1750 Tysons (12023), United States of America, McLean, Virginia
SIC Analyst - Principal Assoc
Capital One is looking for talented Information Security Analysts with network security monitoring experience to join our Security Intelligence Center (SIC) in McLean, VA. The Principle Associate level SIC Analyst position will require a deep knowledge of network protocols and infrastructure, log investigation techniques, and incident handling experience. Not only will you need to know about the threats to networks and applications, and theory regarding network protocols, but also the ability to proactively identify signs of misuse and abuse using various log sources.
Your goal is to find the bad guys attempting to attack Capital One infrastructure, and route out and stop any malicious actors who make it past our defenses. You will not be staring at a SIEM hoping to find the actionable alert in a sea of noise; you will not simply be following a script and escalating alerts to a tier 3 team. You will be responsible for investigations from start to finish, and for initiating your own investigations to locate malicious activity. In addition to the technical skills, you will need to be a leader, someone who enjoys training and mentoring teammates, and a person who can encourage and elevate the team.
- At least 3 years of experience conducting Cybersecurity investigations into network and application activity
- At least 2 years of experience working in a Security Operations Center (SOC) with SIEM technology
- At least 2 years of experience analyzing common application and network based attacks
- At least 4 years of experience working with *nix and Windows operating systems
- At least 4 years of experience interpreting, and identifying abuse in, routed and routing protocols and application traffic
- At least 2 years of hands-on experience with coordinating and supporting incident handling and remediation
- At least 3 years of experience leveraging core security and infrastructure technologies during investigations (e.g. firewall logs, network security tools, malware detonation devices, proxies, IPS/IDS)
- At least 2 years of experience with PCAP analysis, including extracting files and content from PCAPs, identifying gzipped content, and base64 detection
- Bachelor’s Degree in Information Technology, Cyber Security, Computer Science, or equivalent military experience
- SANS GIAC 503 or 504 Certifications
- At least 5 years in a Cybersecurity operations role
- At least 1 year of experience configuring security appliances
- At least 1 year of experience developing SIEM alerts and IPS/IDS signatures
At this time, Capital One will not sponsor a new applicant for employment authorization for this position.
A little about us:
Headquartered in McLean, Virginia, Capital One® offers a broad array of financial products and services to consumers.