Global Head of Human Risk & Workforce Resilience

Are you looking to lead a global team that focuses on protecting people and data? As the Global Head of Human Risk and Workforce Resilience, you will build and lead a multidisciplinary team that manages risk with leadership and innovation.

This role can be virtual or hybrid from any US based location.

This role leads a comprehensive, cross-functional human risk management program that integrates physical, cyber, HR, and legal perspectives to proactively identify and mitigate workforce-related risks. The position partners across the enterprise to embed human risk into broader risk frameworks, supports investigations with behavioral insight, and drives a culture shift toward resilience and accountability through targeted interventions and leader enablement.

Physical & Cyber Convergence: Partner closely with physical and cyber departments to correlate physical access intelligence with digital activity monitoring to identify high-risk behavioral patterns.

HR & Legal

Collaboration:

Work with HR and Legal to ensure human risk practices are compliant with labor laws, privacy regulations, and ethical standards while remaining aligned with company culture.

Investigations Liaison: Serve as a key stakeholder in internal investigations, providing behavioral, contextual, and workforce insight to technical or physical security incidents.

Enterprise Alignment: Integrate people risk management into broader Enterprise Risk Management (ERM) frameworks.

Talent

Risk Management:

Assess and mitigate risk related to intellectual property theft, data exfiltration, or trust erosion—particularly during offboarding, reorganizations, or high "flight risk" scenarios.

Revenue & Brand Impact: Quantify the financial and operational impact of human-related risk events (e.g., phishing, misconfiguration, policy violations) and communicate risk exposure and mitigation value to executive leadership.

High-Risk Role Oversight: Apply enhanced risk controls and monitoring for privileged, sensitive, or high-impact roles in partnership with cyber security.

Human Risk Modeling: Develop a framework to score and qualify human risk across business units using inputs such as cyber telemetry, physical badge data, case management insights, and HR signals.

Predictive Indicators: Shift the program from reactive response to predictive prevention by identifying early indicators of insider distress, disengagement, burnout, or malicious intent.

Metrics & Reporting: Define leading and lagging human risk indicators and translate technical findings into business-relevant insights for senior leaders and the Board.

Pre-Hire & Onboarding: Partner with HR, Security, and Compliance to influence screening practices, onboarding education, and early-stage trust-building controls.

Role Changes & Access Drift: Monitor behavioral risk associated with promotions, role changes, access elevation, mergers, or restructuring events.

Transitions & Offboarding: Design and oversee consistent, risk-based offboarding controls to protect data, IP, and institutional knowledge.

Culture Shift: Move the organization away from blame-based security toward a resilience-based culture where employees are viewed as the first line of defense.

Behavioral Interventions: Replace generic security awareness with targeted, role-based, and data-informed interventions that reduce risk without eroding trust.

Leader Enablement: Equip managers and leaders to recognize early warning signs of people risk and respond appropriately and ethically.

Team Building: Build and direct a team of risk analysts, behavioral specialists, and program managers.

Program Maturity: Establish governance, operating cadence, and maturity benchmarks for the function.

Executive Advisory: Act as a trusted advisor to senior leadership on emerging workforce risk trends and organizational resilience.

You will lead a high-impact, newly established program that puts you at the forefront of protecting data, shaping risk strategy, and elevating talent—while setting the tone for a culture built on accountability, integrity, and meaningful behaviors.

• 10+ years in senior roles spanning Security (Cyber or Physical), Insider Threat, Risk Management, Trust & Safety, Investigations, or Behavioral Science.
• Demonstrated experience operating in multinational environments with strong understanding of privacy and employment regulations (e.g., GDPR, CCPA).
• Proven experience designing or leading insider threat, workforce risk, or corporate investigation programs.
• Track record of influencing cross-functional stakeholders without direct authority.

Education: Bachelor's degree or equivalent years of relevant industry experience.

Aon is not accepting unsolicited resumes from search firms for this position. If you are a search firm, you will not be compensated in any way for your submission of a candidate, even if Aon hires that candidate.

Nothing in this job description restricts…