דרושים Dir Information Security Officer ב-Capital One ב-United States, Arlington

Security Operations Specialist I, Principal Coordinator

Responsibilities:

• Respond to incoming security concerns and track outcomes.

• Monitor a wide network of security alarms and cameras to identify and resolve threats

• Synthesize large amounts of information quickly

• Create a comprehensive records of security-related incidents

• Coordination of routine and critical incident communications

• Understand the proper use of security related tools and procedures

• Escalate to supervisors when appropriate

• Implement security and access control procedures

Basic Qualifications:

• At least 3 years of experience with customer service

• At least 1 year of security operations experience

• At least 1 year of experience with Microsoft Office or Google Suite

Preferred Qualifications:

• 3+ years of experience in the security field

• 1+ year of experience with emergency communication operations

• 1+ year of experience with situational awareness tools (ex: NC4, VCC)

McLean, VA: $62,500 - $71,300 for Prin Coord, Security Services

. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.

If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.

Principal Associate, Workplace Security - Global Workplace Services

The ideal candidate should:

• Demonstrate exceptional communication and interpersonal skills across levels, driving action and decisions that are grounded, clear and concise, and influence outcomes

• Possess the skill to not only prioritize multiple tasks concurrently, avoiding compromising quality, efficiency, and impact, consistently delivering high-value outcomes

• Adapts to change, embraces bold ideas, and is intellectually curious. Likes to ask questions, test assumptions, and challenge conventional thinking.

• Learn how to navigate the organization, anticipate and address concerns with fact-based options

• Be autonomous in role, demonstrate in-depth safety and security knowledge, and provide lift for team by apply and sharing expertise

• Appropriately discern and manage information, synthesize multiple data points, and be comfortable working in white space

• Act with integrity, model growth mindset behavior, and consistently prioritize the “big picture” over self-interest

• Grounds severity of issues, recommends practical solutions, and adapts as priorities shift

• Fosters collaboration, motivates others, and leverages team strengths to drive shared success

• Have a passion for safety and security and how it influences culture and the environment

• Thrive in a fast-paced environment that involves working independently and collaborating with others

• Manage escalated and crisis situations with calm resolve and well managed counsel

Operational Excellence

• Oversee day-to-day safety and security operations for corporate sites within area of responsibility, to include managing third-party security providers responsible for guard services and physical security

• Oversee safety and security incidents, serve as the point of contact between security, and provide security consulting for internal customers

• Leverage and analyze data to assess and determine security and safety trends while developing and deploying risk mitigation strategies

• Conduct regional vulnerability assessments that ensure Capital One LOBs and corporate facilities are compliant with corporate standards, industry requirements and regulations pertaining to safety and security

• Collaborate with security and workplace service teams to align corporate site and security objectives, and support evolving business needs

• Plan and oversee security for corporate events, including risk assessments, resource coordination, and on-site support to ensure safe and secure environments

• Partner closely with the Senior Manager of Workplace Security and extended Global Workplace Services team to execute against strategic operational objectives

• Implement and lead life safety programming, including emergency drills, training, and preparedness initiatives, to ensure safety and regulatory compliance

Project & Program Management

• Lead and contribute to multi-stakeholder projects and initiatives, with a clear focus on outcomes, aligning objectives with organizational priorities and regional needs

• Drive projects based on defined priorities; ensure scope of deliverables, timelines and budget are met; identify risks and issues and mitigate and / or escalate as needed

• Proactively identify and mitigate risks and issues, escalating to stakeholders as needed and proposing solutions

Relationship & Partnership Management

• Maintain relationships with law enforcement, fire departments, subject matter experts and relevant industry professionals

• Build and maintain strong relationships with key partners (i.e. Facilities, Security Tech, GSOC, Executive Protection, etc)

• Serve as a key liaison with internal stakeholders and business partners needing real-time safety and security support

• Understand customer and stakeholders needs, seek feedback, and deliver solutions that simplify and enhance the customer experience

Basic Qualifications:

• Bachelor’s degree or military experience

• At least 5 years of corporate security, safety and security operations, threat management, law enforcement or combination of equivalent experience

• At least 4 years of program or project management experience

Preferred Qualifications:

• Certified Protection Professional (CPP) or Physical Security Professional (PSP)

• At least 7 years of safety and security operations, security consulting, law enforcement leadership experience

• At Least 7 years managing safety and security operations across multiple locations

• At least 5 years experience with security technology and related systems to include access control, alarms, and CCTV camera systems

McLean, VA: $102,700 - $117,200 for Pr Associate, Security ServicesThis role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan.

. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.

If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.

Senior PKI Security Engineer

Key Responsibilities:

• Lead or participate in complex or high-severity troubleshooting and incident resolution with infrastructure teams and vendors

• Analyze, design, and implement PKI, certificate, and security solutions

• Translate business needs into effective technology solutions for internal customers

• Act as a project lead or team member on PKI, certificate, and security-related projects

• Monitor and resolve all levels of PKI and Certificate incident queue issues

• Create, review, approve, and implement changes to the PKI and Certificate environment

• Analyze the current PKI and Certificate environment to identify and resolve technical and operational challenges

• Lead complex PKI and Certificate incidents, changes, or upgrades

• Represent the Crypto Services team on global incident management calls, interacting with technical teams, customers, and vendors

• Analyze data and identify trends for root cause analysis and service improvement

• Participate in capacity planning, performance monitoring, and maintenance to ensure high availability and proactively identify service improvement opportunities

• Lead PKI and Certificate efforts for periodic disaster recovery exercises

• Effectively communicate technical challenges to both technical and non-technical audiences

• Participate in an off-hours on-call support rotation

Basic Qualifications:

• High School Diploma, GED or equivalent certification

• At least 3 years of Information Technology experience

• At least 2 years of experience with Public Key Infrastructure (PKI) certificate

• At least 2 years of experience with certificate management protocols

• At least 2 years of experience with Online Certificate Status Protocol (OCSP) and Certificate Revocation Lists (CRLs)

Preferred Qualifications:

• Bachelor's degree

• AWS Certification

• 2+ years of experience in Python

• 3+ years of Entrust PKI experience

• 3+ years of Multi-Factor Authentication (MFA) experience

• 3+ years of UNIX experience

At this time, Capital One will not sponsor a new applicant for employment authorization for this position.At this time, Capital One will not sponsor a new applicant for employment authorization, or offer any immigration related support for this position (i.e. H1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN, E-2, E-3, L-1 and O-1, or any EADs or other forms of work authorization that require immigration support from an employer).

McLean, VA: $158,600 - $181,000 for Prin Assoc, Cyber Technical New York, NY: $173,000 - $197,400 for Prin Assoc, Cyber Technical Plano, TX: $144,200 - $164,600 for Prin Assoc, Cyber Technical Richmond, VA: $144,200 - $164,600 for Prin Assoc, Cyber Technical San Jose, CA: $173,000 - $197,400 for Prin Assoc, Cyber TechnicalThis role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan.

. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.

If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.

Responsibilities:

• Be a leader at a premiere technology and financial services company

• Lead a team of Product Security advisory professionals, responsible for Divisional cyber strategy integration and execution, identification and management of risk for top business initiatives and technology platforms, threat and vulnerability management, incident management, supply chain cyber risk management, cyber risk oversight and reporting.

• Deliver Cyber agenda and integration of Information Security within business objectives for line of business area

• Serve as the central point of contact for your line of business technology executives into Capital One’s Cyber risk management priorities

• Educate and influence executive leadership and associates to effectively leverage security capabilities and solutions to mitigate risks and emerging threats

• Provide security expertise on prioritizing and managing information security risks and initiatives

• Escalate and manage cyber security risk

• Provide regular updates to executive leadership with your line of business on the overall information security health and risk environment

• Work with business leadership to anticipate their objectives and needs to better serve them

• Be an advocate for security and an advocate for the business and digital innovation. Instills a culture that works toward the highest standards in cyber (safeguard the business) while ensuring that business requirements are understood and adhered to (enabling the business).

• Plays a key leadership role within Cyber’s community of leaders, drives innovation activity as an outcome; partner extensively with other Cyber and Technology organizations to derive solutions enabling industry leading products

• Build relationships and influence with risk management functions across lines of defense

• Become knowledgeable and advise on Capital One’s Cyber’s services, policies, procedures and standards

• Staying current on the changing regulatory environment and understanding the impacts to the organization

• Recruits, develops, and retains top talent, and uses excellent people leadership skills.

