Capital One Principal Associate Enterprise Cyber Exercises 

United States, Virginia, Arlington 

418265023

Principal Associate, Enterprise Cyber Exercises

Key Responsibilities:

• Support Exercise Leads to design and implement cyber scenarios addressing organizational risks and regulatory requirements.

• Collaborate with Cyber, Tech, and Risk Office stakeholders to identify critical risks and customize scenarios to address business-specific needs.

• Assist in crafting detailed exercise materials including facilitation slides, scripts, injects, and participant guides.

• Help facilitate discussion during tabletop exercises to engage participants and gather insight for post-exercise analysis.

• Provide logistical and technical support throughout the exercise design lifecycle, including scheduling core planning meetings, documenting observations, tracking injects, and ensuring smooth exercise execution.

• Assist in developing after-action reports (AARs), capturing key findings, lessons learned, and corrective actions.

• Contribute to the continuous improvement of the cyber exercise program by identifying opportunities for enhancement and working with Engineering SMEs to develop automation solutions.

• Stay up-to-date on emerging cyber threats, exercise methodologies, and regulatory updates to ensure Capital One cyber exercises remain relevant and impactful.

Basic Qualifications:

• Bachelor’s Degree

• At least 3 years of experience in cybersecurity or incident response

• At least 3 years of experience designing or facilitating cyber exercises, tabletop discussions, or crisis management scenarios.

• At least 2 years of experience with frameworks such as HSEEP, NIST CSF, or MITRE ATT&CK

• At least 2 years of experience in information security, business continuity, disaster recovery, or information technology concepts.

Preferred Qualifications:

• 4+ years direct exercise design and execution experience

• 4+ years of experience in cyber threat intelligence, incident response processes, and business continuity planning.

• 2+ years of experience using G-suite products (docs, slides, sheets)

• 2+ years of experience working in the financial sector or other highly regulated industries

• One or more of the following certifications: Security+, HSEEP, CISSP, CISM, CRISC, or CBCP.

• Strong organizational skills, attention to details, and ability to manage multiple priorities.

• Excellent written and verbal communication skills, including experience presenting to stakeholders and senior leadership.

McLean, VA: $127,500 - $145,500 for Prin Assoc, Cyber Risk & Analysis Richmond, VA: $115,900 - $132,200 for Prin Assoc, Cyber Risk & Analysis Plano, TX: $115,900 - $132,200 for Prin Assoc, Cyber Risk & AnalysisThis role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan.

. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.

If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.