Insider Risk Lead

Overview

Built on meritocracy, our unique company culture rewards self-starters and those who are committed to doing what is best for our customers.

Brown & Brown is seeking an Insider Risk Lead to join our growing team!

The Insider Risk Lead is responsible for developing, maturing, and overseeing Brown & Brown’s enterprise Insider Risk Management Program. This role will lead strategy, detection, investigations, and cross enterprise collaboration related to insider threats—malicious, accidental, or process driven. The Insider Risk Lead partners directly with cybersecurity, legal, TR, compliance, and business leadership to identify behavioral and data driven indicators of risk and guide sensitive risk response actions.

The position requires high judgment, confidentiality, and excellent analytical and communication abilities.

How You Will Contribute:

• Lead the design, governance, and maturity roadmap of the Insider Risk Program.
• Develop policies, standards, and procedures aligned to enterprise cybersecurity objectives and regulatory expectations.
• Establish operational models for monitoring, escalation, and executive reporting.

• Oversee behavioral and technical monitoring tools (e.g., UBA, DLP, and privileged activity analytics).
• Conduct and/or coordinate insider risk investigations, ensuring accuracy, discretion, and appropriate documentation.
• Partner with Cybersecurity Operations to triage and interpret insider related alerts.

• Serve as the primary liaison to Legal, HR, Compliance, Technology, and business units for insider risk processes.
• Facilitate communication and training to promote a culture of awareness and shared accountability.
• Work within Brown & Brown’s decentralized structure to ensure alignment, transparency, and consistent practices.

• Develop and deliver dashboards, reports, and insights for cybersecurity leadership and executive stakeholders.
• Integrate insider risk into formal risk assessments and enterprise governance processes.
• Ensure adherence to compliance standards, audit requirements, and enterprise documentation practices.
• Other duties as assigned.

• Experience in decentralized or federated enterprise environments (preferred)
• Relevant certifications (e.g., CISSP, CISM, CEH, GIAC certified tracks) (preferred)
• Experience with UBA, SIEM, DLP, endpoint detection, or cloud analytics platforms (preferred)
• Experience working with HR, legal, or compliance leadership on risk matters (preferred)
• Bachelor s degree in cybersecurity, information technology, risk management, or related field (or equivalent experience).
• 7+ years of experience in cybersecurity, insider threat, digital forensics, SOC operations, or similar roles.
• Proven experience developing or managing insider risk or behavioral analytics programs.
• Strong understanding of data protection, access management, monitoring tools, and investigative methodologies.
• Superior communication and judgment, especially in sensitive or confidential situations.

We go beyond standard benefits, focusing on the total well-being of our teammates, including:

• Health Benefits:
  
  Medical/Rx, Dental, Vision, Life Insurance, Disability Insurance
• Financial Benefits:
  
  ESPP; 401k;
  Student Loan Assistance;
  Tuition Reimbursement
• Mental Health & Wellness:
  Free Mental Health &Enhanced Advocacy Services
• Beyond Benefits:
  Paid Time Off, Holidays, Preferred Partner Discounts and more.

Not reflective of all benefits. Enrollment waiting periods or eligibility criteria may apply to certain benefits. Benefit details and offerings may vary for subsidiary entities or in specific geographic locations.

As an Equal Opportunity Employer, we are committed to fostering an inclusive environment comprised of people from all backgrounds, with a variety of experiences and perspectives, guided by our Diversity, Inclusion & Belonging (DIB) motto, “The Power to Be Yourself”.