Insider Threat Monitoring Lead

Insider Threat Monitoring Lead 

The U.S. Customs and Border Protection (CBP) Cyber Security Directorate (CSD) is leading one of the most comprehensive, mission critical cybersecurity operations in the federal government—protecting the digital infrastructure that safeguards America’s borders. This multifaceted program spans 24/7/365 Security Operations Center (SOC) monitoring, advanced threat intelligence, forensics, incident response, cloud and network security engineering, zero trust modernization, vulnerability assessment, and enterprise-wide risk and compliance activities. Key Leads on this program will guide teams at the forefront of national security, supporting sophisticated cyber operations that defend vital systems, enable secure mission execution, and counter rapidly evolving threats. You will find this work uniquely impactful, fast-paced, and deeply collaborative, offering the opportunity to lead high performing technical teams, shape CBP’s cybersecurity strategy, and contribute directly to the protection of the nation. 

MEANINGFUL WORK AND PERSONAL IMPACT 

The Insider Threat Monitoring Lead plays a vital role at the intersection of cybersecurity, behavioral analysis, and investigative response. In this mission critical leadership position, you will: 

• Oversee detection and analysis of insider threat activity, data loss events, foreign service national monitoring, and sensitive data spillage ensuring CBP can rapidly identify and mitigate risks from within.  

• Lead a highly skilled team, you will shape investigative methodologies, drive advanced analytics, and collaborate closely with forensics, counterintelligence, and SOC functions.  

• Thrive in high stakes investigative environments and want to directly safeguard the integrity of CBP’s workforce and mission systems. 

WHAT YOU’LL NEED TO SUCCEED 

• Top Secret with SCI eligibility clearance.  

• Minimum of five (5) years of professional experience with an in-depth understanding of the principles, methodologies, and best practices for establishing, operating, and maturing an insider threat program. 

• Bachelor’s degree in computer science, information technology, or related field. 

• Knowledge of deterrence, detection, and mitigation strategies. Proficiency in gathering, integrating, analyzing, and responding to threat-related information.  

• Experience assessing risks, identifying vulnerabilities, and developing effective countermeasures.  

• Strong knowledge of cybersecurity principles, network security, data protection, and monitoring employee use of enterprise networks.  

• Expertise in identifying, assessing, prioritizing, and mitigating security risks.  

• Ability to analyze intelligence to understand and neutralize threats.  

• Thorough knowledge of relevant government policies and regulations, such as the National Industrial Security Program Operating Manual (NISPOM) (32 CFR Part 117), Executive Order 13587, and the Presidential Memorandum "Minimum Standards for Executive Branch Insider Threat Programs."  

• Maintains active Certified Information System Security Professional (CISSP).  

EDUCATION AND EXPERIENCE 

• Bachelor’s Degree preferred. 

• Previous or Current CBP Background Investigation desired. 

OWN YOUR OPPORTUNITY 
Explore a career in cyber security at GDIT and you’ll find endless opportunities to grow alongside colleagues who share your passion for securing the mission.