Manager – Information Security Office Consultant
| Company | Capital One |
|---|---|
| Location | McLean, VA, USA, Richmond, VA, USA, New York, NY, USA |
| Salary | $175800 – $240800 |
| Type | Full-Time |
| Degrees | |
| Experience Level | Mid Level, Senior |
Requirements
- High School Diploma, GED or equivalent certification
- At least 4 years of experience working in cybersecurity or information technology
- At least 1 year of experience providing guidance and oversight of Security concepts
- At least 1 year of experience performing security risk assessments and security architecture reviews
- At least 1 year of experience with architecture, software design, networking, and cloud infrastructure
Responsibilities
- Act as a central Information Security point of contact for your line of business
- Coordinate and execute proactive Information Security consulting to the business and technology teams covering Infrastructure Security, Resiliency, Data Security, Network Architecture and Design, and User Access Management
- Serve as an expert in Capital One’s Information Security capabilities, solutions, policies, procedures and standards
- Influence customers to leverage security capabilities and solutions to shift and integrate security to the left in the development processes
- Escalate and manage cyber security risk
- Provide ad hoc support on special Information Security hot topics for the business
- Provide regular updates to executive leadership with your line of business on the overall Information Security health and risk environment
- Work with line of business leadership to anticipate their objectives and needs to better serve the line of business
Preferred Qualifications
- Bachelor’s Degree
- 1+ year of experience in securing a public cloud environment (e.g. AWS, GCP, Azure)
- 1+ year of experience with integrating and securing SaaS products in an Enterprise Environment
- 1+ year of experience with securing endpoints (Mac, Windows, iOS, Android)
- Experience building software utilizing public cloud (e.g. AWS, GCP, Azure)
- Familiarity with Cloud patch management practices such as system rehydration and image management
- Experience utilizing Agile methodologies
- Experience with Software Security Architecture
- Experience with Application Security
- Experience with Threat Modeling
- Experience with Penetration Testing and/or Vulnerability Management
- Experience with securing Container services
- Financial services industry experience
- Professional certifications such as AWS Certified Solutions Architect and Certified Information Systems Security Professional (CISSP)
- Experience in Offensive and/or Defensive Security techniques
- Experience in a regulated environment