Staff Security Risk and Compliance Program Manager, Insider Threat

About The Role

We are seeking a highly experienced and technically proficient Staff Security Risk and Compliance Program Manager, Insider Threat to join our Trust & Security organization. In this critical role, you'll be responsible for defining, driving, and executing the strategy for our organization's Insider Threat program, including technical control implementation, detection & response processes, risk mitigation, employee training & awareness and so on. You will work cross-functionally with security, engineering, corporate IT, legal, human resource, and other business units to build and mature a best-in-class, proactive insider threat program that protects Confluent’s most sensitive assets and customer data while promoting a positive workplace culture.

What You Will Do

• Strategy and Roadmap: Define and drive the multi-year technical roadmap for the Insider Threat program, focusing on advanced detection methods, behavioral analytics, technical countermeasures, and integration with existing security and IT infrastructure.
• Technical Program Leadership: Lead the planning, execution, and delivery of complex, multi-functional technical projects within the Insider Threat domain, ensuring programs are delivered on time, within budget, and to a high standard of quality.
• Engineering Partnership: Act as the primary liaison between Trust & Security and key partners and stakeholders. Translate operational needs and intelligence into clear technical requirements and specifications for engineering implementation.
• Detection & Analytics: Drive the selection, deployment, and optimization of technical tools and platforms such as DLP, endpoint security platform, to identify, score, and alert on anomalous or high-risk user behavior.
• Policy and Compliance: Partner with Legal and HR to ensure all technical controls and monitoring capabilities are compliant with global privacy laws, company policies, and ethical guidelines.
• Process Improvement: Establish and refine the technical incident response and mitigation processes for insider threats, ensuring seamless handoffs, clear roles/responsibilities, and rapid containment. Develop metrics and dashboards to track program effectiveness & and technical control performance.
• Employee Trainings & Awareness: Develop training content, ensure employees understand the expectations of Acceptable User Policy.

What You Will Bring

• Experience: 8+ years of experience in security program management, with at least 5 years dedicated to Insider Threat, Corporate Security, or Data Loss Prevention (DLP) programs.
• Technical Skills: Deep technical understanding of security controls, network architecture, endpoint security, cloud environments (e.g., AWS, Azure, GCP), and User and Entity Behavior Analytics (UEBA) or similar advanced detection technologies. Have experience with evaluating & implementing identity & access management tools, endpoint security platforms, data loss prevention tools. Familiarity with forensic analysis techniques and legal hold processes related to electronic evidence.
• Program Management Skills: Strong project management and organizational skills. Exceptional analytical and problem-solving skills, with a data-driven approach to decision-making. Experience in running long-term, complex security programs that deliver iterative improvements and risk reduction.
• Communication and Collaboration skills: Excellent written and verbal communication skills. The ability to influence and lead without direct authority. Detail-oriented with a strong analytical mindset. Excellent ability to articulate complex technical concepts and program statuses to executive-level audiences and technical teams.

Key skills/competency

• Insider Threat Program Management
• Data Loss Prevention (DLP)
• Endpoint Security
• Cloud Security (AWS, Azure, GCP)
• User and Entity Behavior Analytics (UEBA)
• Risk Mitigation
• Security Compliance
• Technical Program Leadership
• Cross-functional Collaboration
• Incident Response Processes