Capital One Principal Associate Insider Threat Technical Investigations 

United States, Virginia, Arlington 

381028059

Center 3 (19075), United States of America, McLean, Virginia Principal Associate, Insider Threat and Technical Investigations

The Insider Threat Investigator role is responsible for the detection and investigation of anomalous user activities and indicators of potential insider threats. This position will be part of the Cyber Insider Threat and Technical Investigations program, responsible for utilizing a wide variety of security tools across multiple environments.

You will perform analysis, investigation, monitoring, and management of user and endpoint based insider threats. These tasks include but are not limited to: creating and maintaining investigation and incident tracking information; planning, coordinating and performing user behavior-based investigations; drafting and presenting detailed investigative reports and summaries; investigation analysis tasks including preservation and examination of all available information, and supporting evidence or artifacts collection related to incident or event.

Responsibilities:

• Track and document investigations from initial detection through final resolution including documenting requests and activities in a case management system

• Effectively and professionally secure handling and collection of digital evidence

• Exercise sound technical, interpersonal, and organizational judgment while evaluating and solving complex problems

• Conduct highly technical investigations utilizing data from detection tools, including UEBA, SIEM, and others

• Exercise discretion and professionalism when conducting user-based investigations and inquiries

• Identify and enhance processes where automation has the potential to improve efficiency

• Create, prepare, and defend technical escalation reports for presenting findings to leadership, corporate investigations, and legal partners

Basic Qualifications:

• High School Diploma, GED or equivalent certification

• At least 3 years of experience in the cybersecurity, investigative analysis, or intelligence field

• At least 2 years of experience leading or conducting non-technical and technical investigations utilizing insider threat tools (UEBA, SIEM)

Preferred Qualifications:

• Bachelor's Degree

• 3+ years of experience leading or conducting non-technical and technical investigations utilizing insider threat tools (UEBA, SIEM)

• Knowledge of Insider Threat or Data Loss Prevention programs, incident management, or investigative programs

• Ability to identify anomalous activities and associated risks

. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.

If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.