Principal Associate, Insider Threat and Technical Investigations
Company: Capital One
Location: Sandy Hook
Posted on: November 7, 2024
|
|
Job Description:
Center 3 (19075), United States of America, McLean, Virginia
Principal Associate, Insider Threat and Technical Investigations
Capital One is looking for an Insider Threat Investigator to join
the Cyber Insider Threat team. The Insider Threat Investigator role
is responsible for the detection and investigation of anomalous
user activities and indicators of potential insider threats. This
position will be part of the Cyber Insider Threat and Technical
Investigations program, responsible for utilizing a wide variety of
security tools across multiple environments. You will perform
analysis, investigation, monitoring, and management of user and
endpoint based insider threats. These tasks include but are not
limited to: creating and maintaining investigation and incident
tracking information; planning, coordinating and performing user
behavior-based investigations; drafting and presenting detailed
investigative reports and summaries; investigation analysis tasks
including preservation and examination of all available
information, and supporting evidence or artifacts collection
related to incident or event. Responsibilities: Track and document
investigations from initial detection through final resolution
including documenting requests and activities in a case management
system Effectively and professionally secure handling and
collection of digital evidence Exercise sound technical,
interpersonal, and organizational judgment while evaluating and
solving complex problems Conduct highly technical investigations
utilizing data from detection tools, including UEBA, SIEM, and
others Exercise discretion and professionalism when conducting
user-based investigations and inquiries Identify and enhance
processes where automation has the potential to improve efficiency
Create, prepare, and defend technical escalation reports for
presenting findings to leadership, corporate investigations, and
legal partners Basic Qualifications: High School Diploma, GED or
equivalent certification At least 3 years of experience in the
cybersecurity, investigative analysis, or intelligence field At
least 2 years of experience leading or conducting non-technical and
technical investigations utilizing insider threat tools (UEBA,
SIEM) Preferred Qualifications: Bachelor's Degree 3 years of
experience leading or conducting non-technical and technical
investigations utilizing insider threat tools (UEBA, SIEM)
Knowledge of Insider Threat or Data Loss Prevention programs,
incident management, or investigative programs Ability to identify
anomalous activities and associated risks At this time, Capital One
will not sponsor a new applicant for employment authorization, or
offer any immigration related support for this position (i.e. H1B,
F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN, or another type of work
authorization). Capital One offers a comprehensive, competitive,
and inclusive set of health, financial and other benefits that
support your total well-being. Learn more at the Capital One
Careers website . Eligibility varies based on full or part-time
status, exempt or non-exempt status, and management level. This
role is expected to accept applications for a minimum of 5 business
days. No agencies please. Capital One is an equal opportunity
employer committed to diversity and inclusion in the workplace. All
qualified applicants will receive consideration for employment
without regard to sex (including pregnancy, childbirth or related
medical conditions), race, color, age, national origin, religion,
disability, genetic information, marital status, sexual
orientation, gender identity, gender reassignment, citizenship,
immigration status, protected veteran status, or any other basis
prohibited under applicable federal, state or local law. Capital
One promotes a drug-free workplace. Capital One will consider for
employment qualified applicants with a criminal history in a manner
consistent with the requirements of applicable laws regarding
criminal background inquiries, including, to the extent applicable,
Article 23-A of the New York Correction Law; San Francisco,
California Police Code Article 49, Sections 4901-4920; New York
City---s Fair Chance Act; Philadelphia---s Fair Criminal Records
Screening Act; and other applicable federal, state, and local laws
and regulations regarding criminal background inquiries. If you
have visited our website in search of information on employment
opportunities or to apply for a position, and you require an
accommodation, please contact Capital One Recruiting at
1-800-304-9102 or via email at
RecruitingAccommodationcapitalone.com . All information you provide
will be kept confidential and will be used only to the extent
required to provide needed reasonable accommodations. For technical
support or questions about Capital One's recruiting process, please
send an email to Careerscapitalone.com Capital One does not
provide, endorse nor guarantee and is not liable for third-party
products, services, educational tools or other information
available through this site. Capital One Financial is made up of
several different entities. Please note that any position posted in
Canada is for Capital One Canada, any position posted in the United
Kingdom is for Capital One Europe and any position posted in the
Philippines is for Capital One Philippines Service Corp.
(COPSSC).
Keywords: Capital One, Norfolk , Principal Associate, Insider Threat and Technical Investigations, Education / Teaching , Sandy Hook, Virginia
Click
here to apply!
|