• Build your team to provide top-notch information security and risk management expertise and guidance

About You:

• You are a demonstrated leader with team-oriented interpersonal skills and the ability to interface effectively with a broad range of people and roles, including business executives, technology leaders, and enterprise suppliers

• You are a focused individual who thrives in a fast-paced, dynamic, and collaborative team environment.

• You have a deep passion for securing forward leaning, modern computing platforms

• You have intuitive knowledge and experience with Offensive and Defensive Security techniques

• You are comfortable with technologies and innovation including, Generative AI, Data Lakes, Cloud Services, Containers, Microservices, Serverless, APIs, DevOps, Encryption and Zero Trust

• You have a strong desire to continually learn about new technologies

• You enjoy leveraging your engineering experience to problem solve and continually learn new technology concepts to solve issues.

• You display strong judgment, data/risk based decisioning, leadership, integrity, and communication skills.

• You are able to tailor communications and analysis to the intended audience.

• You have a passion and expertise in cybersecurity, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions.

• You maintain calmness and clarity of thought under pressure and ability to maintain confidentiality

• You are able to work well under minimal supervision

• You have a deep understanding of strategic business objectives and the ability to drive results toward those objectives

• You have the ability to describe the risks of a security exposure or vulnerability in business-impact terms

Basic Qualifications:

• Bachelor's degree

• At least 9 years of experience in Information Security

• At least 7 years of experience in people management

• At least 5 years of experience with cyber policies, standards, and procedures

• At least 5 years of experience in securing public cloud environments and services (AWS, GCP, Azure)

Preferred Qualifications:

• Masters degree or PhD in Computer Science, Information Systems, or Engineering

• 10+ years experience in technology and cybersecurity risk

• 8+ years experience in leading applications security, vulnerability management and incident response

• 8+ years experience performing security risk assessments

• 5+ years experience in security automation and integrating security into software development pipelines

• 5+ years experience working with industry frameworks and compliance requirements (NIST CSF, FFIEC CAT, CIS RAM, FAIR, PCI DSS)

• 3+ years experience with information technology audit or compliance management

• 2+ years in payment security including securing digital payments and payment cryptography

• 2+ years experience utilizing agile methodologies within DevOps environments

• Industry-recognized professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), AWS Certified Solutions Architect, Certified Information Security Manager (CISM)

• 4+ years experience in a regulated environment

• 2+ years experience in financial services industry

McLean, VA: $308,700 - $352,300 for Sr. Dir, Cyber Technical Plano, TX: $280,600 - $320,200 for Sr. Dir, Cyber Technical Richmond, VA: $280,600 - $320,200 for Sr. Dir, Cyber TechnicalThis role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan.

. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.

If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.

Dir, Information Security Officer

Director, Information Security Officer, you will lead security for one of our key lines of business. You will work with business and technology partners to achieve goals and objectives in a secure manner with a heavy forward lean on modern software and technology architectures. At Capital One, you will help advise on strategic initiatives, programs, and projects to create business value in a risk-based and agile manner. You will build and lead a team of talented and experienced Information Security professionals delivering product security advisory services to a line of business portfolio. You are pragmatic and practical in your understanding of security and associated risks, but also willing to know when to collaborate with experts and escalate as required. You believe in making the secure way easy and see yourself as an advocate in the value of data driven business decisions and products. You are comfortable with modern software, big data ecosystems, and cloud based technologies as well as associated protective methods.

Responsibilities:

• Be a leader at a premiere technology and financial services company

• Build cybersecurity strategy tailored for the line of business, partnering closely with business leaders, the Divisional CIO, and cybersecurity leaders across the company.

• Lead a team of Product Security advisory professionals, responsible for Divisional cyber strategy integration and execution, identification and management of risk for top business initiatives and technology platforms, threat and vulnerability management, incident management, supply chain cyber risk management, cyber risk oversight and reporting.

• Deliver Cyber agenda and integration of Information Security within business objectives for line of business area

• Serve as the central point of contact for your line of business technology executives into Capital One’s Cyber risk management priorities

• Educate and influence executive leadership and associates to effectively leverage security capabilities and solutions to mitigate risks and emerging threats

• Provide security expertise on prioritizing and managing information security risks and initiatives

• Escalate and manage cyber security risk

• Provide regular updates to executive leadership with your line of business on the overall information security health and risk environment

• Work with business leadership to anticipate their objectives and needs to better serve them

• Plays a key leadership role within Cyber’s community of leaders, drives innovation activity as an outcome; partner extensively with other Cyber and Technology organizations to derive solutions enabling industry leading products

• Build relationships and influence with risk management functions across lines of defense

• Become knowledgeable and advise on Capital One’s Cyber’s services, policies, procedures and standards

• Staying current on the changing regulatory environment and understanding the impacts to the organization

• Recruits, develops, and retains top talent, and uses excellent people leadership skills.

