Senior Threat Detection Engineer

About The Position

Requirements

• High school diploma, GED or equivalent certification
• At least 3 years of Cybersecurity experience
• At least 3 years of big data experience

Nice To Haves

• Bachelor’s Degree
• 5+ years of cybersecurity experience
• 4+ years of AWS cloud security
• 4+ years of experience in SIEM
• 3+ years of scripting experience in Python or PowerShell
• 2+ years of experience in Splunk
• 2+ years of user/entity behavioral analytics

Responsibilities

• Analyzing data from a variety of sources (network, endpoint, application, etc.) and contributing to the full-lifecycle development of our cyber defense strategy
• Creating detection logic, models, tooling, and frameworks to help our SOC analysts detect potential cyber incidents
• Utilizing behavioral analytics technologies (e.g., UEBA) to better analyze and understand the full picture of user and entity behavior
• Participating in threat modeling sessions with other teams to identify and defend against adversary Tactics, Techniques and Procedures (TTPs)
• Leveraging automation platforms (e.g., SOAR) to improve incident identification and response times
• Onboarding and normalization of telemetry to enhance our Security Information and Event Management System (SIEM)
• Tuning detection capabilities and tooling to eliminate noise
• Collaborating with Offensive Security teams to analyze and evaluate security monitoring effectiveness
• Partnering with other engineering and security teams to improve our detection capabilities across the organization
• Leading design discussions, code reviews, and paired programming sessions

Benefits

• Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.