DLP Response Engineer
DLP Response Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Were excited to be looking for someone to join our Cyber Data Loss Prevention Security Operations team. As part of the overall Cyber Insider Threat & Technical Investigations organisation youll be working alongside industryleading experts providing support and driving risk reduction.
As a candidate for this role youre able to use your prior experience in working with SIEMs alerts and teams of analysts to design and build effective detections investigate cases and escalate where appropriate. You are naturally curious and stay on top of emerging trends and threats. You are not afraid to question any existing processes and solutions yet you display a keen sense of business value proposition and focus on the right priorities. You are a clear thinker thrive in working across teams and an expert in dealing with ambiguity. You believe that a core component of securitys role is to enable the business not just to secure it and the solutions you bring to life are aligned to the needs of our developer community and business partners. You thrive in working in a fast paced technologically forwardleaning environment and are not afraid to push the boundaries of security capabilities.
What youll do
Respond to DLP alerts and escalations at Capital One from our suite of DLP tooling.
Build maintain and monitor alerting surrounding DLP triggers and Insider Threats.
Assist in creating catalogs detailing response processes and procedures.
Work to help develop follow and maintain playbooks which provide a visual depiction of various operational response workflows.
Identify and enhance processes where automation has the potential to improve efficiency.
Understand technology infrastructure and operational processes in order to enable a more effective response process.
Work closely with other team members to build each others understanding up.
Work with large datasets to notice trends and opportunities giving us a datadriven approach to risk.
We are committed to creating a level playing field and seek to create teams that are representative of our customers and the communities we serve. Wed love to hear from you if you identify with a typically underrepresented group in our industry and are particularly keen to hear from women the LGBTQ community and ethnic minority candidates.
Where and how youll work
What were looking for
Expert knowledge of cyber investigations (incident response incident management alerting) preferably as part of a SOC.
Experience design and build alerting for SIEM rules before and have evaluated their effectiveness over time.
Experience of investigating internal users (insider threats).
Experience of: Python SQL and SOC alerting (preferably DLP).
Awareness of different DLP tools including nuances between channels (ie. Web Email etc).
Ability to implement critical thinking writing and briefing.
Where and how youll work
This is a permanent position based in either our London or Nottingham Head Office.
We have a hybrid working model so youll be based in our office 3 days a week on Tuesdays Wednesdays and Thursdays and can work from home on Monday and Friday.
Many of our associates have flexible working arrangements and were open to talking about an arrangement that works for you.
Whats in it for you
Bring us all this and youll be well rewarded with a role contributing to the roadmap of an organisation committed to transformation
We offer high performers strong and diverse career progression investing heavily in developing great people through our Capital One University training programmes (and appropriate external providers)
Immediate access to our core benefits including pension scheme bonus generous holiday entitlement and private medical insurance with flexible benefits available including seasonticket loans cycle to work scheme and enhanced parental leave
Openplan workspaces and accessible facilities designed to inspire and support you. Our Nottingham headoffice has a fullyserviced gym subsidised restaurant mindfulness and music rooms. In London you can heighten your mood with a run on our rooftop running track or an espresso at the Workshop Coffee caf
What you should know about how we recruit
We pride ourselves on hiring the best people not the same people. Building diverse and inclusive teams is the right thing to do and the smart thing to do. We want to work with top talent: whoever you are whatever you look like wherever you come from. We know its about what you do not just what you say. Thats why we make our recruitment process fair and accessible. And we offer benefits that attract people at all ages and stages.
We also partner with organisations including the Women in Finance and Race At Work Charters Stonewall and upReach to find people from every walk of life and help them thrive with us. We have a whole host of internal networks and support groups you could be involved in to name a few:
REACH Race Equality and Culture Heritage group focuses on representation retention and engagement for associates from minority ethnic groups and allies
OutFront to provide LGBTQ support for all associates
Mind Your Mind signposting support and promoting positive mental wellbeing for all
Women in Tech promoting an inclusive environment in tech
EmpowHER network of female associates and allies focusing on developing future leaders particularly for female talent in our industry
Capital One is committed to diversity in the workplace.
If you require a reasonable adjustment please contact All information will be kept confidential and will only be used for the purpose of applying a reasonable adjustment.
For technical support or questions about Capital Ones recruiting process please send an email to
Capital One does not provide endorse nor guarantee and is not liable for thirdparty products services educational tools or other information available through this site.
Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).
Employment Type
Full-Time
