Information Protection Lead (Insider Threat/Risk Management Expert)

ZS is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it , our most valuable asset is our people. Here you'll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client first mentality to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their business. Bring your curiosity for learning; bold ideas; courage an d passion to drive life-changing impact to ZS.
Our most valuable asset is our people .
At ZS we honor the visible and invisible elements of our identities, personal experiences and belief systems-the ones that comprise us as individuals, shape who we are and
make us unique. We believe your personal interests, identities, and desire to learn are part of your success here. Learn more about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about.
Information Protection Lead
We are seeking a highly motivated and experienced professional to build and lead our Insider Threat & Risk Management team within the Information Security group. This role is critical in identifying, assessing, and mitigating insider risks to protect our firm's critical data, intellectual property, and operational integrity.
The Lead will develop and execute an insider threat program, leveraging behavioral analytics, security tools, and cross-functional collaboration to proactively detect and respond to threats.
What You'll Do:

• Program Development & Leadership: Design and implement a comprehensive insider threat and risk management program aligned with business and security objectives.
• Threat Detection & Response: Utilize data analytics, behavioral indicators, and security tools (e.g., UEBA, DLP, SIEM) to monitor and investigate potential insider threats.
• Risk Assessment & Mitigation: Conduct insider risk assessments, define detection methodologies, and recommend mitigation strategies.
• Collaboration & Stakeholder Engagement: Work closely with Legal, HR, IT, Security Operations, and Compliance teams to develop policies, response frameworks, and training initiatives.
• Incident Handling & Investigations: Lead investigations into potential insider threats, ensuring timely response and remediation while adhering to privacy and legal considerations.
• Security Awareness & Training: Drive awareness programs to educate employees and leaders about insider risks and best practices.
• Regulatory & Compliance Alignment: Ensure the program aligns with industry standards (e.g., NIST, ISO 27001, SOC2) and regulatory requirements.
• Continuous Improvement: Regularly assess and refine the program to adapt to evolving threats and business needs.

What You'll Bring:

• Bachelor's degree in information security, Cybersecurity, or related field.
• 6+ years of experience in information security, with a focus on information protection, DLP and data protection.
• Strong understanding of information security frameworks, regulations, and standards (e.g., ISO 27001, NIST, GDPR).
• Familiarity with network security, endpoint protection, and cloud security principles.
• Ability to balance proactive prevention with reactive incident response.
• High ethical standards and discretion when handling sensitive information.
• Demonstrated ability to build and lead teams, with excellent communication and interpersonal skills.
• Experience with security technologies such as data classification, DLP, encryption, SIEM, and access controls.
• Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent.
• Excellent analytical and problem-solving skills, with the ability to assess risks and recommend effective solutions.
• Strong communication and interpersonal skills to collaborate with various teams and stakeholders.
• Proven track record of successfully implementing and managing information protection programs.

Perks & Benefits:
ZS offers a comprehensive total rewards package including health and well-being, financial planning, annual leave, personal growth and professional development. Our robust skills development programs, multiple career progression options and internal mobility paths and collaborative culture empowers you to thrive as an individual and global team member.
We are committed to giving our employees a flexible and connected way of working. A flexible and connected ZS allows us to combine work from home and on-site presence at clients/ZS offices for the majority of our week. The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections.
Travel:
Travel is a requirement at ZS for client facing ZSers; business needs of your project and client are the priority. While some projects may be local, all client-facing ZSers should be prepared to travel as needed. Travel provides opportunities to strengthen client relationships, gain diverse experiences, and enhance professional growth by working in different environments and cultures.
Considering applying?
At ZS, we're building a diverse and inclusive company where people bring their passions to inspire life-changing impact and deliver better outcomes for all. We are most interested in finding the best candidate for the job and recognize the value that candidates with all backgrounds, including non-traditional ones, bring. If you are interested in joining us, we encourage you to apply even if you don't meet 100% of the requirements listed above.
ZS is an equal opportunity employer and is committed to providing equal employment and advancement opportunities without regard to any class protected by applicable law.
To Complete Your Application:
Candidates must possess or be able to obtain work authorization for their intended country of employment.An on-line application, including a full set of transcripts (official or unofficial), is required to be considered.
NO AGENCY CALLS, PLEASE.
Find Out More At:
www.zs.com