Capital One Insider Threat Exit Risk Program Lead 

United States, Virginia, Arlington 

380165349

Center 3 (19075), United States of America, McLean, Virginia Insider Threat Exit Risk Program Lead

General Responsibilities:

• Perform programmatic planning and development support for XRM program maintenance and growth, in coordination with the IT&TI Program Team and leadership, as the XRM scope expands

• Understand the XRM program controls and processes for enhanced monitoring and access controls

• Understand the XRM and IT&TI investigative processes, with focus on the XRM analyst team triage and analysis of activity data of exiting associates against insider threat alerts and referrals from partner teams

• Develop and maintain XRM program plans and documentation, exercising attention to detail and sound technical, interpersonal, and organizational judgment

• Effectively communicate with IT&TI teammates and leadership, other Cyber teams, and partners and stakeholders in HR, the Office of Corporate Investigations (OCI), Legal, and others

• Develop, follow, and maintain process ‘playbooks’ of various operational investigative workflows

• Identify trends, gaps, and opportunities for process or alert improvement, and raise or present these issues to Insider Threat team leads for resolution

• Identify and enhance processes where automation will improve efficiency

• Exercise discretion and professionalism when dealing with associate-based investigations and inquiries and other sensitive matters

• Work with alerting and monitoring technologies and other log sources available to the Cyber Operations and Intelligence Teams to refine investigation sequence and procedures

• Use technology, infrastructure, and operational processes to enable a more effective user-based threat detection and investigation program

• Strong communication skills with the ability to manage responsibilities across multiple areas and projects

• Excellent problem-solving and conceptual thinking skills, especially with process and technical troubleshooting

• Strong ability to develop and communicate recommendations to non-technical associates in business areas

Basic Qualifications:

• High School Diploma, GED, or equivalent certification

• At least 4 years of experience working in cybersecurity or information technology

• At least 2 years of experience with project or program management

• At least 2 years of experience analyzing information and data, and documenting and communicating the findings or outcomes

Preferred Qualifications:

• Bachelor's Degree

• 2+ years of experience supporting cyber investigations, incidents, data security events, and incident response or management

• 2+ years of experience in insider threat

• CFCE, CCE, GCIA, GCIH, Security+, CFCE, EnCE, CISM, or CISSP

. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.

If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.