Insider Threat Exit Risk Program Lead
Company: Capital One
Location: Charlottesville
Posted on: November 19, 2024
Job Description:
Center 3 (19075), United States of America, McLean,
VirginiaInsider Threat Exit Risk Program LeadCapital One is looking
for an Insider Threat Exit Risk Program Lead to join the Cyber
Insider Threat and Technical Investigations (IT&TI) program. As
an Insider Threat Exit Risk Program Lead in the Exit Risk
Mitigation (XRM) team, you will provide program-level planning,
support, and directional guidance to drive the XRM program's
objectives for the monitoring, detection, triage, analysis, and
investigation of departing associates. Candidates should be able to
manage case workflows, understand investigative analyses and
findings, identify program-level needs and plan and implement
processes to accomplish them, and exercise attention to detail and
discretion in sensitive investigative matters. Candidates should
also thrive in a cross-functional and dynamic environment, where
coordination with partner teams and stakeholders is required.
-General Responsibilities:
- Perform programmatic planning and development support for XRM
program maintenance and growth, in coordination with the IT&TI
Program Team and leadership, as the XRM scope expands
- Understand the XRM program controls and processes for enhanced
monitoring and access controls
- Understand the XRM and IT&TI investigative processes, with
focus on the XRM analyst team triage and analysis of activity data
of exiting associates against insider threat alerts and referrals
from partner teams
- Develop and maintain XRM program plans and documentation,
exercising attention to detail and sound technical, interpersonal,
and organizational judgment
- Effectively communicate with IT&TI teammates and
leadership, other Cyber teams, and partners and stakeholders in HR,
the Office of Corporate Investigations (OCI), Legal, and
others
- Develop, follow, and maintain process 'playbooks' of various
operational investigative workflows
- Identify trends, gaps, and opportunities for process or alert
improvement, and raise or present these issues to Insider Threat
team leads for resolution
- Identify and enhance processes where automation will improve
efficiency
- Exercise discretion and professionalism when dealing with
associate-based investigations and inquiries and other sensitive
matters
- Work with alerting and monitoring technologies and other log
sources available to the Cyber Operations and Intelligence Teams to
refine investigation sequence and procedures
- Use technology, infrastructure, and operational processes to
enable a more effective user-based threat detection and
investigation program
- Strong communication skills with the ability to manage
responsibilities across multiple areas and projects
- Excellent problem-solving and conceptual thinking skills,
especially with process and technical troubleshooting
- Strong ability to develop and communicate recommendations to
non-technical associates in business areasBasic Qualifications:
- High School Diploma, GED, or equivalent certification
- At least 4 years of experience working in cybersecurity or
information technology
- At least 2 years of experience with project or program
management
- At least 2 years of experience analyzing information and data,
and documenting and communicating the findings or outcomesPreferred
Qualifications:
- Bachelor's Degree
- 2+ years of experience supporting cyber investigations,
incidents, data security events, and incident response or
management
- 2+ years of experience in insider threat
- CFCE, CCE, GCIA, GCIH, Security+, CFCE, EnCE, CISM, or CISSPAt
this time, Capital One will not sponsor a new applicant for
employment authorization, or offer any immigration related support
for this position (i.e. H1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1,
TN, or another type of work authorization).Capital One offers a
comprehensive, competitive, and inclusive set of health, financial
and other benefits that support your total well-being. Learn more
at the -. Eligibility varies based on full or part-time status,
exempt or non-exempt status, and management level.This role is
expected to accept applications for a minimum of 5 business days.No
agencies please. Capital One is an equal opportunity employer
committed to diversity and inclusion in the workplace. All
qualified applicants will receive consideration for employment
without regard to sex (including pregnancy, childbirth or related
medical conditions), race, color, age, national origin, religion,
disability, genetic information, marital status, sexual
orientation, gender identity, gender reassignment, citizenship,
immigration status, protected veteran status, or any other basis
prohibited under applicable federal, state or local law. Capital
One promotes a drug-free workplace. Capital One will consider for
employment qualified applicants with a criminal history in a manner
consistent with the requirements of applicable laws regarding
criminal background inquiries, including, to the extent applicable,
Article 23-A of the New York Correction Law; San Francisco,
California Police Code Article 49, Sections 4901-4920; New York
City's Fair Chance Act; Philadelphia's Fair Criminal Records
Screening Act; and other applicable federal, state, and local laws
and regulations regarding criminal background inquiries.If you have
visited our website in search of information on employment
opportunities or to apply for a position, and you require an
accommodation, please contact Capital One Recruiting at
1-800-304-9102 or via email at . All information you provide will
be kept confidential and will be used only to the extent required
to provide needed reasonable accommodations.For technical support
or questions about Capital One's recruiting process, please send an
email to Capital One does not provide, endorse nor guarantee and is
not liable for third-party products, services, educational tools or
other information available through this site.Capital One Financial
is made up of several different entities. Please note that any
position posted in Canada is for Capital One Canada, any position
posted in the United Kingdom is for Capital One Europe and any
position posted in the Philippines is for Capital One Philippines
Service Corp. (COPSSC).
Keywords: Capital One, Potomac , Insider Threat Exit Risk Program Lead, Other , Charlottesville, Maryland
Didn't find what you're looking for? Search again!
Loading more jobs...