Insider Threat Exit Risk Program Lead

Center 3 (19075), United States of America, McLean, Virginia

Insider Threat Exit Risk Program Lead

Capital One is looking for an Insider Threat Exit Risk Program Lead to join the Cyber Insider Threat and Technical Investigations (IT&TI) program. As an Insider Threat Exit Risk Program Lead in the Exit Risk Mitigation (XRM) team, you will provide program-level planning, support, and directional guidance to drive the XRM program’s objectives for the monitoring, detection, triage, analysis, and investigation of departing associates. Candidates should be able to manage case workflows, understand investigative analyses and findings, identify program-level needs and plan and implement processes to accomplish them, and exercise attention to detail and discretion in sensitive investigative matters. Candidates should also thrive in a cross-functional and dynamic environment, where coordination with partner teams and stakeholders is required. 

General Responsibilities:

• Perform programmatic planning and development support for XRM program maintenance and growth, in coordination with the IT&TI Program Team and leadership, as the XRM scope expands

• Understand the XRM program controls and processes for enhanced monitoring and access controls

• Understand the XRM and IT&TI investigative processes, with focus on the XRM analyst team triage and analysis of activity data of exiting associates against insider threat alerts and referrals from partner teams

• Develop and maintain XRM program plans and documentation, exercising attention to detail and sound technical, interpersonal, and organizational judgment

• Effectively communicate with IT&TI teammates and leadership, other Cyber teams, and partners and stakeholders in HR, the Office of Corporate Investigations (OCI), Legal, and others

• Develop, follow, and maintain process ‘playbooks’ of various operational investigative workflows

• Identify trends, gaps, and opportunities for process or alert improvement, and raise or present these issues to Insider Threat team leads for resolution

• Identify and enhance processes where automation will improve efficiency

• Exercise discretion and professionalism when dealing with associate-based investigations and inquiries and other sensitive matters

• Work with alerting and monitoring technologies and other log sources available to the Cyber Operations and Intelligence Teams to refine investigation sequence and procedures

• Use technology, infrastructure, and operational processes to enable a more effective user-based threat detection and investigation program

• Strong communication skills with the ability to manage responsibilities across multiple areas and projects

• Excellent problem-solving and conceptual thinking skills, especially with process and technical troubleshooting

• Strong ability to develop and communicate recommendations to non-technical associates in business areas

Basic Qualifications:

• High School Diploma, GED, or equivalent certification

• At least 4 years of experience working in cybersecurity or information technology

• At least 2 years of experience with project or program management

• At least 2 years of experience analyzing information and data, and documenting and communicating the findings or outcomes

Preferred Qualifications:

• Bachelor’s Degree

• 2+ years of experience supporting cyber investigations, incidents, data security events, and incident response or management

• 2+ years of experience in insider threat

• CFCE, CCE, GCIA, GCIH, Security+, CFCE, EnCE, CISM, or CISSP

At this time, Capital One will not sponsor a new applicant for employment authorization, or offer any immigration related support for this position (i.e. H1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN, or another type of work authorization).

Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at theCapital One Careers website. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.

This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex (including pregnancy, childbirth or related medical conditions), race, color, age, national origin, religion, disability, genetic information, marital status, sexual orientation, gender identity, gender reassignment, citizenship, immigration status, protected veteran status, or any other basis prohibited under applicable federal, state or local law. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City’s Fair Chance Act; Philadelphia’s Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries.

If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at [email protected]. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.

For technical support or questions about Capital One’s recruiting process, please send an email to [email protected]

Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site.

Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).