Principal Associate - Detection Engineering
Company: Capital One
Location: Mc Lean
Posted on: April 3, 2026
|
|
|
Job Description:
Principal Associate - Detection Engineering Capital One’s Cyber
Organization is a fast-paced, dynamic environment committed to
enabling and securing the business. Our Cyber Operations &
Intelligence division is searching for an experienced Individual
Contributor (IC), Principal Associate to contribute to our
Detection Engineering team. In this role, you will be responsible
for solving hard problems using cutting edge technology in the
areas of security testing, engineering, alert development, and
monitoring. Primary Responsibilities: AI-Driven Detection &
Engineering: Leverage LLMs and machine learning to automate
detection logic, summarize complex attack chains, and reduce false
positives. Detection-as-Code (DaC): Lead the design and maintenance
of detection rules using DaC methodologies, utilizing GenAI
assistants to accelerate development and unit testing. Strategic
Architecture: Drive the integration of data science concepts into
threat detection and utilize the MITRE ATT&CK framework to
visualize and close coverage gaps. Offensive Alignment & Hunting:
Conduct hypothesis-driven threat research and apply a deep
understanding of Red Team methodologies to translate attacker TTPs
into high-fidelity detections. Stakeholder & Risk Management:
Partner with business leaders to ensure robust monitoring across
cloud, network, and applications while ensuring all documentation
meets strict fintech compliance and audit standards. Mentorship:
Serve as a technical bar-raiser, mentoring junior engineers on both
traditional security concepts and emerging AI-driven workflows.
Ability to conduct proactive threat research across enterprise
environments using hypothesis driven methodologies Develop and
implement best practices to identify malicious activity in a
dynamic, fast-paced environment Understand the business drivers of
the enterprise and partner with relevant stakeholders to ensure
robust monitoring and expanded coverage across our hosts, networks,
and applications. Demonstrate a deep understanding of adversary
techniques and emerging threats that could impact business
operations Respond to inquiries from regulatory entities, risk
management and audit teams, providing clear and complete
documentation of procedures and workflows Experience mentoring
junior engineers and contribute to a culture of continuous
improvement and knowledge sharing Ability to articulate security
risks and detection strategies to technical and executive audiences
About you: Previous experience with a detection engineering, threat
detection, or detection operations team Extensive experience in SQL
Strong understanding of attacker TTPs, red team methodologies, and
translating offensive security insights into detections Excellent
analytical, communication, and leadership skills Must be able to
perform root cause analysis independently or collaboratively with
team Customer service and stakeholder engagement skills Strong
decision-making and strategic thinking in threat detection Basic
Qualifications: High School Diploma, GED, or equivalent
certification At least 3 years of experience in Information
Technology or Cyber Security At least 2 years of experience with
host, cloud, application or network logs At least 2 years of
experience developing alerts for threat detection At least 2 years
of penetration testing or offensive security experience Preferred
Qualifications: Bachelor’s Degree in Information Technology, Cyber
Security or Computer Science or similar programs 4 years of
experience in Threat Detection, Threat Hunting, or Security
Engineering 4 years of experience with data science concepts and
techniques 4 years of experience with Python 1 years of experience
in publishing code to GitHub GCIA, GCIH, CISSP, GMON, GREM, GCTD,
MLE, OR Cloud (GCP, AWS) certifications At this time, Capital One
will not sponsor a new applicant for employment authorization, or
offer any immigration related support for this position (i.e. H1B,
F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN, E-2, E-3, L-1 and O-1, or
any EADs or other forms of work authorization that require
immigration support from an employer). The minimum and maximum
full-time annual salaries for this role are listed below, by
location. Please note that this salary information is solely for
candidates hired to perform work within one of these locations, and
refers to the amount Capital One is willing to pay at the time of
this posting. Salaries for part-time roles will be prorated based
upon the agreed upon number of hours to be regularly worked.
McLean, VA: $161,800 - $184,600 for Prin Assoc, Cyber Technical
Richmond, VA: $147,100 - $167,900 for Prin Assoc, Cyber Technical
Candidates hired to work in other locations will be subject to the
pay range associated with that location, and the actual annualized
salary amount offered to any candidate at the time of hire will be
reflected solely in the candidate’s offer letter. This role is also
eligible to earn performance based incentive compensation, which
may include cash bonus(es) and/or long term incentives (LTI).
Incentives could be discretionary or non discretionary depending on
the plan. Capital One offers a comprehensive, competitive, and
inclusive set of health, financial and other benefits that support
your total well-being. Learn more at the Capital One Careers
website . Eligibility varies based on full or part-time status,
exempt or non-exempt status, and management level. This role is
expected to accept applications for a minimum of 5 business days.
No agencies please. Capital One is an equal opportunity employer
(EOE, including disability/vet) committed to non-discrimination in
compliance with applicable federal, state, and local laws. Capital
One promotes a drug-free workplace. Capital One will consider for
employment qualified applicants with a criminal history in a manner
consistent with the requirements of applicable laws regarding
criminal background inquiries, including, to the extent applicable,
Article 23-A of the New York Correction Law; San Francisco,
California Police Code Article 49, Sections 4901-4920; New York
City’s Fair Chance Act; Philadelphia’s Fair Criminal Records
Screening Act; and other applicable federal, state, and local laws
and regulations regarding criminal background inquiries. If you
have visited our website in search of information on employment
opportunities or to apply for a position, and you require an
accommodation, please contact Capital One Recruiting at
1-800-304-9102 or via email at
RecruitingAccommodation@capitalone.com . All information you
provide will be kept confidential and will be used only to the
extent required to provide needed reasonable accommodations. For
technical support or questions about Capital One's recruiting
process, please send an email to Careers@capitalone.com Capital One
does not provide, endorse nor guarantee and is not liable for
third-party products, services, educational tools or other
information available through this site. Capital One Financial is
made up of several different entities. Please note that any
position posted in Canada is for Capital One Canada, any position
posted in the United Kingdom is for Capital One Europe and any
position posted in the Philippines is for Capital One Philippines
Service Corp. (COPSSC).
Keywords: Capital One, Bethesda , Principal Associate - Detection Engineering, IT / Software / Systems , Mc Lean, Maryland
