Capital One Manager Senior Digital Forensic Examiner DFE 

United States, Texas, Plano 

356569988

Plano 3 (31063), United States of America, Plano, Texas Manager, Senior Digital Forensic Examiner (DFE)

Responsibilities:

• Secure handling/collection of digital evidence and maintaining chain of custody

• Lead internal investigations leveraging the use of digital forensics technologies, practices, and philosophies

• Support partner external investigations/incident response as a forensics subject matter expert (SME)

• Managing multiple cases and prioritizing workload

• Develop, follow, and maintain documentation (job aids, playbooks, SOPs, etc) which provide a visual depiction of various operational investigative workflows

• Identify and enhance processes where automation has the potential to improve efficiency

• Create, prepare, and defend detailed technical investigative reports for presenting findings to leadership, corporate investigations, and legal partners

• Maintain and test forensic tooling and processes ensuring integrity of forensics collection, preservation and analysis across an evolving ecosystem.

Basic Qualifications:

• High School Diploma, GED or equivalent certification

• At least 6 years of experience in digital forensics, incident response or cyber investigative analysis

• At least 6 years of experience leading or conducting cyber technical investigations utilizing one of the following digital forensics and incident response tools EnCase, FTK, Axiom, X-Ways, or Cellebrite

• At least 6 years of experience with computer hardware components, file systems, computer networks, IT security or incident response

• At least 6 years of experience with forensic preservation, collection, and analysis of operating systems, e-mail systems, and mobile devices

• At least 3 years of technical troubleshooting experience

• At least 1 year of experience with evidence handling and chain of custody procedures

Preferred Qualifications:

• Bachelor’s Degree in Digital Forensics, Computer Science, Information Systems, or Software Engineering

• 7+ years of experience with Insider Threat or Data Loss Prevention programs, incident management, or investigative programs and the ability to identify anomalous activities and associated risks

• 3+ years experience in investigating cloud computing platforms including AWS, GCP, or Azure

• 3+ years of experience writing queries in Structured Query Language (SQL) or Kibana Query Language (KQL) with a focus on log parsing

• 3+ years of experience developing and communicating recommendations to non-technical business areas

• One or more of the following recognized industry certifications: GIAC GCFA, GIAC GCFE, GIAC GSAF, CFCE, CCE, GCIA, GCIH, Security+, EnCE, or CISSP

. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.

If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.