Expoint - all jobs in one place

Finding the best job has never been easier

Limitless High-tech career opportunities - Expoint

Capital One Senior Associate Cyber Threat Detection 
United States, Virginia, Arlington 
508280310

Yesterday

Share

Log in to apply
Center 3 (19075), United States of America, McLean, Virginia Senior Associate, Cyber Threat Detection


Primary Responsibilities:

  • Collaborate with broader Cyber Operations teams to prioritize and operationalize detective measures of known or tested gaps in coverage leveraging MITRE ATT&CK

  • Develop, implement, and test alerts that CSOC and Insider threat will triage per the Incident Response plan

  • Perform retrospective analysis of alerts to determine fidelity

  • Peer-review colleagues’ alert development proposals

  • Periodic review of coverage heatmap to understand gaps in coverage

  • Perform reviews of alert catalog to propose changes to existing alerts or create new ones

  • Collaborate with CSOC to maintain, migrate, or decommission Cyber alerts

  • Collaborate with Cyber Log management to onboard new data sources or specific event IDs, needed to develop detective use cases

  • Experience with Regular expression

Basic Qualifications:

  • High School Diploma, GED, or equivalent certification

  • At least 1.5 years of experience working in cybersecurity or information technology

  • At least 1 year of experience in Security Operations Center (SOC)

  • At least 1 year of experience working with Linux, Unix, or Windows operating systems

  • At least 1 year of experience with public cloud environments (AWS, Azure, or Google Cloud Platform)

Preferred Qualifications:

  • Bachelor's Degree

  • 2+ years of experience in working on a Threat Detection team

  • 2+ years of experience working with cyber threat intelligence and the MITRE ATT&CK framework

  • 2+ years of SQL or Python experience

  • 1+ years of experience leading a project

  • 1+ years of experience working with Detection-as-Code (DaC) principles

  • Security+, CEH, CISSP, OSCP, OSCE, GCTD, AWS Security Specialty, or Professional Cloud Security Engineer Certification

. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.

If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.

These jobs might be a good fit

Professional CV Builder tool from Expoint.

Get to the top of the "yes list" with a standout CV!

CREATE CV