Center 3 (19075), United States of America, McLean, VirginiaInsider Threat Exit Risk Program LeadCapital One is looking for an Insider Threat Exit Risk Program Lead to join the Cyber Insider Threat and Technical Investigations (IT&TI) program. As an Insider Threat Exit Risk Program Lead in the Exit Risk Mitigation (XRM) team, you will provide program-level planning, support, and directional guidance to drive the XRM program's objectives for the monitoring, detection, triage, analysis, and investigation of departing associates. Candidates should be able to manage case workflows, understand investigative analyses and findings, identify program-level needs and plan and implement processes to accomplish them, and exercise attention to detail and discretion in sensitive investigative matters. Candidates should also thrive in a cross-functional and dynamic environment, where coordination with partner teams and stakeholders is required. General Responsibilities:Perform programmatic planning and development support for XRM program maintenance and growth, in coordination with the IT&TI Program Team and leadership, as the XRM scope expandsUnderstand the XRM program controls and processes for enhanced monitoring and access controlsUnderstand the XRM and IT&TI investigative processes, with focus on the XRM analyst team triage and analysis of activity data of exiting associates against insider threat alerts and referrals from partner teamsDevelop and maintain XRM program plans and documentation, exercising attention to detail and sound technical, interpersonal, and organizational judgmentEffectively communicate with IT&TI teammates and leadership, other Cyber teams, and partners and stakeholders in HR, the Office of Corporate Investigations (OCI), Legal, and othersDevelop, follow, and maintain process 'playbooks' of various operational investigative workflowsIdentify trends, gaps, and opportunities for process or alert improvement, and raise or present these issues to Insider Threat team leads for resolutionIdentify and enhance processes where automation will improve efficiencyExercise discretion and professionalism when dealing with associate-based investigations and inquiries and other sensitive mattersWork with alerting and monitoring technologies and other log sources available to the Cyber Operations and Intelligence Teams to refine investigation sequence and proceduresUse technology, infrastructure, and operational processes to enable a more effective user-based threat detection and investigation programStrong communication skills with the ability to manage responsibilities across multiple areas and projectsExcellent problem-solving and conceptual thinking skills, especially with process and technical troubleshootingStrong ability to develop and communicate recommendations to non-technical associates in business areasBasic Qualifications:High School Diploma, GED, or equivalent certificationAt least 4 years of experience working in cybersecurity or information technologyAt least 2 years of experience with project or program managementAt least 2 years of experience analyzing information and data, and documenting and communicating the findings or outcomesPreferred Qualifications:Bachelor's Degree2+ years of experience supporting cyber investigations, incidents, data security events, and incident response or management2+ years of experience in insider threatCFCE, CCE, GCIA, GCIH, Security+, CFCE, EnCE, CISM, or CISSPAt this time, Capital One will not sponsor a new applicant for employment authorization, or offer any immigration related support for this position (i.e. H1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN, or another type of work authorization).Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.This role is expected to accept applications for a minimum of 5 business days.No agencies please.
Capital One is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex (including pregnancy, childbirth or related medical conditions), race, color, age, national origin, religion, disability, genetic information, marital status, sexual orientation, gender identity, gender reassignment, citizenship, immigration status, protected veteran status, or any other basis prohibited under applicable federal, state or local law. Capital One promotes a drug-free workplace.
Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries.If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at
or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable technical support or questions about Capital One's recruiting process, please send an email to Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site.Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).