Principal Associate, Cyber Controls Monitoring Analyst
Company: Capital One
Location: Mc Lean
Posted on: April 4, 2026
|
|
|
Job Description:
Principal Associate, Cyber Controls Monitoring Analyst As a
Principal Analyst within the Cyber Controls Monitoring Team (Cyber
CMT), you will operate at the intersection of GRC and engineering
to approach control assurance as a product, not a periodic
exercise. You won’t just report on data; you will build the
automated measurements of Capital One’s security posture. Your
primary responsibility is to develop, produce, and maintain
automated health metrics for Cyber controls within our enterprise
reporting platform by transforming raw telemetry data into
real-time insights that prevent security process degradation before
it becomes a significant risk. Key Responsibilities: Metric
Engineering: Collaborate with cross functional teams and execute
control walkthroughs to understand operations, identify data
sources across disparate systems, and translate control
designs/requirements into health metrics ETL Pipeline Development:
Design, develop, test, implement end-to-end data pipelines and
metrics using Python and SQL based on control requirements
Technical Troubleshooting: Manage the full lifecycle of the control
health metrics to maintain, debug, troubleshoot, and govern
production pipelines Stakeholder Engagement: Collaborate with
Control SMEs and Accountable Executives (AEs) to define metrics and
threshold logic, gain approval of control metrics, and facilitate
remediation/escalation steps upon threshold breach Continuous
Improvement: Provide recommendations for enhancing control
effectiveness and mitigating risks based on data-driven insights
Basic Qualifications: High School Diploma, GED, or equivalent
certification At least 3 years of experience in data analysis in a
compliance, audit, or risk management environment At least 2 years
of experience in data manipulation and analysis At least 2 years of
experience with SQL and Python At least 2 years of experience with
version control (Git) and Continuous integration and continuous
deployment Preferred Qualifications: Bachelor's Degree 5 years of
experience in data analysis in a compliance, audit, or risk
management environment 4 years of experience developing metrics for
a continuous controls monitoring program or a controls portfolio 4
years of experience developing config-driven data pipelines
end-to-end including analytical SQL (CTEs, window functions),
Python-based transformations (Pandas), REST API integration (OAuth,
pagination), and inline data quality validation 3 years of
experience with regulatory requirements and control frameworks
(NIST 800.53, SOX, or COSO) 3 years of experience with an
understanding of how security controls operate in practice
including control types, execution patterns, and common failure
points 3 years of experience connecting control monitoring to the
underlying risks and threat scenarios that the control is designed
to address At this time, Capital One will not sponsor a new
applicant for employment authorization, or offer any immigration
related support for this position (i.e. H1B, F-1 OPT, F-1 STEM OPT,
F-1 CPT, J-1, TN, or another type of work authorization). The
minimum and maximum full-time annual salaries for this role are
listed below, by location. Please note that this salary information
is solely for candidates hired to perform work within one of these
locations, and refers to the amount Capital One is willing to pay
at the time of this posting. Salaries for part-time roles will be
prorated based upon the agreed upon number of hours to be regularly
worked. McLean, VA: $161,800 - $184,600 for Prin Assoc, Cyber
Technical New York, NY: $176,500 - $201,400 for Prin Assoc, Cyber
Technical Richmond, VA: $147,100 - $167,900 for Prin Assoc, Cyber
Technical Candidates hired to work in other locations will be
subject to the pay range associated with that location, and the
actual annualized salary amount offered to any candidate at the
time of hire will be reflected solely in the candidate’s offer
letter. This role is also eligible to earn performance based
incentive compensation, which may include cash bonus(es) and/or
long term incentives (LTI). Incentives could be discretionary or
non discretionary depending on the plan. Capital One offers a
comprehensive, competitive, and inclusive set of health, financial
and other benefits that support your total well-being. Learn more
at the Capital One Careers website . Eligibility varies based on
full or part-time status, exempt or non-exempt status, and
management level. This role is expected to accept applications for
a minimum of 5 business days. No agencies please. Capital One is an
equal opportunity employer (EOE, including disability/vet)
committed to non-discrimination in compliance with applicable
federal, state, and local laws. Capital One promotes a drug-free
workplace. Capital One will consider for employment qualified
applicants with a criminal history in a manner consistent with the
requirements of applicable laws regarding criminal background
inquiries, including, to the extent applicable, Article 23-A of the
New York Correction Law; San Francisco, California Police Code
Article 49, Sections 4901-4920; New York City’s Fair Chance Act;
Philadelphia’s Fair Criminal Records Screening Act; and other
applicable federal, state, and local laws and regulations regarding
criminal background inquiries. If you have visited our website in
search of information on employment opportunities or to apply for a
position, and you require an accommodation, please contact Capital
One Recruiting at 1-800-304-9102 or via email at
RecruitingAccommodation@capitalone.com . All information you
provide will be kept confidential and will be used only to the
extent required to provide needed reasonable accommodations. For
technical support or questions about Capital One's recruiting
process, please send an email to Careers@capitalone.com Capital One
does not provide, endorse nor guarantee and is not liable for
third-party products, services, educational tools or other
information available through this site. Capital One Financial is
made up of several different entities. Please note that any
position posted in Canada is for Capital One Canada, any position
posted in the United Kingdom is for Capital One Europe and any
position posted in the Philippines is for Capital One Philippines
Service Corp. (COPSSC).
Keywords: Capital One, Sterling , Principal Associate, Cyber Controls Monitoring Analyst, IT / Software / Systems , Mc Lean, Virginia
