Cyber Security Threat Intelligence Analyst

About this role

Capital One is looking for a talented Cyber Security Threat Intelligence Analyst to join our Active Defense team.

This role plays an integral part in protecting our customers, our associates, and our brand. The team it belongs to helps identify, track, and collect adversarial tactics, techniques, and procedures (TTPs), and indicators of compromise.

The role is very much involved in the fight against threats and by identifying and responding to malpractices such as brand impersonations, spoofed domains, and phishing attempts, it aides with our strides toward program maturity.  Other areas of responsibility are assisting in tactical investigations, operational planning and communicating that information in a meaningful way with partners, stakeholders, and leadership. 

The position requires technical knowledge of network protocols and infrastructure, understanding of cloud infrastructures, and cyber threats to those networks, and applications. We are looking for the ability to work cross-functionally and understanding of how to produce intelligence products to support business requirements that allows us to proactively identify areas for cooperation. We are looking for a candidate with excellent communication skills, which allows for the effective managing or triaging of collection workflows.

This role sits as part of an exciting and dynamic environment and will play a key role in building detections designed to defend Capital One brand, systems and data.

What you’ll do

• Produce intelligence products analyzing cyber adversary trends and the impact to Capital One’s consumer products and defenses

• Proactively monitor, collect and leverage intelligence from external data sources gather intelligence from deep and dark web, and other OSINT sources

• Assist countermeasures development through integration of threat intelligence and operational data.

• Create and iterate on workflows synthesizing data from sources such as malware infections, cyber attack patterns, and closed and open-source intelligence

• Connect with stakeholders; understand their priority needs for collaboration 

What we’re looking for What we’re looking for

• Experience producing intelligence products to combat cyber threats or conducting investigations into cybercrime, or advanced persistent threats

• Experience in evaluating cyber adversaries, technical indicators of compromise (IOCs), and cyber tactics, techniques and procedures (TTPs)

• Experience with vendors and external resources used to collect cyber intelligence in the financial services space

• Experience collecting against intelligence requirements and applying intelligence cycle principles to cyber threat analysis

• Experience with cloud concepts and resources (AWS, Azure, Google Cloud Platform)

• Experience analyzing attack vectors such as account takeovers, synthetic account creation, malware infections, phishing kits, and session or cookie hijacking

• Experience performing OSINT Social Media research

• Ability to understand computer networking concepts