I am...

Role Summary

At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information Security. You are pragmatic and practical in your understanding of risk and security, but also willing to know when to pull in experts and escalate. You collaborate and innovate with other teams within Capital One to push the envelope. You are comfortable with Cloud Service technologies like Storage Services, Security & Access Control Management, Container Services, and API Implementation and Management. You are familiar with various Cloud computing models to include IaaS, PaaS, and SaaS along with their architectural differences.  You are enthusiastic about enabling developers to securely develop software efficiently. Security is essential to what we do here, from protecting our customers to our associates.

• Act as a central Information Security point of contact for Delivery Experience teams
• Coordinate and execute proactive Information Security consulting to the business and technology teams covering Infrastructure Security, Resiliency, Data Security, Network Architecture and Design, and User Access Management
• Serve as an expert in Capital One’s Information Security capabilities, solutions, policies, procedures and standards
• Influence customers to leverage security capabilities and solutions to shift and integrate security to the left in the development processes
• Escalate and manage cyber security risk
• Provide ad hoc support on special Information Security hot topics for the business
• Provide regular updates to executive leadership with your line of business on the overall Information Security health and risk environment
• Work with line of business leadership to anticipate their objectives and needs to better serve the line of business

Basic Qualifications:

• High School Diploma, GED or equivalent certification
• At least 6 years of experience working in cybersecurity or information technology
• At least 5 years of experience providing guidance and oversight of cyber security concepts
• At least 5 years of experience performing security risk assessments or security architecture reviews
• At least 5 years of experience with software design, networking, or cloud infrastructure
• At least 4 years of experience with cloud security engineering

Preferred Qualifications:

• Bachelor’s Degree
• 5+ year of experience in securing a public cloud environment (e.g. AWS, GCP, Azure)
• Experience with Threat Modeling
• