Senior Manager - Insider Risk Detection & Response

Who We Are

Applied Materials is a global leader in materials engineering solutions used to produce virtually every new chip and advanced display in the world. We design, build and service cutting-edge equipment that helps our customers manufacture display and semiconductor chips - the brains of devices we use every day. As the foundation of the global electronics industry, Applied enables the exciting technologies that literally connect our world - like AI and IoT. If you want to push the boundaries of materials science and engineering to create next generation technology, join us to deliver material innovation that changes the world.

What We Offer

Salary:

$176,000.00 - $242,000.00

Location:

Austin,TX, Santa Clara,CA

You'll benefit from a supportive work culture that encourages you to learn, develop, and grow your career as you take on challenges and drive innovative solutions for our customers. We empower our team to push the boundaries of what is possible-while learning every day in a supportive leading global company. Visit our Careers website to learn more.

At Applied Materials, we care about the health and wellbeing of our employees. We're committed to providing programs and support that encourage personal and professional growth and care for you at work, at home, or wherever you may go. Learn more about our benefits.

The Senior Manager - Insider Risk Detection & Response (IRDR) is responsible for owning and operating the enterprise insider risk program, global operations, and managing a team focused on identifying, analyzing, and mitigating insider threats that could harm the organization's people, data, operations, or reputation while partnering closely with Cyber Security, Legal, HR, Privacy, and Physical Security.

The role oversees daily detection and response workflows, sets program strategy, ensures compliance, and drives maturity while enabling business operations safely.

Core Responsibilities

1. Program Leadership & Strategy

• Develop and maintain the organization's Insider Risk Program roadmap.
• Define governance models, policies, workflows, and escalation paths.
• Align program outcomes with enterprise cybersecurity, legal, HR, and compliance goals.
• Lead maturity improvements in detection, analytics, automation, and response.
• Provide executive‑level posture and insights of the program

2. Stakeholder Engagement & Cross‑Functional Collaboration

• Partner closely with HR, Legal, Privacy, Compliance, Physical Security, and SOC leadership.
• Communicate complex findings to executive leadership in a business‑friendly way.
• Educate stakeholders on insider risk trends, escalations, and recommended controls.
• Partner with Legal and Privacy to guide responsible data usage and handling.

3. Team Leadership & Operational Management

• Lead, mentor, and develop a team of insider threat analysts and investigators.
• Manage workload distribution, case assignments, and performance.
• Develop training, playbooks, and skill development pathways for the team.
• Foster a culture of confidential, ethical handling of sensitive issues.

4. Detection & Monitoring Oversight

• Oversee insider threat detection across tools such as:

• Microsoft Purview Insider Risk Management

• SIEM/SOAR platforms (e.g., Sentinel, Splunk)

• Endpoint DLP, CASB, user activity monitoring tools

• Ensure appropriate telemetry coverage, alert logic, and risk scoring models.

• Continuously tune detection rules to reduce false positives and improve fidelity.

5. Incident Response & Investigations

• Lead investigations into potential insider threat events involving:

• Data exfiltration

• Intellectual property theft

• Privileged user / role misuse

• Malicious or accidental violations of export control regulations (in partnership with Trade/Legal)

• Coordinate cross‑functional response with HR, Legal, Privacy, Compliance, Physical Security, IT, and Security Ops.

• Ensure investigations are conducted with a high degree of discretion and integrity.

• Prepare and deliver incident reports, root‑cause summaries, and mitigation recommendations.

6. Reporting & Metrics

• Executive dashboards aligned to enterprise scorecards: Risk trend analysis, Country / BU risk scoring etc.
• Program maturity / KPIs: detection coverage, cases handled, response times, etc.
• Recommend policy updates, preventive controls, and automation based on insights.

7. Technology, Vendor & Budget Management

• Oversee external vendors and managed services supporting the program.
• Own tooling strategy, vendor selection, and lifecycle management.
• Manage budget and resources for global insider‑risk capabilities.

Required Skills & Qualifications

Technical Skills

• Deep understanding of insider threat frameworks (NIST, MITRE, CERT Insider Threat Center, etc.).

• Knowledge in:

• SIEM/SOAR platforms (Google SecOps, Exabeam, Splunk, etc.)

• Data Governance, Data Loss Prevention (FAM, DLP, CASB)

• Endpoint and network telemetry (EDR, Email Security Gateway, Firewall etc.)

• Identity & Access Management (IGA, Badge, SSO, MFA etc.)

• Expertise in UEBA (User and Entity Behavior Analytics) platform / solutions.

• Knowledge of cloud platforms and modern workplace environments (M365, Azure, SaaS apps).

Investigative & Analytical Skills

• Strong case management, documentation, and evidence‑handling discipline.
• Ability to analyze behavioral patterns and correlate multi‑source telemetry.
• Experience conducting sensitive, confidential investigations.
• Ability to balance technical evidence with human behavior/context.

Leadership & Communication Skills

• Experience managing investigations or cybersecurity teams.
• Excellent communication skills-able to present findings to executives.
• Ability to work with cross‑functional partners discreetly and collaboratively.
• Strong decision‑making under pressure.

Behavioral & Soft Skills

• High level of integrity and trustworthiness.
• Discretion when handling sensitive employee data.
• Strong empathy and emotional intelligence (critical for HR/legal collaborations).
• Ability to operate in ambiguous situations with minimal information.

Qualifications

• 10-15+ years in cybersecurity, threat detection, digital forensics, or incident response.
• 5-7+ years in a leadership or management role.
• Certifications such as:
• CISSP, CISM
• GIAC Insider Threat (GSIP)
• GIAC Cyber Threat Intelligence (GCTI)
• CIPP or other privacy certifications

Experience implementing insider risk programs in large, matrixed global enterprises

Additional Information

Time Type:

Full time

Employee Type:

Assignee / Regular

Travel:

Relocation Eligible:

No

The salary offered to a selected candidate will be based on multiple factors including location, hire grade, job-related knowledge, skills, experience, and with consideration of internal equity of our current team members. In addition to a comprehensive benefits package, candidates may be eligible for other forms of compensation such as participation in a bonus and a stock award program, as applicable.

For all sales roles, the posted salary range is the Target Total Cash (TTC) range for the role, which is the sum of base salary and target bonus amount at 100% goal achievement.

Applied Materials is an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, national origin, citizenship, ancestry, religion, creed, sex, sexual orientation, gender identity, age, disability, veteran or military status, or any other basis prohibited by law.

In addition, Applied endeavors to make our careers site accessible to all users. If you would like to contact us regarding accessibility of our website or need assistance completing the application process, please contact us via e-mail at Accommodations_Program@amat.com, or by calling our HR Direct Help Line at 877-612-7547, option 1, and following the prompts to speak to an HR Advisor. This contact is for accommodation requests only and cannot be used to inquire about the status of applications.