summary

Job Description

The Insider Threat Program Manager Lead at ByteDance will develop and maintain the organization's insider risk security governance framework, aligning with industry best practices and regulatory requirements. Responsibilities include communicating this framework to stakeholders, conducting regular security risk assessments, monitoring security controls, and reporting to senior management. Collaboration with IT and business units to integrate insider threat measures into projects and processes is crucial. The role requires analyzing large datasets, identifying emerging risks, and translating business needs into actionable rules. A strong understanding of DLP, UEBA, and security platforms is essential.
Must have:
  • Develop and maintain insider risk governance framework
  • Conduct regular security risk assessments
  • Communicate risk posture to all stakeholders
  • Collaborate with IT and business units
  • Analyze large datasets, identify emerging risks
  • Minimum 5 years experience, 2 years leadership
Good to have:
  • Experience with UBA/UEBA solutions (e.g., Splunk, Exabeam)
  • Experience with threat modeling methodologies (e.g., STRIDE, PASTA)

Job Details

Responsibilities
About the Company Founded in 2012, ByteDance's mission is to inspire creativity and enrich life. With a suite of more than a dozen products, including TikTok as well as platforms specific to the China market, including Toutiao, Douyin, and Xigua, ByteDance has made it easier and more fun for people to connect with, consume, and create content. Why Join Us Creation is the core of ByteDance's purpose. Our products are built to help imaginations thrive. This is doubly true of the teams that make our innovations possible. Together, we inspire creativity and enrich life - a mission we aim towards achieving every day. To us, every challenge, no matter how ambiguous, is an opportunity; to learn, to innovate, and to grow as one team. Status quo? Never. Courage? Always. At ByteDance, we create together and grow together. That's how we drive impact - for ourselves, our company, and the users we serve. Join us. About the Team The Internal Security Risk Management & Governance team is responsible for managing and mitigating information security risks posed within the organisation. To ensure that the company's risk management and governance strategies are up to date and aligned across the organisation, this team is responsible for working with stakeholders from cross-functional teams to perform regular risk assessments, designing and implementing risk mitigation controls. This team is also responsible for managing the optimization, operation, training, and data analysis of the internal threat platform and UEBA (User and Entity Behavior Analytics) and DLP (Data Loss Prevention) platforms within the company. Responsibilities - Develop and maintain the organization's insider risk security governance framework, including risk scenario mapping to controls, policies, procedures, and standards that align with industry best practices and regulatory requirements. Such framework must be sufficiently detailed to allow ease of execution with clarity in roles and responsibility amongst stakeholders. - Communicate the insider threat governance framework to key stakeholders and build effective collaboration models with stakeholders with clear roles and responsibilities, transparent tracking of metrics and seamless management reporting. - Conduct regular security risk assessments to identify risk trends, vulnerabilities and alert patterns, and work with relevant departments to develop mitigation and remediation strategies. - Monitor and report on the effectiveness of security controls and the status of security risks to senior management. Communicate risk assessment and trend analysis findings, risks and gaps to both technical and non-technical program stakeholders. - Coordinate with IT and business units to ensure insider threat security measures are integrated into technology projects and business processes. - Identify and garner the support of internal and external stakeholders to collaborate on driving change, including risk remediation and leading parties involved to meet risk remediation objectives. - Translate business and technology requirements into relevant insider threat rules for operational teams to implement - Stay abreast of the latest security trends, threats, and technologies to continuously improve the organization's insider threat security posture. - Conduct analysis of large complex datasets involving insider risks, track metrics and identify gaps and vulnerabilities - Understanding emerging insider risks to build and improve proactive threat detection.
Qualifications
Minimum Qualifications 1. Bachelor's degree or above, with a preference for majors in Information Security, Computer Science, Information Technology, privacy, risk or a related field. Professional certifications such as CISSP, CISM, CRISC, or CGEIT are highly desirable. 2. Minimum of 5 years of work experience, with a preference for experience in DLP (Data Loss Prevention), UEBA (User and Entity Behavior Analytics), or security platforms-related work. 3. Minimum 2 years of leadership experience in managing high-performing GRC/Information Security team. 4. Experience with security risk assessment methodologies and tools. 5. Skilled in creating and maintaining risk registers, developing risk treatment plans, and effectively communicating risk posture to stakeholders at all levels of the organization. 6. Self-driven and results-oriented, enjoys challenging tasks, demonstrates enthusiasm for work, and can handle job pressures. 7. Excellent communication and interpersonal skills, with the ability to engage and influence stakeholders at all levels. Proven ability to manage and prioritize multiple projects and tasks. Preferred Qualifications - Hands on in-house experience with designing, implementation and operation of commercial or in-house UBA/UEBA solutions (e.g., Splunk, Exabeam) are highly desirable - Experience with threat modeling methodologies (e.g., STRIDE, PASTA) to analyze and assess security threats within software applications, systems, and networks. ByteDance is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At ByteDance, our mission is to inspire creativity and enrich life. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We are passionate about this and hope you are too.

