Manager, Cloud Security--Cyber Shared Services

7900 Westpark Drive (12131), United States of America, Tysons, Virginia

At Capital One, we're building a leading information-based technology company. Still founder-led by Chairman and Chief Executive Officer Richard Fairbank, Capital One is on a mission to help our customers succeed by bringing ingenuity, simplicity, and humanity to banking. We measure our efforts by the success our customers enjoy and the advocacy they exhibit. We are succeeding because they are succeeding.

Guided by our shared values, we thrive in an environment where collaboration and openness are valued. We believe that innovation is powered by perspective and that teamwork and respect for each other lead to superior results. We elevate each other and obsess about doing the right thing. Our associates serve with humility and a deep respect for their responsibility in helping our customers achieve their goals and realize their dreams. Together, we are on a quest to change banking for good.

Manager, Cloud Security--Cyber Shared Services

We are looking for outstanding, passionate and dedicated individual to join our Vulnerability and Configuration management team. This individual will be responsible for efforts to support our enterprise Microservices program, with a focus on cloud (Dockers, ECS and Kubernetes). This position will be responsible for ensuring containers are secured across all cloud platform (AWS, GCP and Azure). The candidate will be responsible for developing standards and controls for managing a secured containers orchestration and deployment pipeline with the Dev Op's team across the enterprise. In addition to monitoring containers vulnerabilities and driving the remediation effort with the LOB's.


  • Expert level experience in deploying and managing cloud platforms (AWS, GCP and Azure)
  • Deploy and implement container security tools i.e. Qualys, TwistLocker
  • Familiar with deployment pipeline tools used by Dev Op's i.e. Jenkins
  • Coordinate with the Dev Op's teams, to drive remediation or provide insight on solution for vulnerabilities.
  • Working knowledge of microservices orchestration tools, i.e. Dockers, ECS and Kubernetes
  • Perform weekly daily scan of all containers host AMI and review the reports
  • Perform regular assessments of container hosts without the Qualys Sensor
  • Work with the LOB's and Dev Op's teams to ensure that all their containers are being scanned and troubleshoot issues
  • Development and maintenance of procedural documentation like standard operating procedures and program documents
  • Provide monthly security-related metrics for executive-level dashboards (Data-Lake) and presentations
  • Excellent organizational skills required to prioritize urgent matters, and track multiple projects
  • Excellent verbal and written communication skills

Basic Qualifications:
  • Bachelors' Degree or military experience
  • At least 5 years of experience working with cybersecurity and information security risks and controls

Preferred Qualifications:
  • At least 3 years' experience with Amazon AWS services, compliance and management
  • At least 3 years' experience with any vulnerability management tool (Qualys)
  • At least 3 years' experience with any Network Configuration management tool
  • At least 3 years' experience of data analytics and reporting
  • Certifications: CCSP, CISSP, Security+, (AWS, GCP and Azure) Associate level certification.

At this time, Capital One will not sponsor a new applicant for employment authorization for this position.

Back to top