Senior Manager, Cyber Security Analyst, Threat Detection – Capital One – McLean, VA
Note: We may earn a commission from products or services when you click on a link and make a purchase.
7900 Westpark Drive (12131), United States of America, McLean, Virginia
Senior Manager – Cyber Security Analyst, Threat Detection
Capital One’s Cyber Organization is a fast-paced, dynamic environment committed to enabling and securing the business. In this role, you will be responsible for solving hard problems using cutting-edge technology in the areas of engineering, alert development, and monitoring.
- Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.
- Lead the construction of signatures which can be implemented on cyber defense network tools in response to new or observed threats within the network environment or enclave.
- Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat condition and determine which security issues may have an impact on the enterprise.
- Provide thought leadership to implement best practices to detect malicious activity in a fast-paced, ever-changing technology environment.
- Collaborate with operation teams to build novel detections, establish repeatable processes, and drive automation for containment and remediation activities
- Analyze and define data requirements and specifications for log ingestion and new security products.
- Coordinate and provide expert technical leadership to enterprise-wide cyber defense operators to resolve cyber defense incidents.
- Demonstrate a deep knowledge of adversary techniques and emerging threats that could adversely impact business activities.
- High School Diploma, GED, or equivalent certification
- At least 7 years of experience in Information Technology
- At least 4 years of experience working with Host and Network-based Intrusion detection and prevention systems including signature development and event alert analysis
- At least 3 years of experience using Security Information and Event Management technologies (Securonix, ArcSight, LogRhythm, ELK or Splunk).
- At least 3 years of experience securing Cloud Security across AWS, Azure or Google Cloud Platform
- 8+ years of experience working with network and operating system security concepts.
- Experience with cyber use case and content development within SIEM systems, including SOAR methodologies.
- Experience working with cyber threat intelligence and the Mitre ATT&CK framework.
- Experience working in the financial industry or similarly regulated environment.
- Experience writing regular expressions.
At this time, Capital One will not sponsor a new applicant for employment authorization for this position.
Job Category – Information Technology, Engineering, Technology Explorers, Cyber, Technology Explorers