Cyber Security Operations Center Analyst

McLean 1 (19050), United States of America, McLean, Virginia

At Capital One, we're building a leading information-based technology company. Still founder-led by Chairman and Chief Executive Officer Richard Fairbank, Capital One is on a mission to help our customers succeed by bringing ingenuity, simplicity, and humanity to banking. We measure our efforts by the success our customers enjoy and the advocacy they exhibit. We are succeeding because they are succeeding.

Guided by our shared values, we thrive in an environment where collaboration and openness are valued. We believe that innovation is powered by perspective and that teamwork and respect for each other lead to superior results. We elevate each other and obsess about doing the right thing. Our associates serve with humility and a deep respect for their responsibility in helping our customers achieve their goals and realize their dreams. Together, we are on a quest to change banking for good.

Cyber Security Operations Center Analyst

Capital One is looking for talented Cyber Security Analysts with traditional network security and cloud infrastructure monitoring experience to join our Cyber Security Operations Center (CSOC) in McLean, VA. The Senior Associate level CSOC Analyst position will require a deep knowledge of network protocols and infrastructure, log investigation techniques, knowledge/understanding of cloud infrastructures, and incident handling experience. Not only will you need to know about the threats to networks, applications, cloud infrastructure, and theory regarding network protocols, but also the ability to proactively identify signs of misuse and abuse using various log sources.

It is your responsibility to find the threat actors attempting to attack the Capital One infrastructure, and route out and stop any malicious actors who make it past our defenses. You will not be staring at a SIEM hoping to find the actionable alert in a sea of noise; you will not simply be following a script and escalating alerts to a tier 3 team. You will be responsible for investigations from start to finish, and for initiating your own investigations to locate malicious activity. In addition to the technical skills, you will need to be a leader, someone who enjoys training and mentoring teammates, and a person who can encourage and elevate the team.

Basic Qualifications:

  • Bachelor's Degree
  • At least 2 years of experience conducting Cyber Security investigations into network, cloud, and application activity
  • At least 2 years of experience using system, cloud, application, and network logs to identify the root cause of issues
  • At least 2 years of experience interpreting, and identifying abuse in, routed and routing protocols, cloud, and application traffic
  • At least 2 years of experience with PCAP analysis, including extracting files and content from PCAPs, identifying gzipped content, base64 detection, cloud based investigations, and cloud network traffic analysis

Preferred Qualifications:
  • Bachelor's Degree in Information Technology, Cyber Security, Computer Science
  • 3+ years of experience conducting Cyber Security investigations into network and application activity
  • 2+ years of experience working in a Security Operations Center (SOC)
  • 2+ years of experience working with SIEMs and evaluating SIEM alerts
  • 2+ years of experience leveraging core security, cloud, and infrastructure technologies during investigations (e.g. firewall logs, network security tools, malware detonation devices, proxies, IPS/IDS)
  • Security+ or C|EH certified
  • SANS GIAC 503 or 504 Certifications
  • AWS Security Certification

At this time, Capital One will not sponsor a new applicant for employment authorization for this position.

Meet Some of Capital One's Employees


Senior Manager, Software Engineering

Jyotisana manages five teams who simultaneously work on internal and external technology projects in areas from communication to customer service.


Senior Manager, Data Science

Abhishek and his team work horizontally to support other business teams by building tools they can leverage to make more efficient use of their time.

Back to top