Lead Cybersecurity Engineer, Threat Detection & Analytics

Capital One-posted 18 days ago
Full-time • Mid Level
Riverwoods, IL
5,001-10,000 employees
Credit Intermediation and Related Activities
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

The Threat Detection & Analytics team is seeking qualified professionals to join our ranks. This highly specialized team of skilled engineers serves as experts in creating high-quality detection logic and telemetry for our Security Operations Center (SOC) and related enterprise teams. With a world-class array of data-driven technologies at our disposal, we employ a risk-based approach to security detection based on best practices and industry frameworks. As a Detection Engineer, you will defend Capital One by helping to evolve, run, and maintain an adaptive threat detection program.

  • Analyzing data from a variety of sources (network, endpoint, application, etc.) and contributing to the full-lifecycle development of our cyber defense strategy
  • Creating detection logic, models, tooling, and frameworks to help our SOC analysts detect potential cyber incidents
  • Utilizing behavioral analytics technologies (e.g., UEBA) to better analyze and understand the full picture of user and entity behavior
  • Participating in threat modeling sessions with other teams to identify and defend against adversary Tactics, Techniques and Procedures (TTPs)
  • Leveraging automation platforms (e.g., SOAR) to improve incident identification and response times
  • Onboarding and normalization of telemetry to enhance our Security Information and Event Management System (SIEM)
  • Tuning detection capabilities and tooling to eliminate noise
  • Collaborating with Offensive Security teams to analyze and evaluate security monitoring effectiveness
  • Partnering with other engineering and security teams to improve our detection capabilities across the organization
  • Leading design discussions, code reviews, and paired programming sessions
  • High school diploma, GED or equivalent certification
  • At least 4 years of Cybersecurity experience
  • At least 4 years of big data experience
  • Bachelor's Degree
  • 6+ years of cybersecurity experience
  • 4+ years of AWS cloud security
  • 4+ years of experience in SIEM
  • 4+ years of scripting experience in Python or PowerShell
  • 2+ years of experience in Splunk
  • 2+ years of user/entity behavioral analytics
  • This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan.
  • Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.
Track Jobs with Teal

Job Search Resources

AI Resume Builder
Cybersecurity Engineer Resume Examples
Cybersecurity Engineer Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service