Senior Program Manager - Insider Threat

While quantum computing holds immense promise, it also poses future security challenges, such as potentially rendering RSA encryption vulnerable. Therefore, protecting our cutting-edge research is of paramount importance today. As our Senior Program Manager for Insider Threat, you’ll help to safeguard IonQ by developing a program, governance, and workflows for detecting, deterring, and mitigating insider risks.

In the first three months, you will help develop the core program documentation and workflows. You will collaborate with external teams like IT, Legal and People (HR) to integrate into company processes. You will work with our technical security experts to build detection capabilities and perform investigations.

Core Responsibilities

• Spearhead the creation and implementation of a comprehensive Insider Threat Program designed to identify, deter, and mitigate potential insider risks
• Leverage tools such as UAM, SIEM, and DLP to identify anomalies, initiate cases, and conduct follow-ups on investigative findings
• Develop and maintain insightful dashboards and metrics that effectively communicate trends and facilitate informed decision-making
• Create standardized playbooks to ensure investigative processes are scalable and efficient
• Foster collaboration with Legal, People, Security, Facilities, and leadership teams to bolster insider threat detection and response capabilities
• Investigate data exfiltration attempts, unauthorized access, and privilege abuse to safeguard intellectual property and prevent espionage
• Analyze social engineering tactics, policy violations, and suspicious financial activity as part of insider threat investigations
• Conduct risk assessments on personnel, contractors, and third-party vendors to identify individuals with access to sensitive data
• Coordinate with HR, legal, counterintelligence, and law enforcement agencies to investigate insider incidents
• Develop and deliver Insider Threat Awareness Training for employees and security teams
• Ensure compliance with CNSSD 504, DoDD 5205.16, and other relevant DoD insider threat policies
• Partner with internal technical engineers to apply innovative techniques for detecting suspicious behavior and potential insider threats
• Manage program governance documentation, including defining roles and responsibilities, and ensure compliance with the control environment
• Stay abreast of emerging threats, industry trends, and best practices to continuously and proactively enhance the program

The ideal candidate will have experience contributing to multiple concurrent initiatives.  Every day you will learn and explore, applying what you already know to a new environment and new problem. You will balance multiple activities with a keen eye for prioritizing for the biggest impact. You’ll strive for simplicity and demonstrate significant creativity and incisive judgment. You'll enjoy learning technical topics, working across multiple business streams, and be uniquely positioned to help us reach the next horizon in secure quantum computing. You will take ownership of the outcome for the work you take on.

You’d be a good fit with:

• Bachelor's degree in Computer Science or related field, or equivalent practical experience. We value diverse backgrounds and encourage applicants with relevant experience from non-traditional pathways.
• 3+ years of experience in security operations
• 2+ years of experience in insider threat analysis
• Deep understanding of behavioral analytics and techniques for detecting risks
• Experiencing with data classification and labeling in Google Workspace
• Experience with technologies such as DLP, UAM, and SIEM
• Experience implementing and auditing least privilege based on RBAC
• Excitement to learn and get things done right
• Empathy for your internal and external customers and excellent communication skills, since you’ll be working with folks of all backgrounds -- technical and non-technical alike!

You’d be a great fit with:

• 2+ years of experience leading a dedicated Insider Threat or Counterintelligence program
• Experience with security tools used to detect and mitigate insider threats
• Experience conducting in-depth threat analysis and proactive threat hunting using SIEM and EDR solutions
• Background in internal fraud investigations or conducting interviews
• Knowledge of Digital Forensics & Incident Response (DFIR)
• Experience implementing a program to achieve least privilege access to data
• Experience with scripting languages (e.g., Python, PowerShell) to automate security workflows
• Experience with threat intelligence platforms and feeds
• Proven ability to lead security initiatives
• Prior experience with NIST 800-53 and NIST 800-171 audits and implementation of controls

Location: This role will ideally be located at our Bothell, WA or College Park, MD locations and able to work remotely several days a week.
Travel: One week per quarter.

The approximate base salary range for this position is $123,191 - $161,289.