Senior Cyber Threat Monitoring Engineer

Capital One
McLean, Virginia, United States
May 25, 2023
Jun 24, 2023
Full Time
Center 1 (19052), United States of America, McLean, Virginia

Senior Cyber Threat Monitoring Engineer

Capital One is a diversified bank that offers a broad array of financial products and services to consumers, small business and commercial clients. We nurture a work environment where people with a variety of thoughts, ideas and backgrounds, guided by our shared values, come together to make Capital One a great company and a great place to work.

Security is essential to what we do at Capital One, from protecting our customers to our associates. As part of the Information Security Officer team for a line of business, you are passionate about security monitoring and risk management. You see security as an enabler and differentiator to enable the business through innovation, not a step in the compliance process. You work with the business to help them achieve security monitoring in an efficient and cost effective manner. You are pragmatic and practical in your approach to security monitoring, but also willing to know when to pull in experts and escalate. You collaborate and innovate with other teams within Capital One to push the envelope.

  • Participate in Threat Surface analysis and monitoring use case development across divisional business applications
  • Partner with business application teams to assess their logging capabilities to enable new monitoring/alerting features. Assist with onboarding to security monitoring platforms
  • Develop, test and deploy alerting capabilities
  • Drive the development of playbooks that enable alerting response in a manner consistent with enterprise incident management standards
  • Monitor alerts generated and engage in incident and case management process to drive remediation and root cause analysis activities
  • Participate in on-call rotation as needed to respond to alerts outside normal business hours
  • Create reporting for division's monitoring program to provide insight into performance and threat trends

About You:
  • You have a desire to work in a very fast moving, forward leaning, modern computing environment
  • You have a strong desire to continually learn and innovate
  • You are a strong conceptual thinker
  • You can work well under minimal supervision
  • You have team-oriented interpersonal skills and the ability to interface effectively with a broad range of people, roles, and levels of management
  • You have strong written and verbal communication skills
  • You maintain calmness and clarity of thought under pressure and demonstrate the ability to maintain confidentiality
  • You have a deep understanding of strategic business objectives and the ability to drive results toward those objectives

Basic Qualifications:
  • High School Diploma, GED, or equivalent certification
  • At least 4 years of experience conducting Cyber Security investigation and documentation
  • At least 4 years of experience working Standard Query Language Queries and SIEM Technologies
  • At least 4 years of experience with system, cloud, application and network logs
  • At least 3 years of experience using scripting or computer programming languages (Bash, PowerShell, Python)
  • At least 4 years of experience analyzing and identifying network traffic
  • At least 1 year experience in developing Cybersecurity Alerting playbooks for web-based applications
  • At least 1 year experience working Cybersecurity frameworks (OWASP, NIST, MITRE ATT&CK)

Preferred Qualifications:
  • 5+ years of experience conducting Cyber Security investigations into network and application activity
  • 5+ years of experience working in a Security Operations Center (SOC)
  • 5+ years of experience administering or investigating Mac OS, Linux OS
  • 5+ years of experience leveraging core security, cloud, and infrastructure technologies during investigations
  • 5+ years of experience application development
  • One or more of the following certifications (CISSP, CISM, CCSP, Security+, CEH, SANS GIAC 503 or 504, AWS Security Specialty, OSCP, OSWE)

At this time, Capital One will not sponsor a new applicant for employment authorization for this position.

Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.

No agencies please. Capital One is an Equal Opportunity Employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex, race, color, age, national origin, religion, physical and mental disability, genetic information, marital status, sexual orientation, gender identity/assignment, citizenship, pregnancy or maternity, protected veteran status, or any other status prohibited by applicable national, federal, state or local law. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries.

If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.

For technical support or questions about Capital One's recruiting process, please send an email to

Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site.

Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).

Similar jobs