Network Operations Firewall/Cyberattack Response Engineer
Plano 1 (31061), United States of America, Plano, Texas
At Capital One, we're building a leading information-based technology company. Still founder-led by Chairman and Chief Executive Officer Richard Fairbank, Capital One is on a mission to help our customers succeed by bringing ingenuity, simplicity, and humanity to banking. We measure our efforts by the success our customers enjoy and the advocacy they exhibit. We are succeeding because they are succeeding.
Guided by our shared values, we thrive in an environment where collaboration and openness are valued. We believe that innovation is powered by perspective and that teamwork and respect for each other lead to superior results. We elevate each other and obsess about doing the right thing. Our associates serve with humility and a deep respect for their responsibility in helping our customers achieve their goals and realize their dreams. Together, we are on a quest to change banking for good.
Network Operations Firewall/Cyberattack Response Engineer
We're Capital One.
We started Capital One with a simple principle - attract great talent and give them the opportunity to be great.
Founded in 1988, we harnessed the power of big data to create customized products that disrupted the credit card industry. Our associates have used our information-based strategy to build a great company, bringing breakthrough banking products and services to consumers, small businesses, and commercial clients.
From humble beginnings, we've quickly become an industry leader. Today we're the nation's leading digital bank with more than 65-million customers and 40,000 associates worldwide.
We're Capital One Technology.
Technology is central to Capital One's goal. Our engineers are creating solutions that are driving the future of banking.
At Capital One, you won't be some IT person fixing things. You'll be at a technology company building things. You'll be part of a big group of makers, breakers, doers and disruptors, who love to solve real problems and meet real customer needs. We want you to be curious. We want you to ask "what if?"
We may look like a bank, but we think like a tech company. A different kind of tech company. A tech company that writes its own code, develops its own software, and builds its own products. A tech company that engineers breakthrough customer experiences, bringing simplicity and humanity to banking. A tech company that's making a difference for 65 million customers.
At Capital One, data is at the center of everything we do. When we launched as a startup, we disrupted the credit card industry by individually personalizing every credit card offer using statistical modeling and the relational database, cutting-edge technology in 1988! Fast-forward a few years, and this little innovation and our passion for data has skyrocketed us to a Fortune 125 company and a leader in the world of data-driven decision-making. Developing cutting-edge technology takes the culmination and collaboration of bright, talented people, and forward-thinking leadership. We nurture a work environment where people with a variety of thoughts, ideas and backgrounds, guided by our Shared Values, come together to make us one of the "100 Best Companies to Work For."
We are actively seeking highly creative and intellectually curious Technology Professionals who are passionate about network security to join our team! This is an opportunity to display knowledge of your craft by having a hand in designing and building large scale firewall environments, honing our cyberattack response efforts and showcasing your expert level troubleshooting skills. Our firewall environment and cyberattack response efforts play a major role in protecting both our company and our customers, so ensuring optimal performance of the environment is critical. You will be an integral part in advancing the culture of technical excellence within Capital One, and helping our associates create experiences that will delight millions of customers!
On any given day you will:
- Tenaciously manage environment to ensure it is operating at optimal levels through proactive monitoring/tuning.
- Drive incident and problem resolution as a Tier 3 escalation resource - leveraging strengths of other associates as needed to identify actions which will lead to resolution of operational issues and problems.
- Consult with other technology support groups as part of problem resolution efforts
- Analyze firewall policies and configurations; identify/implement needed firewall policy changes
- Implement new platforms, code versions, and features to meet lifecycle management and business requirements
- Assess security vulnerabilities, identify mitigation plans and successfully implement them
- Contribute to enterprise strategy development/design standard development efforts
- Create and/or maintain standards documentation, design documentation/templates/ topology diagrams and workflow documents
- Participate in technology integration efforts with other engineering and support teams
- Ensure compliance with departmental and enterprise security configuration standards
- Serve as mentor and technical resource to more junior associates; train other associates through one-on-one or group technical discussions.
- Manage and govern relationships with technology vendors
- Provide direct support of audit and ad hoc consulting engagements
Successful candidates will possess:
- Strong to advanced knowledge of large scale Checkpoint firewall environment design, including MLM, CLM, CMA, MDS components in addition to gateways
- Strong to advanced knowledge of large scale Palo Alto firewall environment design, including Panorama, Global Protect and heavy app-ID utilization
- Strong knowledge of Distributed Denial of Service (DDoS) protection measures that can be implemented on network security devices
- Understanding of Interior Gateway Routing protocols (e.g., OSPF, EIGRP), Border Gateway Protocol (BGP) configuration, BGP peering, BGP route advertisements, prefix-lists and route-maps
- High level understanding of multi-tiered application traffic flow, server load balancing, global load balancing, and routing
- Operational experience with firewall technologies, including hardware refresh, software testing, software upgrades, and complex troubleshooting techniques
- Experience with Checkpoint and Palo Alto firewalls, including advanced rule base design, rule base optimization, global/shared objects, and DDoS protection measures (IPS)
- Strong knowledge of incident management, problem management, and change management best-practices
- A solid understanding of what comprises a scalable, robust, supportable design
- Very strong verbal and written communication skills due to the need to communicate extensively with remote team members, vendors and leadership
- Experience using network management tools and packet captures to resolve operational issues - Automation skills. You know how to script and automate.
- A belief that standardization and automation is the path to happiness
- A bias toward action, along with an internal drive for continuous improvement
- Curiosity. You ask why, you explore, you're not afraid to blurt out your crazy idea. It didn't really kill the cat.
- No fear. Big, undefined problems and operational issues don't frighten you. You can work at a tiny crack until you've broken open the whole nut and then clearly explain the issue in a manner that people who aren't as knowledgeable in your area of expertise can understand.
- A passion for teamwork
- Working knowledge of current scripting languages
- Ability to work in a flexible work environment and multiple locations as needed
This position can be located in McLean, VA or Plano, TX.
This position is an operational role. As such, periodic late night maintenance work and participation in an on-call rotation will be required.
- High school diploma, GED, equivalent certification or military experience
- At least 2 years' experience in technical leadership of IT projects involving network security or at least 2 years' experience supporting an enterprise network infrastructure
- At least 4 years' operational experience with firewall technologies
- At least 4 years' experience with Checkpoint firewalls
- Bachelor's degree
- CCSA (Check Point Certified Security Administrator) Certification,
- CCSE (Check Point Certified Security Expert) Certification
- CCSM (Check Point Security Master) Certification
- ACE (Accredited Configuration Engineer) Certification
- PCNSE (Palo Alto Networks Certified Network Security Engineer) Certification
- 4 years' experience in technical leadership of IT projects involving network security or 4 years' experience supporting an enterprise network infrastructure
- 6 years' operational experience with firewall technologies
- 4 years' experience with Palo Alto firewalls
- 3 years' experience with Check Point firewalls
At this time, Capital One will not sponsor a new applicant for employment authorization for this position.
Back to top