Capital One
Sr. Cyber Cloud Security Engineer
Capital One, Richmond, Virginia, United States, 23214
Center 3 (19075), United States of America, McLean, VirginiaSr. Cyber Cloud Security Engineer
Capital One is seeking a technical expert in Cloud Security to execute on cyber strategy, while playing a key role in assessing, challenging and advising on infrastructure, platform, and software services in the cloud.The Ideal candidate will display a strong understanding of industry best practices in the Cloud including governance, engineering, architecture and networking. You will collaborate closely with associates in Cyber, Technology, the lines of Business, and risk management offices. You will evaluate and make recommendations to bolster and secure Capital One's cloud governance, engineering, architecture and on fun controls and practices. In addition, you will provide recommendations to teams regarding ways to safeguard Capital One's Information Assets by contributing to the identification, analysis, solutioning of new or emerging cyber-based threats impacting our cloud environments. You believe that a core component of security's role is to enable the business, not just to secure it, and the solutions you bring to life are aligned to the needs of our developer community and business partners. You thrive in working in a fast paced, technologically forward leaning environment and are not afraid to push the boundaries of security capabilities. You feel at home in the cloud and are an expert in delivering cloud-native security solutions.In this role you will:Design, architect, and help implement Cloud Security Architecture to modernize our cloud.Assess cloud service offerings from AWS, Microsoft Azure, or Google Cloud Platform (GCP) to identify threats, risks, and controls to secure the service.Encourage innovation, implementation of cutting-edge technologies, outside-of-the-box thinking, teamwork, and self-organization to find efficiencies in our cloud security assessment process.Lead threat modeling of cloud services.Participate in management of the overall Cloud Control Inventory, Procedure documents, Cloud Service Catalog and Service Adoption Framework (SAF) Reports.Perform content and quality assurance reviews of Cloud Controls Exceptions and SAF assessments to provide risk-based recommendations.Stay current on emerging Cloud computing vulnerabilities, threats, controls, and potential implications for Capital One.Operate as a trusted advisor for cloud services helping junior team members and developers understand threats and risk mitigation options for cloud services.Collaborate effectively with colleagues, stakeholders, lines of business and leaders across multiple organizations to achieve Capital One Cloud Security objectives.Define cloud control intent through Policy-As-Code (PaC) using Rego Policy Language.Participate in the testing of control design and feasibility study (both manually and through automation) prior to the roll out of Cloud services for enterprise-wide consumption.Basic QualificationsHigh School Diploma, GED or Equivalent CertificationAt least 4 years of experience in Cyber SecurityAt least 2 years of cloud experience with AWS, Microsoft Azure, or Google Cloud PlatformPreferred Qualifications:Bachelor's Degree in Computer Science or Engineering5+ years of experience delivering cloud security solutions3+ years of experience in agile deliverySolutions architect or developer certification from AWS, GCP or AzureIndustry recognized security certifications (CISSP, CSCP, or equivalent certifications)At this time, Capital One will not sponsor a new applicant for employment authorization for this position.Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.This role is expected to accept applications for a minimum of 5 business days. No agencies please.
Capital One is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex (including pregnancy, childbirth or related medical conditions), race, color, age, national origin, religion, disability, genetic information, marital status, sexual orientation, gender identity, gender reassignment, citizenship, immigration status, protected veteran status, or any other basis prohibited under applicable federal, state or local law.
#J-18808-Ljbffr
Capital One is seeking a technical expert in Cloud Security to execute on cyber strategy, while playing a key role in assessing, challenging and advising on infrastructure, platform, and software services in the cloud.The Ideal candidate will display a strong understanding of industry best practices in the Cloud including governance, engineering, architecture and networking. You will collaborate closely with associates in Cyber, Technology, the lines of Business, and risk management offices. You will evaluate and make recommendations to bolster and secure Capital One's cloud governance, engineering, architecture and on fun controls and practices. In addition, you will provide recommendations to teams regarding ways to safeguard Capital One's Information Assets by contributing to the identification, analysis, solutioning of new or emerging cyber-based threats impacting our cloud environments. You believe that a core component of security's role is to enable the business, not just to secure it, and the solutions you bring to life are aligned to the needs of our developer community and business partners. You thrive in working in a fast paced, technologically forward leaning environment and are not afraid to push the boundaries of security capabilities. You feel at home in the cloud and are an expert in delivering cloud-native security solutions.In this role you will:Design, architect, and help implement Cloud Security Architecture to modernize our cloud.Assess cloud service offerings from AWS, Microsoft Azure, or Google Cloud Platform (GCP) to identify threats, risks, and controls to secure the service.Encourage innovation, implementation of cutting-edge technologies, outside-of-the-box thinking, teamwork, and self-organization to find efficiencies in our cloud security assessment process.Lead threat modeling of cloud services.Participate in management of the overall Cloud Control Inventory, Procedure documents, Cloud Service Catalog and Service Adoption Framework (SAF) Reports.Perform content and quality assurance reviews of Cloud Controls Exceptions and SAF assessments to provide risk-based recommendations.Stay current on emerging Cloud computing vulnerabilities, threats, controls, and potential implications for Capital One.Operate as a trusted advisor for cloud services helping junior team members and developers understand threats and risk mitigation options for cloud services.Collaborate effectively with colleagues, stakeholders, lines of business and leaders across multiple organizations to achieve Capital One Cloud Security objectives.Define cloud control intent through Policy-As-Code (PaC) using Rego Policy Language.Participate in the testing of control design and feasibility study (both manually and through automation) prior to the roll out of Cloud services for enterprise-wide consumption.Basic QualificationsHigh School Diploma, GED or Equivalent CertificationAt least 4 years of experience in Cyber SecurityAt least 2 years of cloud experience with AWS, Microsoft Azure, or Google Cloud PlatformPreferred Qualifications:Bachelor's Degree in Computer Science or Engineering5+ years of experience delivering cloud security solutions3+ years of experience in agile deliverySolutions architect or developer certification from AWS, GCP or AzureIndustry recognized security certifications (CISSP, CSCP, or equivalent certifications)At this time, Capital One will not sponsor a new applicant for employment authorization for this position.Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.This role is expected to accept applications for a minimum of 5 business days. No agencies please.
Capital One is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex (including pregnancy, childbirth or related medical conditions), race, color, age, national origin, religion, disability, genetic information, marital status, sexual orientation, gender identity, gender reassignment, citizenship, immigration status, protected veteran status, or any other basis prohibited under applicable federal, state or local law.
#J-18808-Ljbffr