Director of Insider Threat and Investigative Intelligence

Posted Date 5/08/2026 Description The Director of Insider Threat and Investigative Intelligence is a global senior leadership role under the Citi Security and Investigative Services (CSIS) Intelligence Anchor. This position reports directly to the CSIS Intelligence Managing Director and is mainly responsible for the strategy, operations, and oversight of the CSIS Investigative Intelligence and Insider threat programs, effectively driving threat mitigation efforts across Citi. This position also oversees governance related activities across all CSIS Intelligence programs. Citi Security and Investigative Services’ (CSIS) mission is to serve Citi and our clients by protecting their assets and reputation as the industry-leading provider of security, investigations, and intelligence. The CSIS Intelligence anchor provides data-driven intelligence and analysis that enables Citi to mitigate threats, improve business efficiencies and reduce risk. The goal is to enhance Citi’s understanding of emerging threats in the financial services industry, risk trends for the company, and opportunities to improve or adapt business practices. We employ a vast set of internal/external data sources and tools, functioning as an independent, all-source analytic unit and maximizing partner networks and knowledge through shared work assignments, collaboration and interaction models with internal and external partners. We are a quickly evolving organization charged with solving some of the most challenging intelligence and analytical questions posed to Citi. Our most impactful achievements have one crucial feature in common: Colleagues who embrace our three Citi Leadership Principles: We Take Ownership – We challenge one another to a higher standard in everything we do. We Deliver with Pride – We strive for client excellence, controls excellence and operational excellence. We Succeed Together – We value and learn from different perspectives to surpass stakeholder expectations. A little bit about the role: The Investigative Intelligence & Insider Threat programs within the CSIS Intelligence anchor specifically bring together investigative intelligence and insider threat capabilities to deliver data-driven analysis that identifies and assesses fraud, misconduct, cyber, counterintelligence and insider-related threats, using investigative insights and analytics to drive targeted mitigation strategies across Citi. The Intelligence Governance program ensures intelligence activities are fully aligned with Citi’s risk and control practices by strengthening tradecraft, standardizing oversight processes and vendor engagement, and rigorously driving regulatory compliance to enhance the integrity and effectiveness of all CSIS Intelligence operations. Responsibilities: Program Strategy: Define and execute the strategic vision for the CSIS Intelligence Investigative Intelligence, Insider Threat, and Governance programs aligned to organizational risk tolerance and business objectives. This includes leading and developing teams responsible for investigative intelligence analysis, insider threat prevention, and intelligence governance. Intelligence Production: Oversee planning and production for investigative intelligence and insider threat analysis, providing strategic guidance on scope, methodology, and outcomes. This includes ensuring comprehensive post-investigation analysis is conducted to identify root causes, systemic gaps, and lessons learned, as well as driving the integration of analytical findings into preventive controls, program enhancements, and long-term mitigation strategies. Insider Threat Program Development & Execution: Design, mature, and sustain an enterprise insider threat program, including detection, triage, response, and mitigation capabilities. This includes integrating behavioral, technical, and contextual indicators to enable a holistic and risk-based insider threat approach. This also includes ensuring compliance with legal, privacy, and regulatory requirements across all insider threat program activities. Stakeholder and Industry Engagement: Position CSIS as a co-owner of Citi’s Insider Threat Steering Committee, by co-leading Citi’s Insider Threat Coordination program, and serving as a trusted advisor to senior leadership, legal, HR, compliance, risk, cyber, and other partners. Engage with industry peers, forums, and intelligence-sharing groups to benchmark programs, identify emerging trends, and adopt leading practices. Represent the organization externally on investigative intelligence and insider threat topics as appropriate. Governance, Risk, and Compliance: Contribute to enterprise governance, risk management, and control frameworks related to all C