Principal Penetration Testing

7900 Westpark Drive (12131), United States of America, McLean, Virginia

At Capital One, we're building a leading information-based technology company. Still founder-led by Chairman and Chief Executive Officer Richard Fairbank, Capital One is on a mission to help our customers succeed by bringing ingenuity, simplicity, and humanity to banking. We measure our efforts by the success our customers enjoy and the advocacy they exhibit. We are succeeding because they are succeeding.

Guided by our shared values, we thrive in an environment where collaboration and openness are valued. We believe that innovation is powered by perspective and that teamwork and respect for each other lead to superior results. We elevate each other and obsess about doing the right thing. Our associates serve with humility and a deep respect for their responsibility in helping our customers achieve their goals and realize their dreams. Together, we are on a quest to change banking for good.

Principal Penetration Testing

The Capital One Penetration Test team reduces cyber risk by uncovering vulnerabilities and weaknesses in the cyber environment through coordinated ethical hacking and penetration testing scenarios. This position reports up through the Director of the Offensive Security group and works closely with team members to plan, coordinate, execute, and report on sophisticated ethical hacking exercises to identify cyber vulnerabilities and reduce the risk posture of enterprise systems. This role will be responsible for performing invasive security assessments to make recommendations to senior management on effective solutions. The group's main focus is targeting infrastructure components such as new hardware and software solutions, IoT devices, ICS, and other ecosystems to discover and exploit vulnerabilities.

The successful candidate for this position will be apart of an exciting and dynamic environment to build and deliver industry leading ethical hacking capabilities to continuously protect and defend Capital One brand, systems, and data. The Penetration Test team is a function within the Offensive Security group and is apart of the Cyber Operations & Intelligence program.

Basic Qualifications:

  • Bachelor's degree
  • At least 3 years of information security experience
  • At least 2 years of experience with scripting languages
  • At least 2 years of experience with network penetration testing
  • At least 2 years of experience with offensive tools and frameworks


Preferred Qualifications:
  • Relevant Certification: OSCE, OSWP, GPEN, GWAPT, GMOB, GAWN, GXPN, CREST
  • Relevant Certification: Offensive Security Certified Professional (OSCP)
  • Cloud testing experience
  • Mobile testing experience
  • Contributor to the information security community
  • 1+ year of experience with threat modeling concepts and frameworks like MITRE ATT&CK, STRIDE, DREAD, FAIR


At this time, Capital One will not sponsor a new applicant for employment authorization for this position


Back to top