The point where experts and best companies meet
Share
Primary Responsibilities
Collaborate with broader Cyber Operations teams to prioritize and operationalize detective measures or known or tested gaps in coverage leveraging MITRE ATT&CK.
Develop, Implement, and test alerts that CSOC will triage per the Incident Response plan
Perform retrospective analysis of alerts to determine fidelity
Periodic review of coverage heatmap to understand gaps in coverage
Perform reviews of alert catalog to propose changes to existing alerts or create new ones.
Collaborate with CSOC to maintain, migrate, or decommission Cyber alerts
Collaborate with Cyber Log management to onboard new data sources or specific event IDs, needed to develop detective use cases
Basic Qualifications
High School Diploma, GED or equivalent certification
At least 2 years of experience working in cybersecurity or information technology
At least 1 year of experience in Security Operations Center (SOC)
At least 1 year of experience working with Linux, Unix, or Windows operating systems
At least 1 year of experience with public cloud environments (AWS, Azure, or Google Cloud Platform)
Preferred Qualifications
Bachelor's degree in Computer Science, Information Security, or related field.
2+ years of experience in working on a Threat Detection team
Experience working with cyber threat intelligence and the MITRE ATT&CK framework
2+ years of SQL or Python experience
Knowledge of Detection-as-Code principles
One or more of the following certifications: Security+, CEH, CISSP, OSCP, OSCE, GCTD, AWS Security Specialty, or Professional Cloud Security Engineer
1+ year of experience leading a project
. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.
If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.
These jobs might be a good fit