Manager- Cybersecurity Investigations

Role Summary

Insider Risk Investigation Manager based in Raritan, NJ. Contributes to a dynamic insider risk program within Information Security & Risk Management, partnering with HR, Audit, Legal, Physical Security, Cyberforensic teams, and J&J leadership to conduct investigations and protect enterprise data.

Responsibilities

• Partner with expert teams to conduct investigation activities that support enterprise data protection and insider risk initiatives.
• Facilitate data value and business impact assessments of exfiltrated data to determine appropriate investigation actions.
• Interview subjects involved in data risk cases to establish root cause and intent, assess credibility, detect inconsistencies, and explore motives to determine actions and remediation steps.
• Collect, analyze, and interpret relevant data activity, digital forensics, or other reports required for investigations.
• Produce timely case notes, statuses, metrics, and final case reports for assigned caseload.
• Manage work within the team Case Management System.
• Contribute to playbooks and SOP documentation for repeatable processes.
• Specify technical remediation requirements and provide guidance to investigation subjects.
• Recommend corrective actions required by subject or manager/team.
• Collaborate with Investigation Team on time-sensitive, high-priority cases.
• Escalate high-risk events to leadership and stakeholders.
• Perform case debriefs to audiences with varying technical expertise, including legal counsel and law enforcement.

Qualifications

Education

• BA/BS degree is required.

Experience and Skills

• 5+ years of proven experience in Insider Risk, Cybersecurity, or Technical Investigations.
• Demonstrated understanding of data security and data egress concepts and methods.
• Experience investigating and interviewing subjects related to data exfiltration in large organizations.
• Minimum of 3 years of experience interviewing investigation subjects.
• Solid understanding of Data Loss Prevention (DLP) systems and related security tools that supply Insider Risk alerts.
• Ability to manage or work with 3rd party firms and subjects to sanitize, recover, or securely remove data.
• Experience anticipating cyber forensic needs, interpreting and analyzing forensic reports from end-user devices and network systems.
• Excellent listening skills to detect implausible explanations and challenge subjects with dubious intent.
• Ability to work independently and adapt to frequent reprioritization based on risk factors.
• Familiarity with 18 U.S.C. 1831 & 1832.
• Ability to maintain confidentiality and communicate case information discreetly.

Preferred

• Experience protecting trade secrets and IP, data security, and data exfiltration methods.
• Experience in Insider Risk and investigations programs within complex/global environments.
• Background in law enforcement, corporate security, or intelligence with corporate investigations, debriefing, and case management experience.
• Understanding of privacy legislation and global differences.