Forensics & Incident Response Analyst

Nottingham Trent House (95002), United Kingdom, Nottingham, Nottinghamshire

At Capital One, we're building a leading information-based technology company. Still founder-led by Chairman and Chief Executive Officer Richard Fairbank, Capital One is on a mission to help our customers succeed by bringing ingenuity, simplicity, and humanity to banking. We measure our efforts by the success our customers enjoy and the advocacy they exhibit. We are succeeding because they are succeeding.

Guided by our shared values, we thrive in an environment where collaboration and openness are valued. We believe that innovation is powered by perspective and that teamwork and respect for each other lead to superior results. We elevate each other and obsess about doing the right thing. Our associates serve with humility and a deep respect for their responsibility in helping our customers achieve their goals and realize their dreams. Together, we are on a quest to change banking for good.

Forensics & Incident Response Analyst

Capital One is committed to diversity in the workplace.

Capital One is the 7th biggest bank in the U.S.A., with over $250B in assets and 60+ million customers. Within the UK, we're proud to say that we're amongst the Top 10 credit card providers, and have been phenomenally successful at specialising in providing credit cards to over 3 million UK customers for over 18 years.

Since our inception we've been a company built on bold, new ideas and an entrepreneurial spirit. Making lives better isn't an idle statement, it's our core vision, and applies to everything we do. For us, it's a no brainer. A happy customer is a loyal customer. By bringing ingenuity, simplicity, and, most importantly, humanity to the financial services industry we can succeed in delivering this goal.

In 2017, Capital One is continuing its rapid evolution to grow its business, with a determined focus on 'Accelerating the Digital Journey of Our Customers'. To that end we have evolved the previously very successful IT function into a "Technology" function with a complete focus on internally developed software and a Digital business mind-set across the board.

It is essential to maintaining our position as an industry leader and it is the responsibility of each and every employee to safeguard information, protect it from unauthorised access, and ensure regulatory compliance. Information Security Risk Management has a significant effect on privacy, consumer confidence, external reputation, and it is a priority on everyone's agenda.

The cornerstone of the Information Security defences of our digital footprint is our Cyber Security Operations Centre (CSOC) where we combine our Security Operations and Cyber Threat Intelligence (CTI) capabilities. Capital One is looking for a talented Digital Forensic Analyst with a investigation experience to join our brand new CSOC in Nottingham.

This role will provide support to key partners within Capital One by; creating and maintaining detailed documentation; planning, coordinating, and directing data recovery activities, and supporting investigations related to an incident investigation or event.

Job Scope:

  • Operate in a developing Global Cyber Security Operations Centre environment
  • Support real-time computer security incident handling and provide technical forensic examination, analysis and reporting of computer based evidence to include collecting and analysing intrusion artefacts (e.g. source code, malware, and trojans) and use discovered data to help improve the security posture of the company.
  • Maintain team tools to support incident response and forensic procedures.
  • Serve as subject matter expert and liaison to other internal investigative roles and legal groups by providing hands-on support in reviewing forensic reports and data.
  • Where appropriate, collaborate with external local, national and international incident response teams as needed.
  • Perform analysis of logs from a variety of sources within the enterprise, to include individual host logs, network traffic logs, firewall logs, and intrusion detection system logs.
  • Track and document investigations from initial detection through to final resolution including documenting requests and activities in a case management system.
  • Familiarity with laws and regulations regarding security and forensic procedures and conduct regular reviews to ensure compliance, knowledge of GDPR would be an advantage.

Required Skill Set/Experience:

  • Significant knowledge of forensic tools and procedures
  • Strong ability to analyse information and data
  • Excellent problem-solving and conceptual thinking abilities, especially with technical troubleshooting
  • Strong communication skills with the ability to develop and maintain productive working relationships across a global company and multiple lines of business
  • Ability to manage multiple simultaneous responsibilities


  • Undergraduate degree (or equivalent)
  • Significant experience in incident response and digital forensics with hands on experience gained
  • Demonstrable experience in the use of industry leading forensics products

Preferred Qualifications:

  • Undergraduate Degree in a Cyber Security related discipline
  • Cyber Computer Forensics Certification CCE, CHFI, CFCE, GCFA, GCFE, CCFP, EnCE, EnCEP, CISSP, CEH.
  • Experience with Guidance Software products
  • Experience with SEIM/SIEM tools
  • Experience investigating in a cloud environment (Amazon Web Services)

Capital One is committed to diversity in the workplace.

If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at

Meet Some of Capital One's Employees

Ryan P.

Head Of Design

Ryan and his team of designers and developers work at The Shop, a combined technology workshop and retail hub, to create meaningful financial products and services.

Emma S.

Product Manager

On Capital One’s exploratory Research and Development Group, Emma takes consumer-driven products from white space to market with innovative and interactive user-testing lab experiments.

Back to top