Blackstone
Insider Risk Incident Responder, AVP – Cybersecurity
Blackstone is the world’s largest alternative asset manager. We seek to create positive economic impact and long‑term value for our investors, the companies we invest in, and the communities in which we work. Our $1.1 trillion in assets under management include investment vehicles focused on private equity, real estate, public debt and equity, infrastructure, life sciences, growth equity, opportunistic, non‑investment grade credit, real assets and secondary funds, all on a global basis. Further information is available at www.blackstone.com.
Blackstone Technology & Innovations (BXTI)
is the technology team at the core of each of Blackstone’s businesses and new growth initiatives. Serving both internal and external clients, we work to build the next generation of systems that manage risk, create efficiency and improve transparency within the firm and across our broad community of investors and portfolio companies. BXTI is nimble and entrepreneurial – our open, iterative design processes and rapid pace of development mean that everyone on the team has the opportunity to make an impact from day one. We are problem solvers who can take projects from idea to implementation.
Role Blackstone’s Insider Risk Team safeguards the organization from threats originating within our trusted workforce, contractors, and partners. This role focuses on escalated insider risk incident response, advanced behavioral detection engineering, and continuous enhancement of our insider threat program capabilities. The ideal candidate has hands‑on experience conducting investigations using insider threat management platforms, data loss prevention (DLP), user and entity behavior analytics (UEBA), and other monitoring tools across email, endpoint, network, and cloud environments. They develop custom detections to identify and mitigate emerging insider risk scenarios.
Responsibilities
Act as an experienced insider risk incident responder, leading complex investigations into data misuse, policy violations, and insider‑related security incidents from detection through resolution using insider threat management platforms, DLP, and UEBA.
Develop advanced insider risk detection mechanisms to identify and raise alerts for potentially malicious, negligent, or high‑risk behaviors originating from within the company’s workforce, contractors, or trusted partners.
Continuously improve and fine‑tune the insider risk detection portfolio to adapt to evolving behavioral patterns, emerging insider threat tactics, and changes in organizational workflows.
Collaborate with Red Team efforts to simulate insider threat scenarios and design targeted detection strategies.
Supervise and monitor the quality and accuracy of insider risk investigations to ensure consistent, evidence‑based outcomes.
Produce detailed reporting and trend analysis on insider risk incidents, behavioral anomalies, and investigative findings for executive and compliance stakeholders.
Partner with security engineering and HR/legal teams to identify trends in insider risk detections and investigations, enabling proactive risk mitigation and security‑by‑design initiatives.
Coach and mentor team members on insider threat detection methodologies, investigative best practices, and behavioral analysis techniques.
Qualifications
5+ years of experience in a hands‑on technical role in information security.
Highly organized, prioritizes activities independently, creates documentation and handles reporting.
Experience with cloud‑native architectures such as AWS, Azure, Office 365, etc.
Proven experience running investigations and managing incidents through security event detection platforms, SIEM platforms (e.g. Splunk) and EDR (e.g. CrowdStrike).
Hands‑on experience creating custom detections within event detection and SIEM platforms.
Working knowledge of a wide range of current network security technologies such as firewalls, proxies, network and host‑based intrusion prevention, DLP, vulnerability assessment tools, security information/event management, endpoint security, anti‑virus/anti‑malware, etc.
Effectively analyzes and interprets data security risks and recommends appropriate mitigation strategies.
Proficiency in scripting or programming languages (e.g., Python, PowerShell, Bash, SQL) for automation and security‑related tasks.
Familiarity with security controls and practices, including encryption, access management, and secure data handling.
Excellent communication skills to effectively communicate security risks and recommendations to stakeholders.
Compensation Expected annual base salary range: $128,000 – $200,000. Actual base salary within that range will be determined by several components including but not limited to the individual's experience, skills, qualifications and job location.
Benefits Comprehensive health benefits, including medical, dental, vision and FSA; paid time off; life insurance; 401(k) plan; and discretionary bonuses. Certain employees may also be eligible for equity and other incentive compensation at Blackstone’s sole discretion.
Equal Employment Opportunity Blackstone is committed to providing equal employment opportunities to all employees and applicants for employment without regard to race, color, creed, religion, sex, pregnancy, national origin, ancestry, citizenship status, age, marital or partnership status, sexual orientation, gender identity or expression, disability, genetic predisposition, veteran or military status, status as a victim of domestic violence, a sex offense or stalking, or any other class or status in accordance with applicable federal, state and local laws. This policy applies to all terms and conditions of employment, including hiring, placement, promotion, termination, transfer, leave of absence, compensation, and training. All Blackstone employees, including but not limited to recruiting personnel and hiring managers, are required to abide by this policy.
