Sign In
 [New User? Sign Up]
Mobile Version

SIEM Analytics Developer

Capital One


Location:
McLean, VA
Date:
07/20/2017
2017-07-202017-08-19
Job Code:
capitalone2-R30184
Categories:
  • Management
  •  
  • Save Ad
  • Email Friend
  • Print
  • Research Salary

Job Details

Company Capital One

Job Title: SIEM Analytics Developer

JobID: capitalone2-R30184

Location: McLean, VA, 22106, USA

Description: McLean 1 (19050), United States of America, McLean, Virginia



At Capital One, we’re building a leading information-based technology company. Still founder-led by Chairman and Chief Executive Officer Richard Fairbank, Capital One is on a mission to help our customers succeed by bringing ingenuity, simplicity, and humanity to banking. We measure our efforts by the success our customers enjoy and the advocacy they exhibit. We are succeeding because they are succeeding.



Guided by our shared values, we thrive in an environment where collaboration and openness are valued. We believe that innovation is powered by perspective and that teamwork and respect for each other lead to superior results. We elevate each other and obsess about doing the right thing. Our associates serve with humility and a deep respect for their responsibility in helping our customers achieve their goals and realize their dreams. Together, we are on a quest to change banking for good.



SIEM Analytics Developer



Capital One (yes, the “what’s in your wallet?” company!) is rethinking the way the world approaches banking. We’re experimenting, innovating, and delivering breakthrough experiences at https://youtu.be/YWHZOx0YTc0 for 65 million customers. We love to be curious, to dream, and ask “What if?” Oh, and we love to write code at https://developer.capitalone.com/ , and not to brag, but we’re also a great place to work! at http://beta.fortune.com/best-companies/capital-one-financial-corporation-17



You will develop SIEM analytics and integrations to be deployed across Capitol One lines of business. You will also be adept at developing advanced SIEM correlation rules, reports and dashboards to detect emerging threats.



+ Manage, develop and tune the scripts that integrate SIEM

+ Create technical documentation around the content deployed to the SIEM

+ Monitor the impact of deploying new content to the health and performance of the SIEM

+ Lead logging enrollments from multi-tier applications into the enterprise logging platforms

+ Develop specific content necessary to implement Security Use Cases and transform into correlation queries, templates, reports, rules, alerts, dashboards, and workflow

+ Develops advanced scripts for manipulation of multiple data repositories to support analyst requirements

+ Develop advanced reports to meet the requirements of key stakeholders

+ Develop scalable security management tools and processes

+ Engineers, configures and deploys Enterprise SIEM/SEM solutions

+ Develop automation for security tools management

+ Collaborate with application owners to define and establish logging standards to address various governance requirements



You will ensure our security infrastructure and tools are strategically and operationally aligned to support the enforcement of information security policy and standard in both on-premise and cloud environments.



If you have deployed and managed a large SIEM deployment, you must have an excellent understanding of SIEM concepts and enterprise logging standards and we’d love to know which SIEM system you’ve utilized, if it’s not ElasticStack. You’ll also be a Splunk authority who enjoys showing off their excellent Python, Powershell and Unix Shell scripting skills. Additionally, you will be a Cyber Security leader who has partnered closely with red team/blue team operations. If you love working with the following data sources HIDS/HIPS, WAFS, IDS/IPS, AV, firewalls and web proxies to unearth key information, you’ll likely be in an environment that will keep you problem solving and learning every day while you apply your knowledge of web application architectures and web services!



**Basic Qualifications** :



+ Bachelor’s Degree or Military Experience

+ At least 3 years’ experience in Technical Leadership

+ At least 3 years’ experience in with the ElasticStack

+ At least 2 years’ of experience performing risk assessments, secure network architecture, and vulnerability management

+ At least 5 years’ of network security and system security experience, supporting security event management tools (SIEMs)



**Preferred Qualifications:**



+ Bachelor’s Degree in Information Technology or Information Security

+ 7+ years of experience in information security or networking

+ 3+ years’ experience scripting

+ 3+ years’ experience supporting a Cloud environment

+ 2+ years’ experience using Agile Scrum methodologies

+ Experience working with Big Data Platforms/non-relational databases

+ Experince working on a Red Team and/or Blue Team

+ Experience developing Data Analytics / Anonmaly detection algorithms

+ Certified or intend to pursue one or an equivalent of the following certifications: CISA, CISSP, CRISC, C|EH, CISM, AWS Solutions Architect Associate



At this time, Capital One will not sponsor a new applicant for employment authorization for this position.



At Capital One, we’re building a leading information-based technology company. Still founder-led by Chairman and Chief Executive Officer Richard Fairbank, Capital One is on a mission to help our customers succeed by bringing ingenuity, simplicity, and humanity to banking. We measure our efforts by the success our customers enjoy and the advocacy they exhibit. We are succeeding because they are succeeding.                                               


Featured Employers

Featured Jobs

CareerConnection Video