Similar Jobs

The Walt Disney Company - Lead Java Software Engineer

The Walt Disney Company

Celebration, Florida, United States (On-Site)
1 Week ago
CleverTap - Senior Backend Engineer (Java & Mongo DB)

CleverTap

Mumbai, Maharashtra, India (Hybrid)
5 Months ago
Next Level Business Services - Splunk Consultant

Next Level Business Services

Pleasanton, California, United States (On-Site)
5 Months ago
Harness - Senior Software Engineer - AI Assistant

Harness

Bengaluru, Karnataka, India (Hybrid)
5 Months ago
PlayStation Global - Sr. ML Software Engineer

PlayStation Global

United States (Remote)
6 Days ago
Barracuda Networks  Inc  - Information Security Engineer

Barracuda Networks Inc

Bengaluru, Karnataka, India (On-Site)
4 Months ago
ByteDance - Security Governance Engineer

ByteDance

San Jose, California, United States (On-Site)
6 Days ago
Zazz - Cybersecurity Analyst

Zazz

(Remote)
1 Month ago
PwC - Identity & Access Management Engineer PwC Netherlands

PwC

Amsterdam, North Holland, Netherlands (Hybrid)
2 Months ago
ION - Markets Platform Security Engineer - US

ION

Toronto, Ontario, Canada (On-Site)
5 Months ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Nagarro - Engineer

Nagarro

Mexico (Remote)
5 Months ago
Morning Star - Senior Employee Technology Support Analyst, Credit Operations

Morning Star

Mumbai, Maharashtra, India (Hybrid)
5 Months ago
Info Stretch - Senior Engineer

Info Stretch

Mumbai, Maharashtra, India (On-Site)
5 Months ago
PENN Interactive - Senior Technical Product Manager, Data

PENN Interactive

Philadelphia, Pennsylvania, United States (Hybrid)
1 Month ago
CleverTap - Senior Backend Engineer (Java & Mongo DB)

CleverTap

Mumbai, Maharashtra, India (Hybrid)
5 Months ago
Next Level Business Services - .Net with L2 Production Support Raleigh, NC

Next Level Business Services

Raleigh, North Carolina, United States (On-Site)
5 Months ago
Rockstar Games - NOC Administrator

Rockstar Games

Bengaluru, Karnataka, India (On-Site)
23 Hours ago
STAGE - Analytics Engineer

STAGE

Noida, Uttar Pradesh, India (On-Site)
7 Months ago
PwC - D365 Azure Integration Developer-Manager

PwC

Kolkata, West Bengal, India (On-Site)
6 Months ago
Visa - Staff Systems Engineer - DevEx

Visa

Singapore, Singapore (On-Site)
5 Months ago

Get notifed when new similar jobs are uploaded

Jobs in Singapore

HoYoverse - AI Product Management Intern

HoYoverse

Singapore (On-Site)
2 Weeks ago
ByteDance - Software Engineer (Distributed Storage), Cloud Infrastructure

ByteDance

Singapore (On-Site)
5 Months ago
Limit Break - Sr. Mobile Game Designer

Limit Break

Singapore, Singapore (On-Site)
8 Months ago
ByteDance - Data Engineer Intern - Global Payment - 2025 Start

ByteDance

Singapore (On-Site)
1 Week ago
The Walt Disney Company - Intern, Viewer Experience, Disney+ APAC

The Walt Disney Company

Singapore, Singapore (On-Site)
1 Month ago
The Walt Disney Company - Marketing & Media Services Events Manager

The Walt Disney Company

Singapore, Singapore (On-Site)
1 Month ago
The Walt Disney Company - Manager - Business Relationship Management SEA

The Walt Disney Company

Singapore, Singapore (On-Site)
2 Months ago
ByteDance - RD Lead

ByteDance

Singapore (On-Site)
5 Months ago

Get notifed when new similar jobs are uploaded

Cyber Security Jobs

ARHS - Cloud Engineer / Security and Compliance Specialist

ARHS

Brussels, Brussels, Belgium (Remote)
4 Months ago
Seedify - Cyber Security Specialist

Seedify

(On-Site)
10 Months ago
ION - Cyber Product Owner, Italy

ION

Italy (Hybrid)
5 Months ago
Barracuda Networks  Inc  - Principal Application Security Engineer

Barracuda Networks Inc

United States (Remote)
1 Week ago
Axinous - Senior Professional Services Consultant - AMS

Axinous

United States (Remote)
3 Weeks ago
PwC - ETIC, Cybersecurity Graduate Program

PwC

Cairo, Cairo Governorate, Egypt (On-Site)
4 Months ago
Epic Games - Threat Intelligence Manager

Epic Games

(On-Site)
1 Week ago
Rackspace Technology - SOC Lead (Sentinel experience required)

Rackspace Technology

India (Remote)
2 Months ago
ByteDance - Software Engineer, Global Payment Privacy & Security

ByteDance

San Jose, California, United States (On-Site)
6 Days ago
PwC - IN-Manager _Technical Delivery Manager_ Emerging Technologies_ Advisory_ Bengaluru

PwC

Bengaluru, Karnataka, India (On-Site)
6 Months ago

Get notifed when new similar jobs are uploaded

About The Company

Where imagination meets innovation, delivering limitless gaming experiences.

New York, New York, United States (On-Site)

Jakarta, Jakarta, Indonesia (On-Site)

San Jose, California, United States (On-Site)

San Jose, California, United States (On-Site)

Singapore (On-Site)

Taguig, Metro Manila, Philippines (On-Site)

View All Jobs

Get notified when new jobs are added by ByteDance

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug