Principal Associate, Insider Threat and Technical Investigations
Company: Capital One
Location: Norfolk
Posted on: November 19, 2024
Job Description:
Center 3 (19075), United States of America, McLean,
VirginiaPrincipal Associate, Insider Threat and Technical
InvestigationsCapital One is looking for an Insider Threat
Investigator to join the Cyber Insider Threat team. -The Insider
Threat Investigator role is responsible for the detection and
investigation of anomalous user activities and indicators of
potential insider threats. This position will be part of the Cyber
Insider Threat and Technical Investigations program, responsible
for utilizing a wide variety of security tools across multiple
environments. -You will perform analysis, investigation,
monitoring, and management of user and endpoint based insider
threats. These tasks include but are not limited to: creating and
maintaining investigation and incident tracking information;
planning, coordinating and performing user behavior-based
investigations; drafting and presenting detailed investigative
reports and summaries; investigation analysis tasks including
preservation and examination of all available information, and
supporting evidence or artifacts collection related to incident or
event. -Responsibilities:
- Track and document investigations from initial detection
through final resolution including documenting requests and
activities in a case management system
- Effectively and professionally secure handling and collection
of digital evidence
- Exercise sound technical, interpersonal, and organizational
judgment while evaluating and solving complex problems
- Conduct highly technical investigations utilizing data from
detection tools, including UEBA, SIEM, and others
- Exercise discretion and professionalism when conducting
user-based investigations and inquiries
- Identify and enhance processes where automation has the
potential to improve efficiency
- Create, prepare, and defend technical escalation reports for
presenting findings to leadership, corporate investigations, and
legal partnersBasic Qualifications:
- High School Diploma, GED or equivalent certification
- At least 3 years of experience in the cybersecurity,
investigative analysis, or intelligence field
- At least 2 years of experience leading or conducting
non-technical and technical investigations utilizing insider threat
tools (UEBA, SIEM)Preferred Qualifications:
- Bachelor's Degree
- 3+ years of experience leading or conducting non-technical and
technical investigations utilizing insider threat tools (UEBA,
SIEM)
- Knowledge of Insider Threat or Data Loss Prevention programs,
incident management, or investigative programs
- Ability to identify anomalous activities and associated risksAt
this time, Capital One will not sponsor a new applicant for
employment authorization, or offer any immigration related support
for this position (i.e. H1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1,
TN, or another type of work authorization).Capital One offers a
comprehensive, competitive, and inclusive set of health, financial
and other benefits that support your total well-being. Learn more
at the -. Eligibility varies based on full or part-time status,
exempt or non-exempt status, and management level.This role is
expected to accept applications for a minimum of 5 business days.No
agencies please. Capital One is an equal opportunity employer
committed to diversity and inclusion in the workplace. All
qualified applicants will receive consideration for employment
without regard to sex (including pregnancy, childbirth or related
medical conditions), race, color, age, national origin, religion,
disability, genetic information, marital status, sexual
orientation, gender identity, gender reassignment, citizenship,
immigration status, protected veteran status, or any other basis
prohibited under applicable federal, state or local law. Capital
One promotes a drug-free workplace. Capital One will consider for
employment qualified applicants with a criminal history in a manner
consistent with the requirements of applicable laws regarding
criminal background inquiries, including, to the extent applicable,
Article 23-A of the New York Correction Law; San Francisco,
California Police Code Article 49, Sections 4901-4920; New York
City's Fair Chance Act; Philadelphia's Fair Criminal Records
Screening Act; and other applicable federal, state, and local laws
and regulations regarding criminal background inquiries.If you have
visited our website in search of information on employment
opportunities or to apply for a position, and you require an
accommodation, please contact Capital One Recruiting at
1-800-304-9102 or via email at . All information you provide will
be kept confidential and will be used only to the extent required
to provide needed reasonable accommodations.For technical support
or questions about Capital One's recruiting process, please send an
email to Capital One does not provide, endorse nor guarantee and is
not liable for third-party products, services, educational tools or
other information available through this site.Capital One Financial
is made up of several different entities. Please note that any
position posted in Canada is for Capital One Canada, any position
posted in the United Kingdom is for Capital One Europe and any
position posted in the Philippines is for Capital One Philippines
Service Corp. (COPSSC).
Keywords: Capital One, Norfolk , Principal Associate, Insider Threat and Technical Investigations, IT / Software / Systems , Norfolk, Virginia
Didn't find what you're looking for? Search again!
Loading more jobs...