Cyber Threat Detection – Principal Associate – Security Testing
| Company | Capital One |
|---|---|
| Location | McLean, VA, USA, Richmond, VA, USA |
| Salary | $144200 – $181000 |
| Type | Full-Time |
| Degrees | |
| Experience Level | Mid Level, Senior |
Requirements
- Extensive experience in SQL programming
- Strong understanding of attacker TTPs, red team methodologies, and translating offensive security insights into detections
- Excellent analytical, communication, and leadership skills
- Must be able to perform root cause analysis independently or collaboratively with the team
- Experience in cybersecurity detection engineering, SIEM tuning, and rule validation
- Ability to perform synthetic testing, black-box testing, and automated validation of detections
- Customer service and stakeholder engagement skills
- Strong decision-making and strategic thinking in threat detection
- Proven experience working in a Security Operation Center (SOC)
- High School Diploma, GED, or equivalent certification
- At least 3 years of experience in Information Technology or Cyber Security
- At least 2 years of experience with host, cloud, application, or network logs
- At least 2 years of experience developing alerts for threat detection
- At least 2 years of pentesting or offensive security experience
Responsibilities
- Emphasis of this position will be in detecting MITRE ATT&CK techniques with a security testing or pentesting methodology
- Utilize offensive security testing to identify detection gaps, improve existing coverage, and scale detection capabilities across the enterprise
- Conduct detection validation, ensure alerts are tested, and manage effectiveness of processes and reporting
- Ability to conduct proactive threat research across enterprise environments using hypothesis driven methodologies
- Develop and implement best practices to identify malicious activity in a dynamic, fast-paced environment
- Understand the business drivers of the enterprise and partner with relevant stakeholders to ensure robust monitoring and expanded coverage across our hosts, networks, and applications
- Demonstrate a deep understanding of adversary techniques and emerging threats that could impact business operations
- Respond to inquiries from regulatory entities, risk management and audit teams, providing clear and complete documentation of procedures and workflows
- Experience mentoring junior engineers and contribute to a culture of continuous improvement and knowledge sharing
- Ability to articulate security risks and detection strategies to technical and executive audiences
Preferred Qualifications
- Bachelor’s Degree
- 4+ years of experience in Threat Detection, Threat Hunting, or Security Engineering
- 4+ years of experience with data science concepts and techniques
- 4+ years of experience with Red Teaming or Penetration Testing Tools and Techniques
- 2+ years of experience with Python
- OSCP, CEH, GIAC, GCIH, GCFA, or GREM certification