The point where experts and best companies meet
Share
General Responsibilities:
Perform programmatic planning and development support for XRM program maintenance and growth, in coordination with the IT&TI Program Team and leadership, as the XRM scope expands
Understand the XRM program controls and processes for enhanced monitoring and access controls
Understand the XRM and IT&TI investigative processes, with focus on the XRM analyst team triage and analysis of activity data of exiting associates against insider threat alerts and referrals from partner teams
Develop and maintain XRM program plans and documentation, exercising attention to detail and sound technical, interpersonal, and organizational judgment
Effectively communicate with IT&TI teammates and leadership, other Cyber teams, and partners and stakeholders in HR, the Office of Corporate Investigations (OCI), Legal, and others
Develop, follow, and maintain process ‘playbooks’ of various operational investigative workflows
Identify trends, gaps, and opportunities for process or alert improvement, and raise or present these issues to Insider Threat team leads for resolution
Identify and enhance processes where automation will improve efficiency
Exercise discretion and professionalism when dealing with associate-based investigations and inquiries and other sensitive matters
Work with alerting and monitoring technologies and other log sources available to the Cyber Operations and Intelligence Teams to refine investigation sequence and procedures
Use technology, infrastructure, and operational processes to enable a more effective user-based threat detection and investigation program
Strong communication skills with the ability to manage responsibilities across multiple areas and projects
Excellent problem-solving and conceptual thinking skills, especially with process and technical troubleshooting
Strong ability to develop and communicate recommendations to non-technical associates in business areas
Basic Qualifications:
High School Diploma, GED, or equivalent certification
At least 4 years of experience working in cybersecurity or information technology
At least 2 years of experience with project or program management
At least 2 years of experience analyzing information and data, and documenting and communicating the findings or outcomes
Preferred Qualifications:
Bachelor's Degree
2+ years of experience supporting cyber investigations, incidents, data security events, and incident response or management
2+ years of experience in insider threat
CFCE, CCE, GCIA, GCIH, Security+, CFCE, EnCE, CISM, or CISSP
. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.
If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.
These jobs might be a good fit