Cyber Protection, Threat Surface Analysis Manager

Capital One
  • Location
    McLean, Virginia
  • Sector
  • Experience
    Early Career / Mid Career
  • Posted
    Jul 09

Position description

At Capital One, we’re building a leading information-based technology company. Still founder-led by Chairman and Chief Executive Officer Richard Fairbank, Capital One is on a mission to help our customers succeed by bringing ingenuity, simplicity, and humanity to banking. We measure our efforts by the success our customers enjoy and the advocacy they exhibit. We are succeeding because they are succeeding.                                               

Guided by our shared values, we thrive in an environment where collaboration and openness are valued. We believe that innovation is powered by perspective and that teamwork and respect for each other lead to superior results. We elevate each other and obsess about doing the right thing. Our associates serve with humility and a deep respect for their responsibility in helping our customers achieve their goals and realize their dreams. Together, we are on a quest to change banking for good.



Cyber Protection, Threat Surface Analysis Manager



Capital One is looking for a passionate, motivated and intelligence-savvy Cyber Security practitioner to join our Threat Surface Analysis team as a Third Party Threat Analyst.


At Capital One, the Threat Surface Analysis (TSA) team is a proactive early warning capability that identifies and disrupts advanced internal and external cyber threats targeting business-critical infrastructure and systems, intellectual property, partners, and associates.


Threat Surface Analysis is seeking a Third-Party Threat Analyst to use intelligence and counterintelligence research, analytical, and writing skills to investigate some of Capital One’s most critical third- and fourth-party partners for potential and existing counterintelligence threats and to concisely and precisely present that analysis to our partners in Cyber and across the enterprise. 


Successful candidates in this role will have excellent critical thinking and analytic skills, the ability to collaborate across an organization, possess background knowledge of major state-backed cyber actors and their strategic goals, precise and concise writing skills, and the ability to make subtle, nuanced distinctions and analysis regarding risk and threat.



  • Use your intelligence experience to research, analyze, and write assessments on the counterintelligence risks stemming from potential and current supply chain partners

  • Partner with Cyber Threat Intelligence to maintain an understanding of nation-state actors’ strategic goals and how they pursue those goals through cyber operations

  • Partner with Information Assurance Third Party Management to ensure TSA’s intelligence products fulfil their requirements

  • Create and maintain effective working partnerships with our partners in Third Party Management

  • Use existing special tools and databases to expand TSA’s ability to provide early warning of cyber supply chain threats

  • Deliver written assessments and presentations to our partners in Cyber related to cyber counterintelligence and supply chain threats

  • Seek opportunities to innovate to deliver more precise or effective analysis, as well as operational value-add to Cyber Operations and Intelligence

  • Be a self-starter, and able to function effectively in a complex fast paced environment


  • Bachelor’s Degree or military experience

  • At least 3 years of experience in Insider Threat or Threat Intelligence in the government or private industry

  • At least 3 years of experience with cyber threat analysis and mitigations

  • At least 3 years of experience with cyber threat vectors, threat actor tactics, techniques, and procedures, as well as knowledge of the “Big Four” nation-state cyber threat actors 

  • At least 5 years of experience in conveying Cyber Security threat or other threat information to business stakeholders to influence key decisions


Preferred Qualifications:

  • Master’s Degree in fields such as Computer Science, Cyber Security, Information Systems, International Relations, and Engineering 

  • A least one Cyber Security industry certification: CISSP,CISM, CEH, SEC+ 

  • 5+  years of Insider Threat or Threat Intelligence experience

  • 5+ years of experience with cyber threat analysis and mitigations

  • Experience in conveying Cyber Security threat to business stakeholders to influence key decisions

  • Excellent oral and written communication skills

Application instructions

Please be sure to indicate that you saw this position on