What's the role?
The Staff Risk and Investigations team within Bloomberg's Chief Risk and Compliance Office (CRCO) is responsible for implementing an Insider Threat program across Bloomberg, including managing investigations and responding to incidents.
Bloomberg is seeking a highly capable individual to join the Staff Risk and Investigations team (SR&I) responsible for analyzing and correlating data from multiple sources to identify risks and threats posed by insiders. This individual will also be responsible for performing day to day investigations and case management. Additionally, they will be expected to help enhance the Insider Threat program by assisting with prevention efforts, maturing the program, and building relationships with stakeholders globally. We'll trust you to:
You should have:
- Proactively analyze data, perform in-depth reviews of anomalous behaviors to identify potential insider risk indicators and/or threats to the company
- Handle confidential and sensitive matters with discretion and maintain strict confidentiality
- Develop and maintain strong working relationships with lines of business, and key partners and stakeholders including Information Security, Physical Security, Legal, HR and others to guide risk mitigation efforts
- Analyze events and alerts and perform correlation analysis on data from all monitoring and intel sources
- Coordinate response activities with various stakeholders for confirmed incidents and recommend mitigation strategies
- Continuously evaluate changes in actors, tactics, techniques and targets to enhance threat scenarios and use cases and make recommendations to ensure technology strategy maintains pace with changing insider threat landscape
- Ensure close coordination with Bloomberg Risk Management groups by aligning risk priorities, issues, and reporting
- Develop Senior Management reports including metrics on Insider Threat activities
- As needed, conduct interviews and clearly document investigative findings keeping in mind potential legal requirements (e.g., chain of custody)
- Execute special projects as required
If this sounds like you:
- Minimum 5 years of relevant insider threat, employee monitoring, investigative or counterintelligence experience
- Familiarity of SOAR systems and or case management tools
- Knowledge of incident response and crisis management
- Awareness of latest cyber security trends and developments
- Demonstrated success in working closely with Security, Legal, HR, external Intelligence community, etc.
- Demonstrated expertise in working with and handling extremely sensitive materials and investigations
- Strong oral and written communications skills
- Strong analytical capabilities
- Strong interpersonal and leadership skills
- Ability to conduct end to end investigations including collecting and analyzing qualitative and quantitative data
- Ability to work independently on initiatives
- Motivated and willing to learn
- Bachelor's Degree or equivalent experience
- CISSP, CISM or other relevant Information Security certification
- CFE, CPIR certifications a plus
Apply! If we believe you are a good match we'll get in touch to let you know the next steps.
To learn more, visit our YouTube channel "Inside Bloomberg": www.youtube.com/InsideBloomberg
Bloomberg is an equal opportunity employer and we value diversity at our company. We do not discriminate on the basis of age, ancestry, color, gender identity or expression, genetic predisposition or carrier status, marital status, national or ethnic origin, race, religion or belief, sex, sexual orientation, sexual and other reproductive health decisions, parental or caring status, physical or mental disability, pregnancy or maternity/parental leave, protected veteran status, status as a victim of domestic violence, or any other classification protected by applicable law.
Bloomberg is a disability inclusive employer. Please let us know if you require any reasonable adjustments to be made for the recruitment process. If you would prefer to discuss this confidentially, please email email@example.com (mailto:firstname.lastname@example.org).