• Build your team to provide top-notch information security and risk management expertise and guidance

About You:

• You are a demonstrated leader with team-oriented interpersonal skills and the ability to interface effectively with a broad range of people and roles, including business executives, technology leaders, and enterprise suppliers

• You are a focused individual who thrives in a fast-paced, dynamic, and collaborative team environment.

• You have a deep passion for securing forward leaning, modern computing platforms

• You are comfortable with technologies and innovation including Generative AI, Data Lakes, Cloud Services, Containers, Microservices, Serverless, APIs, DevOps, Encryption and Zero Trust

• You have a strong desire to continually learn about new technologies

• You enjoy leveraging your engineering experience to problem solve and continually learn new technology concepts to solve issues.

• You display strong judgment, data/risk based decisioning, leadership, integrity, and communication skills.

• You are able to tailor communications and analysis to the intended audience.

• You have a passion and expertise in cybersecurity, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions.

• You maintain calmness and clarity of thought under pressure and ability to maintain confidentiality

• You are able to work well under minimal supervision

• You have a deep understanding of strategic business objectives and the ability to drive results toward those objectives

• You have the ability to describe the risks of a security exposure or vulnerability in business-impact terms

Basic Qualifications:

• Bachelor's degree

• At least 7 years of experience in Information Security

• At least 5 years of experience in people management

• At least 5 years of experience with cyber policies, standards, and procedures

• At least 5 years of experience in securing public cloud environments and services (AWS, GCP, Azure)

Preferred Qualifications:

• Masters degree or PhD in Computer Science, Information Systems, or Engineering

• 10+ years experience in information technology and cybersecurity

• 7+ years experience in leading applications security, vulnerability management and incident response

• 7+ years experience performing security risk assessments

• 5+ years experience working with industry frameworks and compliance requirements (NIST CSF, FFIEC CAT, CIS RAM, FAIR, PCI DSS)

• 2+ years experience utilizing agile methodologies within DevOps environments

• Industry-recognized professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), AWS Certified Solutions Architect, Certified Information Security Manager (CISM)

• 4+ years experience in a regulated environment

• 2+ years experience in financial services industry

• 2+ years of experience with modern Payment network security technologies

• 2+ years of experience in security integration for Mergers and Acquisitions

Chicago, IL: $239,900 - $273,800 for Director, Cyber Technical McLean, VA: $263,900 - $301,200 for Director, Cyber Technical New York, NY: $287,800 - $328,500 for Director, Cyber TechnicalThis role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan.

. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.

If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.

Manager, Information Security Office Consultant

Responsibilities:

• Act as a central point of contact for your line of business to the rest of Capital One’s Information Security and Risk Management

• Coordinate and execute proactive Information Security consulting to the business and technology teams covering Infrastructure Security, Resiliency, Data Security, Network Architecture and Design, and User Access Management

• Serve as an expert in Capital One’s Information Security capabilities, solutions, policies, procedures and standards

• Influence customers to leverage security capabilities and solutions to shift and integrate security to the left in the development processes

• Escalate and manage cyber security risk

• Provide ad hoc support on special Information Security hot topics for the business

• Provide regular updates to executive leadership with your line of business on the overall Information Security health and risk environment

• Work with line of business leadership to anticipate their objectives and needs to better serve the line of business

About You:

• You have a desire to work in a very fast moving, forward leaning, and modern computing environment

• You have a deep passion for Securing modern computing platforms

• You have a strong desire to continually learn about new technologies

• You possess strong conceptual thinking and communication skills

• You are able to work well under minimal supervision

• You are a demonstrated leader with team-oriented interpersonal skills and the ability to interface effectively with a broad range of people and roles, including upper management, IT leaders, and technology vendors

• You maintain calmness and clarity of thought under pressure and ability to maintain confidentiality

• You have a deep understanding of strategic business objectives and the ability to drive results toward those objectives

