Senior Manager, Information Security Office (ISO) Consultant
Company: Capital One
Location: Richmond
Posted on: November 13, 2024
Job Description:
Center 3 (19075), United States of America, McLean,
VirginiaSenior Manager, Information Security Office (ISO)
ConsultantAs a Capital One Information Security associate, you will
help consult Lines of Business on initiatives, programs, and
projects to raise their game and improve their cyber hygiene. You
are pragmatic and practical in your understanding of risk and
security, but also willing to know when to pull in experts and
escalate. You collaborate and innovate with other teams within
Capital One to push the envelope. You are well versed with Cloud
Service technologies like Storage Services, Security & Access
Control Management, Container Services, and API Implementation and
Management. You have experience with various Cloud computing models
to include IaaS, PaaS, and SaaS along with their architectural
differences. - Security is essential to what we do here, from
protecting our customers to our associates.The Senior Manager, ISO
Consultant will provide cyber security architecture advisory to
accelerate the data management journey at scale for businesses
operating in the cloud. In this role, the responsibilities will
include:Responsibilities:
- -Act as a central Information Security point of contact for the
Capital One Software line of business
- Coordinate and execute proactive Information Security
consulting to the business and technology teams covering
Infrastructure Security, Resiliency, Data Security, Network
Architecture and Design, and User Access Management
- Serve as an expert in Capital One's Information Security
capabilities, solutions, policies, procedures and standards
- Collaborating with enterprise cyber teams and tech architects
in building out strategy and cyber architecture leveraging modern
platforms.
- Support security architecture and implementation needs for
technology modernization efforts -
- Overseeing all cyber related dependencies across the multiple
components being built for the modernization effort.
- Influence customers to leverage security capabilities and
solutions to shift and integrate security to the left in the
development processes
- Escalate and manage cyber security risk
- Support RFP security reviews
- Provide regular updates to executive leadership with your line
of business on the overall Information Security health and risk
environment
- Work with line of business leadership to anticipate their
objectives and needs to better serve the line of business
- Support the team on collectively mapping technologies to a
standardized framework in order to identify and execute on best
practices in risk reduction through the configuration of
cybersecurity tools and platforms.
- Support the development, modification, and use of capability,
risk, or threat classification frameworks and standardization
methodologies to facilitate the conduct of correlative capability,
maturity, and effectiveness evaluations.
- Support data validation and communications on the impact of
identified operational, compliance, process, control, and tooling
gaps and potential remediation courses of action to multiple
audiences, including leadership, to support the enhancement of
their cybersecurity postures. -About You:
- You have a desire to work in a very fast moving, forward
leaning, and modern computing environment
- You have a deep passion for Securing modern computing
platforms
- You have a strong desire to continually learn about new
technologies
- You possess strong conceptual thinking and communication
skills
- You have an ability to challenge assumptions and are
comfortable raising risks to technical stakeholders and executive
leadership
- You are able to work well under minimal supervision
- You are a demonstrated leader with team-oriented interpersonal
skills and the ability to interface effectively with a broad range
of people and roles, including upper management, IT leaders, and
technology vendors
- You maintain calmness and clarity of thought under pressure and
ability to maintain confidentiality
- You have a deep understanding of strategic business objectives
and the ability to drive results toward those objectivesBasic
Qualifications:
- High School Diploma, GED or equivalent certification
- At least 6 years of experience working in cybersecurity or
information technology -
- At least 5 years of experience providing guidance and oversight
of cyber security concepts
- At least 5 years of experience performing cyber security risk
assessments or security architecture reviews
- At least 4 years of experience with cloud securityPreferred
Qualifications:
- Bachelor's Degree
- Experience designing, deploying, securing or managing
foundational AWS cloud services; to include compute, storage,
networking, and identity and access management
- Experience in building or scaling enterprise software products
-
- Experience working as an independent software vendor
- 8+ years of experience in securing a public cloud environment
(e.g. AWS, GCP, Azure)
- Professional certifications such as AWS Certified Solutions
Architect and Certified Information Systems Security Professional
(CISSP)At this time, Capital One will not sponsor a new applicant
for employment authorization, or offer any immigration related
support for this position (i.e. H1B, F-1 OPT, F-1 STEM OPT, F-1
CPT, J-1, TN, or another type of work authorization).Capital One
offers a comprehensive, competitive, and inclusive set of health,
financial and other benefits that support your total well-being.
Learn more at the -. Eligibility varies based on full or part-time
status, exempt or non-exempt status, and management level.This role
is expected to accept applications for a minimum of 5 business
days.No agencies please. Capital One is an equal opportunity
employer committed to diversity and inclusion in the workplace. All
qualified applicants will receive consideration for employment
without regard to sex (including pregnancy, childbirth or related
medical conditions), race, color, age, national origin, religion,
disability, genetic information, marital status, sexual
orientation, gender identity, gender reassignment, citizenship,
immigration status, protected veteran status, or any other basis
prohibited under applicable federal, state or local law. Capital
One promotes a drug-free workplace. Capital One will consider for
employment qualified applicants with a criminal history in a manner
consistent with the requirements of applicable laws regarding
criminal background inquiries, including, to the extent applicable,
Article 23-A of the New York Correction Law; San Francisco,
California Police Code Article 49, Sections 4901-4920; New York
City's Fair Chance Act; Philadelphia's Fair Criminal Records
Screening Act; and other applicable federal, state, and local laws
and regulations regarding criminal background inquiries.If you have
visited our website in search of information on employment
opportunities or to apply for a position, and you require an
accommodation, please contact Capital One Recruiting at
1-800-304-9102 or via email at . All information you provide will
be kept confidential and will be used only to the extent required
to provide needed reasonable accommodations.For technical support
or questions about Capital One's recruiting process, please send an
email to Capital One does not provide, endorse nor guarantee and is
not liable for third-party products, services, educational tools or
other information available through this site.Capital One Financial
is made up of several different entities. Please note that any
position posted in Canada is for Capital One Canada, any position
posted in the United Kingdom is for Capital One Europe and any
position posted in the Philippines is for Capital One Philippines
Service Corp. (COPSSC).
Keywords: Capital One, Newport News , Senior Manager, Information Security Office (ISO) Consultant, Executive , Richmond, Virginia
Didn't find what you're looking for? Search again!
Loading more jobs...