What are the responsibilities and job description for the Principal Associate, Cyber - Cloud Platform Security position at Capital One?
Capital One is seeking a technical expert in Cloud Security to execute on cyber strategy, while playing a key role in assessing, challenging and advising on infrastructure, platform, and software services in the cloud. The ideal candidate will display a strong understanding of industry best practices in the Cloud including governance, engineering, architecture and networking. You will collaborate closely with associates in Cyber, Technology, the lines of Business, and risk management offices. You will evaluate and make recommendations to bolster and secure Capital One’s cloud governance, engineering, architecture and networking controls and practices. In addition, you will provide recommendations to teams regarding ways to safeguard Capital One’s Information Assets by contributing to the identification, analysis, solutioning of new or emerging cyber-based threats impacting our cloud environments.
You believe that a core component of security’s role is to enable the business, not just to secure it, and the solutions you bring to life are aligned to the needs of our developer community and business partners. You thrive in working in a fast paced, technologically forward leaning environment and are not afraid to push the boundaries of security capabilities. You feel at home in the cloud and are an expert in delivering cloud-native security solutions.
In This Role You Will:
Execute independent Cloud Controls validation to determine if controls requirements are adequately and correctly implemented by application teams across various lines of business.
Participate in management of the overall Cloud Control Inventory, Procedure documents, Cloud Service Catalog and Service Adoption Framework (SAF) Reports which all serve as inputs to the cloud controls validation program.
Assess the overall Cloud Platform Security (CPS) Programs, identify gaps in the process and recommend areas of improvement.
As the CPS first line of defense, perform content and quality assurance reviews of Cloud Controls Exceptions and provide risk-based recommendations.
As the Owner of the Cloud Controls Module, generate routine and Ad-hoc exception reports for stakeholders which include but are not limited to Auditors, Senior Management, regulatory agencies and others.
Stay current on emerging Cloud computing vulnerabilities, threats, controls, and potential implications for Capital One.
Collaborate effectively with colleagues, stakeholders, lines of business and leaders across multiple organizations to achieve Capital One Cloud Security objectives.
Prepare the CPS for audit readiness through coordination with all relevant teams to ensure that all auditable or Provided by Client (PBC) items are readily available in an accessible repository prior to the official audit kickoff.
Participate in the testing of design effectiveness (both manually and through automation) prior to the roll out of Cloud services for enterprise-wide consumption.
Basic Qualifications
High School Diploma, GED or Equivalent Certification
At least 2 years of experience in Cyber Security
At least 2 years of experience with AWS, Microsoft Azure, or Google Cloud Platform
Preferred Qualifications:
Bachelor's Degree in Computer Science or Engineering
3 years of experience delivering cloud security solutions
2 years of experience in agile delivery
AWS solutions architect or developer certification
Industry recognized security certifications (e.g.: CISSP, CSCP, or equivalent certifications)
At this time, Capital One will not sponsor a new applicant for employment authorization for this position.
No agencies please. Capital One is an Equal Opportunity Employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex, race, color, age, national origin, religion, physical and mental disability, genetic information, marital status, sexual orientation, gender identity/assignment, citizenship, pregnancy or maternity, protected veteran status, or any other status prohibited by applicable national, federal, state or local law. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City’s Fair Chance Act; Philadelphia’s Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries.If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at RecruitingAccommodation@capitalone.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.
For technical support or questions about Capital One's recruiting process, please send an email to Careers@capitalone.com
Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site.
Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).
