Senior Manager - Insider Risk Detection & Response

Who We Are

Applied Materials is a global leader in materials engineering solutions used to produce virtually every new chip and advanced display in the world. We design, build and service cutting-edge equipment that helps our customers manufacture display and semiconductor chips - the brains of devices we use every day. As the foundation of the global electronics industry, Applied enables the exciting technologies that literally connect our world - like AI and IoT. If you want to push the boundaries of materials science and engineering to create next generation technology, join us to deliver material innovation that changes the world.

What We Offer

Salary:
$176,000.00 - $242,000.00

Location:
Austin,TX, Santa Clara,CA

You'll benefit from a supportive work culture that encourages you to learn, develop, and grow your career as you take on challenges and drive innovative solutions for our customers. We empower our team to push the boundaries of what is possible-while learning every day in a supportive leading global company. Visit our Careers website to learn more.

• Develop and maintain the organization's Insider Risk Program roadmap.
• Define governance models, policies, workflows, and escalation paths.
• Align program outcomes with enterprise cybersecurity, legal, HR, and compliance goals.
• Lead maturity improvements in detection, analytics, automation, and response.
• Provide executive‑level posture and insights of the program

• Partner closely with HR, Legal, Privacy, Compliance, Physical Security, and SOC leadership.
• Communicate complex findings to executive leadership in a business‑friendly way.
• Educate stakeholders on insider risk trends, escalations, and recommended controls.
• Partner with Legal and Privacy to guide responsible data usage and handling.

• Lead, mentor, and develop a team of insider threat analysts and investigators.
• Manage workload distribution, case assignments, and performance.
• Develop training, playbooks, and skill development pathways for the team.
• Foster a culture of confidential, ethical handling of sensitive issues.

• Oversee insider threat detection across tools such as:
  • Microsoft Purview Insider Risk Management
  • SIEM/SOAR platforms (e.g., Sentinel, Splunk)
  • Endpoint DLP, CASB, user activity monitoring tools
• Ensure appropriate telemetry coverage, alert logic, and risk scoring models.
• Continuously tune detection rules to reduce false positives and improve fidelity.

• Lead investigations into potential insider threat events involving:
  • Data exfiltration
  • Intellectual property theft
  • Privileged user / role misuse
  • Malicious or accidental violations of export control regulations (in partnership with Trade/Legal)
• Coordinate cross‑functional response with HR, Legal, Privacy, Compliance, Physical Security, IT, and Security Ops.
• Ensure investigations are conducted with a high degree of discretion and integrity.
• Prepare and deliver incident reports, root‑cause summaries, and mitigation recommendations.

• Executive dashboards aligned to enterprise scorecards: Risk trend analysis, Country / BU risk scoring etc.
• Program maturity / KPIs: detection coverage, cases handled, response times, etc.
• Recommend policy updates, preventive controls, and automation based on insights.

• Oversee external vendors and managed services supporting the program.

• Own tooling strategy, vendor selection, and lifecycle management.
• Manage budget and resources for global insider‑risk capabilities.

• Deep understanding of insider threat frameworks (NIST, MITRE, CERT Insider Threat Center, etc.).
• Knowledge in:
  • SIEM/SOAR platforms (Google SecOps, Exabeam, Splunk, etc.)
  • Data Governance, Data Loss Prevention (FAM, DLP, CASB)
  • Endpoint and network telemetry (EDR, Email Security Gateway, Firewall etc.)
  • Identity & Access Management (IGA, Badge, SSO, MFA etc.)
• Expertise in UEBA (User and Entity Behavior Analytics) platform / solutions.
• Knowledge of cloud platforms and modern workplace environments (M365, Azure, SaaS apps).

• Strong case management, documentation, and evidence‑handling discipline.
• Ability to analyze behavioral patterns and correlate multi‑source telemetry.
• Experience conducting sensitive, confidential investigations.
• Ability to balance technical evidence with human behavior/context.

• Experience managing investigations or cybersecurity teams.
• Excellent communication skills-able to present findings to executives.
• Ability to work with cross‑functional partners discreetly and collaboratively.
• Strong decision‑making under pressure.

• High level of integrity and trustworthiness.
• Discretion when handling sensitive employee data.
• Strong empathy and emotional intelligence (critical for HR/legal collaborations).
• Ability to operate in ambiguous situations with minimal information.

• 10-15+ years in cybersecurity, threat detection, digital forensics, or incident response.
• 5-7+ years in a leadership or management role.
• Certifications such as:
  • CISSP, CISM
  • GIAC Insider Threat (GSIP)
  • GIAC Cyber Threat Intelligence (GCTI)
  • CIPP or other privacy certifications