Senior Cyber Intelligence AnalystApply now Job ID R67465 Updated date 02/08/2019 Location Nottingham, England; London, England
At Capital One, we’re building a leading information-based technology company. Still founder-led by Chairman and Chief Executive Officer Richard Fairbank, Capital One is on a mission to help our customers succeed by bringing ingenuity, simplicity, and humanity to banking. We measure our efforts by the success our customers enjoy and the advocacy they exhibit. We are succeeding because they are succeeding.
Guided by our shared values, we thrive in an environment where collaboration and openness are valued. We believe that innovation is powered by perspective and that teamwork and respect for each other lead to superior results. We elevate each other and obsess about doing the right thing. Our associates serve with humility and a deep respect for their responsibility in helping our customers achieve their goals and realize their dreams. Together, we are on a quest to change banking for good.
Capital One performs cybersecurity oversight for third parties to ensure contracted or third parties being assessed as part of onboarding processes, maintain cybersecurity governance, controls, monitoring and response adequate to protect shared data.
Capital One’s Information Assurance Third Party Management (IA TPM) function is building a small team of cyber intelligence analysts to review intelligence related to its contracted third parties and then triage the information using a risk-based model for possible follow-up with our third parties.
This new team will review intelligence gathered from multiple internal and external tools, assess the information for potential cybersecurity concerns, and prepare reports for the third party managers to engage with the third party. We are currently looking for two Principal Associates to provide the support for this new role.
- Maintain an expert knowledge of the Capital One Information Security Policy and Standards, and Information Assurance Third Party Management Procedure.
- Be the subject matter expert for the team of cyber intelligence analysts.
- Review and gather intelligence from multiple externally-hosted tools that may change from time to time to identify trends, anomalies and opportunities for remediation.
- Review alerts and large data sets from multiple externally-hosted tools and analyse and triage this to a align to a predefined risk-based model to identify risk areas of concern or further discussion.
- Develop new methods and mechanisms to extract and present impactful intelligence.
- Using the triaged data, prepare reports to articulate and inform the third party manager and key internal stakeholders on risk matters in order to inform decision making and to potentially take to the third party for reaction and follow-up.
- Drive and influence action leading to the mitigation of risk and the facilitation of safe, secure supplier engagements
- Manage the delivery of others to ensure the achievement of team goals.
- Evaluate cybersecurity related intelligence data following a risk-based model to determine and report on matters that need follow-up with the third party
- Interpret cybersecurity requirements and reasonably apply them to specific situations
- Be agile to quickly perform work when indicators are alerting to critical risks
- Articulate intelligence and risk to key stakeholders and/or customers driving understanding and influence action
- Analyse large unstructured data sets to identify trends, outliers and items for further investigation
- Succinctly communicate complex topics to non-technical audiences with little to no editorial review
- Identify opportunities for process improvement and lead their implementation
- Deliver through others, and develop, challenge and coach them to reach their goals
- Appreciate, reward and elevate great performance
- Bachelor’s degree, relevant military experience, or 4 years of relevant work experience.
- At least 4 years of experience in cybersecurity advisory, cyber architecture, or cyber third party risk management oversight.
- 4 + years experience or familiarity with industry standards or assessment methods (PCI DSS, SIG/AUP, FedRAMP, SOC2 Type 2, NIST 800-53, NIST-CSF).
- 4 + years of cybersecurity experience at a Financial Institution.
- Familiarity with cybersecurity scan vendors (Security Scorecard, Risk Recon, BitSight)Relevant certification (e.g. CISSP, CISA, CRISC, CTPRP).
If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at RecruitingAccommodation@capitalone.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.
For technical support or questions about Capital One's recruiting process, please send an email to Careers@capitalone.com
Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site.
Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).