Expoint - all jobs in one place

The point where experts and best companies meet

Limitless High-tech career opportunities - Expoint

Capital One Senior Associate Cyber Threat Detection 
United States, Virginia, Arlington 
967474200

14.09.2024
Center 3 (19075), United States of America, McLean, Virginia Senior Associate, Cyber Threat Detection

Primary Responsibilities

  • Collaborate with broader Cyber Operations teams to prioritize and operationalize detective measures or known or tested gaps in coverage leveraging MITRE ATT&CK.

  • Develop, Implement, and test alerts that CSOC will triage per the Incident Response plan

  • Perform retrospective analysis of alerts to determine fidelity

  • Periodic review of coverage heatmap to understand gaps in coverage

  • Perform reviews of alert catalog to propose changes to existing alerts or create new ones.

  • Collaborate with CSOC to maintain, migrate, or decommission Cyber alerts

  • Collaborate with Cyber Log management to onboard new data sources or specific event IDs, needed to develop detective use cases

Basic Qualifications

  • High School Diploma, GED or equivalent certification

  • At least 2 years of experience working in cybersecurity or information technology

  • At least 1 year of experience in Security Operations Center (SOC)

  • At least 1 year of experience working with Linux, Unix, or Windows operating systems

  • At least 1 year of experience with public cloud environments (AWS, Azure, or Google Cloud Platform)

Preferred Qualifications

  • Bachelor's degree in Computer Science, Information Security, or related field.

  • 2+ years of experience in working on a Threat Detection team

  • Experience working with cyber threat intelligence and the MITRE ATT&CK framework

  • 2+ years of SQL or Python experience

  • Knowledge of Detection-as-Code principles

  • One or more of the following certifications: Security+, CEH, CISSP, OSCP, OSCE, GCTD, AWS Security Specialty, or Professional Cloud Security Engineer

  • 1+ year of experience leading a project

. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.

If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.