If you need a reasonable accommodation to complete your application, please contact Human Resources at 212‑583‑5000 (US), +44 (0)20 7451 4000 (EMEA) or +852 3656 8600 (APAC).
#J-18808-Ljbffr
Blackstone Technology & Innovations (BXTI)
is the technology team at the core of each of Blackstone’s businesses and new growth initiatives. Serving both internal and external clients, we work to build the next generation of systems that manage risk, create efficiency and improve transparency within the firm and across our broad community of investors and portfolio companies. BXTI is nimble and entrepreneurial – our open, iterative design processes and rapid pace of development mean that everyone on the team has the opportunity to make an impact from day one. We are problem solvers who can take projects from idea to implementation.
Role Blackstone’s Insider Risk Team safeguards the organization from threats originating within our trusted workforce, contractors, and partners. This role focuses on escalated insider risk incident response, advanced behavioral detection engineering, and continuous enhancement of our insider threat program capabilities. The ideal candidate has hands‑on experience conducting investigations using insider threat management platforms, data loss prevention (DLP), user and entity behavior analytics (UEBA), and other monitoring tools across email, endpoint, network, and cloud environments. They develop custom detections to identify and mitigate emerging insider risk scenarios.
Responsibilities
Act as an experienced insider risk incident responder, leading complex investigations into data misuse, policy violations, and insider‑related security incidents from detection through resolution using insider threat management platforms, DLP, and UEBA.
Develop advanced insider risk detection mechanisms to identify and raise alerts for potentially malicious, negligent, or high‑risk behaviors originating from within the company’s workforce, contractors, or trusted partners.
Continuously improve and fine‑tune the insider risk detection portfolio to adapt to evolving behavioral patterns, emerging insider threat tactics, and changes in organizational workflows.
Collaborate with Red Team efforts to simulate insider threat scenarios and design targeted detection strategies.
Supervise and monitor the quality and accuracy of insider risk investigations to ensure consistent, evidence‑based outcomes.
Produce detailed reporting and trend analysis on insider risk incidents, behavioral anomalies, and investigative findings for executive and compliance stakeholders.
Partner with security engineering and HR/legal teams to identify trends in insider risk detections and investigations, enabling proactive risk mitigation and security‑by‑design initiatives.
Coach and mentor team members on insider threat detection methodologies, investigative best practices, and behavioral analysis techniques.
Qualifications
5+ years of experience in a hands‑on technical role in information security.
Highly organized, prioritizes activities independently, creates documentation and handles reporting.
Experience with cloud‑native architectures such as AWS, Azure, Office 365, etc.
Proven experience running investigations and managing incidents through security event detection platforms, SIEM platforms (e.g. Splunk) and EDR (e.g. CrowdStrike).
Hands‑on experience creating custom detections within event detection and SIEM platforms.
Working knowledge of a wide range of current network security technologies such as firewalls, proxies, network and host‑based intrusion prevention, DLP, vulnerability assessment tools, security information/event management, endpoint security, anti‑virus/anti‑malware, etc.
Effectively analyzes and interprets data security risks and recommends appropriate mitigation strategies.
Proficiency in scripting or programming languages (e.g., Python, PowerShell, Bash, SQL) for automation and security‑related tasks.
Familiarity with security controls and practices, including encryption, access management, and secure data handling.
Excellent communication skills to effectively communicate security risks and recommendations to stakeholders.
Compensation Expected annual base salary range: $128,000 – $200,000. Actual base salary within that range will be determined by several components including but not limited to the individual's experience, skills, qualifications and job location.
Benefits Comprehensive health benefits, including medical, dental, vision and FSA; paid time off; life insurance; 401(k) plan; and discretionary bonuses. Certain employees may also be eligible for equity and other incentive compensation at Blackstone’s sole discretion.
Equal Employment Opportunity Blackstone is committed to providing equal employment opportunities to all employees and applicants for employment without regard to race, color, creed, religion, sex, pregnancy, national origin, ancestry, citizenship status, age, marital or partnership status, sexual orientation, gender identity or expression, disability, genetic predisposition, veteran or military status, status as a victim of domestic violence, a sex offense or stalking, or any other class or status in accordance with applicable federal, state and local laws. This policy applies to all terms and conditions of employment, including hiring, placement, promotion, termination, transfer, leave of absence, compensation, and training. All Blackstone employees, including but not limited to recruiting personnel and hiring managers, are required to abide by this policy.
If you need a reasonable accommodation to complete your application, please contact Human Resources at 212‑583‑5000 (US), +44 (0)20 7451 4000 (EMEA) or +852 3656 8600 (APAC).
#J-18808-Ljbffr