Capital One Cyber Threat Detection Security Testing Principal Associate 

United States, Virginia, Richmond 

472231802

Cyber Threat Detection (Security Testing), Principal Associate

Primary Responsibilities:

• Emphasis of this position will be in detecting MITRE ATT&CK techniques with a security testing or pentesting methodology

• Utilize offensive security testing to identify detection gaps, improve existing coverage, and scale detection capabilities across the enterprise

• Conduct detection validation, ensure alerts are tested, and manage effectiveness of processes and reporting

• Ability to conduct proactive threat research across enterprise environments using hypothesis driven methodologies

• Develop and implement best practices to identify malicious activity in a dynamic, fast-paced environment

• Understand the business drivers of the enterprise and partner with relevant stakeholders to ensure robust monitoring and expanded coverage across our hosts, networks, and applications

• Demonstrate a deep understanding of adversary techniques and emerging threats that could impact business operations

• Respond to inquiries from regulatory entities, risk management and audit teams, providing clear and complete documentation of procedures and workflows

• Experience mentoring junior engineers and contribute to a culture of continuous improvement and knowledge sharing

• Ability to articulate security risks and detection strategies to technical and executive audiences

About You:

• Extensive experience in SQL programming

• Strong understanding of attacker TTPs, red team methodologies, and translating offensive security insights into detections

• Excellent analytical, communication, and leadership skills

• Must be able to perform root cause analysis independently or collaboratively with the team

• Experience in cybersecurity detection engineering, SIEM tuning, and rule validation

• Ability to perform synthetic testing, black-box testing, and automated validation of detections

• Customer service and stakeholder engagement skills

• Strong decision-making and strategic thinking in threat detection

• Proven experience working in a Security Operation Center (SOC)

Basic Qualifications:

• High School Diploma, GED, or equivalent certification

• At least 3 years of experience in Information Technology or Cyber Security

• At least 2 years of experience with host, cloud, application, or network logs

• At least 2 years of experience developing alerts for threat detection

• At least 2 years of pentesting or offensive security experience

Preferred Qualifications:

• Bachelor's Degree

• 4+ years of experience in Threat Detection, Threat Hunting, or Security Engineering

• 4+ years of experience with data science concepts and techniques

• 4+ years of experience with Red Teaming or Penetration Testing Tools and Techniques

• 2+ years of experience with Python

• OSCP, CEH, GIAC, GCIH, GCFA, or GREM certification

McLean, VA: $158,600 - $181,000 for Prin Assoc, Cyber Technical Richmond, VA: $144,200 - $164,600 for Prin Assoc, Cyber TechnicalThis role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan.

. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.

If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.