Sr. Manager – Mobile Application Security

Towers Crescent (12066), United States of America, Vienna, Virginia

At Capital One, we're building a leading information-based technology company. Still founder-led by Chairman and Chief Executive Officer Richard Fairbank, Capital One is on a mission to help our customers succeed by bringing ingenuity, simplicity, and humanity to banking. We measure our efforts by the success our customers enjoy and the advocacy they exhibit. We are succeeding because they are succeeding.

Guided by our shared values, we thrive in an environment where collaboration and openness are valued. We believe that innovation is powered by perspective and that teamwork and respect for each other lead to superior results. We elevate each other and obsess about doing the right thing. Our associates serve with humility and a deep respect for their responsibility in helping our customers achieve their goals and realize their dreams. Together, we are on a quest to change banking for good.

Sr. Manager – Mobile Application Security

The Digital Products Engineering team is responsible for building consumer mobile applications including the Capital One Mobile Banking app and Mobile Wallet app. Our award-winning apps enable our 45 million customers to manage their Credit Card, Bank, Auto Loan, Home Loan and Investing accounts. The apps are also mobile e-commerce platforms, enabling new customer and account origination.

Protecting our customer's sensitive financial information is our top priority. We are looking for someone to continue to push the state-of-the-art in mobile application security and to integrate these solutions into our best-in-class mobile applications. Our goal is to provide the best possible customer experience, and we will settle for nothing less. If Diffie–Hellman key exchange is your thing, then please get in touch with us!


  • Driving and iterating on a mobile application security program, working closely with several development teams to integrate security practices into a number of mobile applications throughout the agile development cycle.
  • Work continuously with product, design, & engineering teams to identify application security requirements as applications continue to grow and evolve.
  • Grow and provide SME level leadership in iOS and Android mobile client and API security.
  • Collaborating with other security & risk organizations within the company to develop the mobile application security strategy.
  • Evaluating application development and implementation activities for vulnerabilities and perform penetration testing.
  • Monitoring new security trends, tools, & technologies.
  • Develop and maintain relationships with vendors and 3rd party partners.
  • Manage stakeholders through regular meetings, communication, and presentations.
  • Recruit new engineering security talent and represent the Capital One brand through conference speaking and public writing

Basic Qualifications:

  • At least 5 total years of professional software experience
  • At least 5 years of security program management experience, covering activities like penetration testing, static analysis, and dynamic testing policies and procedures.
  • At least 5 years of experience evaluating and addressing security vulnerabilities with iOS (Swift, Objective-C), Android (Java) apps and their server side API's.
  • At least 5 years of experience with mobile app hacking tools (decompilers, proxies, etc) like Hopper, IDA, and Charles Proxy.

Preferred Qualifications:

  • Bachelors and Masters Degree in Computer Science or related field.
  • 1 year of experience implementing PCI-DSS compliance.
  • 3 years of designing secure data transmission and data at rest protocols.
  • 3 years of building mobile apps for either Android or iOS and corresponding server side API's.
  • 2 years of experience securing single page websites and web apps.
  • 2 years of experience with agile

Capital One will consider sponsoring a new qualified applicant for employment authorization for this position.

No agencies please. Capital One is an Equal Opportunity Employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex, race, color, age, national origin, religion, physical and mental disability, genetic information, marital status, sexual orientation, gender identity/assignment, citizenship, pregnancy or maternity, protected veteran status, or any other status prohibited by applicable national, federal, state or local law. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries.

If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at

Meet Some of Capital One's Employees

Ryan P.

Head Of Design

Ryan and his team of designers and developers work at The Shop, a combined technology workshop and retail hub, to create meaningful financial products and services.

Emma S.

Product Manager

On Capital One’s exploratory Research and Development Group, Emma takes consumer-driven products from white space to market with innovative and interactive user-testing lab experiments.

Back to top