Senior Threat Detection Engineer

About This Role

Join the Threat Detection & Analytics team to create high-quality detection logic and telemetry for the Security Operations Center (SOC). Employ a risk-based approach to security detection and defend Capital One by evolving and maintaining an adaptive threat detection program.

Responsibilities

• Analyze data from various sources (network, endpoint, application) for cyber defense strategy
• Create detection logic, models, tooling, and frameworks for SOC analysts
• Utilize behavioral analytics technologies (UEBA) to understand user and entity behavior
• Participate in threat modeling sessions to defend against adversary Tactics, Techniques and Procedures (TTPs)
• Leverage automation platforms (SOAR) to improve incident identification and response times
• Onboard and normalize telemetry to enhance Security Information and Event Management System (SIEM)
• Tune detection capabilities and tooling to eliminate noise
• Collaborate with Offensive Security teams to evaluate security monitoring effectiveness
• Partner with other engineering and security teams to improve detection capabilities
• Lead design discussions, code reviews, and paired programming sessions

Requirements

• High school diploma, GED or equivalent certification
• At least 3 years of Cybersecurity experience
• At least 3 years of big data experience

Qualifications

• High school diploma, GED or equivalent certification
• At least 3 years of Cybersecurity experience and at least 3 years of big data experience

Nice to Have

• Bachelor's Degree
• 5+ years of cybersecurity experience
• 4+ years of AWS cloud security
• 4+ years of experience in SIEM
• 3+ years of scripting experience in Python or PowerShell
• 2+ years of experience in Splunk
• 2+ years of user/entity behavioral analytics

Skills

* Required skills

Benefits