Basic Qualifications:

• High School Diploma, GED, or equivalent certification

• At least 4 years of experience providing guidance and oversight of Security concepts

• At least 3 years of experience performing security risk assessments and security architecture reviews

• At least 3 years of experience with Architecture design, software design, networking or Cloud infrastructure

Preferred Qualifications:

• Bachelor’s Degree

• 6+ years of experience with Architecture design, software design, networking or Cloud infrastructure

• 4+ years of experience in securing a public cloud environment (AWS, GCP, or Azure)

• 2+ years of experience utilizing Agile methodologies

• 2+ years of experience in Enterprise Monitoring

• 2+ years of experience with technologies supporting finance, fintech, banking, payment cards, or a related domain

• 2+ years of experience with web and mobile application security, and solid understanding of the OWASP Top Ten

• 2+ years of experience with security testing, such as penetration testing, red teaming, vulnerability scanning, SAST and DAST

• 2+ years of scripting or programming experience (Python, SQL, PHP, PowerShell)

• Professional certifications such as AWS Certified Solutions Architect or Certified Information Systems Security Professional (CISSP)

McLean, VA: $193,400 - $220,700 for Manager, Cyber Technical New York, NY: $211,000 - $240,800 for Manager, Cyber Technical Richmond, VA: $175,800 - $200,700 for Manager, Cyber TechnicalThis role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan.

. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.

If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.

Manager, Security Operations

Manager, Security Operations. The Manager, Security Operations will serve as the physical security subject matter expert supporting Capital One’s Retail Line of Business, which includes more than 300 locations throughout the United States. The successful candidate will possess the following:

• Strategic thinker

• Problem-solving and leadership skills

• A deep understanding of risk management

• Detail oriented and proactive in effectively managing security incidents

• Highly collaborative to build trusted relationships with internal and external stakeholders

• Effective communication skills, both written and verbal

• Project management skills

• Organizing and planning skills

• Ability to work independently as a member of the Retail Security team with responsibility for the Washington, DC, Virginia, and Maryland markets.

• Be flexible and adaptable

Key Responsibilities:

• Provide strategic consultation and solutions that mitigate physical and safety risks on local, regional and enterprise levels.

• Design, develop, and execute controls, tests, and programs to ensure Capital One retail locations are compliant with physical security requirements, exceed industry standards, and meet all necessary regulations to include the Bank Protection Act (BPA) ensuring the safety and security of associates, contractors, and customers.

• Proactively identify and mitigate risk.

• Quickly respond to and manage security incidents.

• Successfully manage security projects and initiatives.

• Partner with internal and external stakeholders, creating robust, trusted relationships to deliver the best in class safety and physical security program.

• Create proactive plans to engage and secure senior management alignment for safety and security initiatives that support the Retail business model and maintain business continuity.

• Partner with the Life Safety team, Retail Operations and other stakeholders to deliver training programs to educate Retail associates on security best practices and protocols.

• Actively participate in stakeholder and leadership meetings with clear and organized communication to provide physical security and incident response subject matter expertise.

• Deploy and manage contract guard resources within the assigned Area of Responsibility.

• Review and analyze data to assess and determine security and safety trends while developing and deploying risk mitigation strategies.

• Manage escalated and crisis situations with calm resolve and well managed counsel.

• Build and maintain partnerships with law enforcement, subject matter experts, and relevant industry professionals.

This role will require travel within the United State at approximately 20% of the time. You will also work in an on-call status outside normal business hours and weekends.

Basic Qualifications:

• Bachelor’s Degree or military experience

• at least 7 years of experience in multi-site retail security, physical security, or law enforcement with a proven track record of managing security operation

• At least 7 years of experience building and leveraging relationships with law enforcement, industry, and physical security subject matter experts

• at least 3 years in a leadership role

• at least 5 years experience with security design and build protocols and best practices

Preferred Qualifications:

• Industry certifications such as CPP, PSP, or similar

• 8+ years law enforcement experience or liaison/engagement experience with law enforcement

• 5+ years experience executing tabletop exercises, rehearsal of concept drills, mock exercises, or similar

• 5+ years experience with security technology and related systems to include access control, alarms, and CCTV camera systems

McLean, VA: $126,700 - $144,600 for Manager, Security ServicesThis role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan.

. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.

If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.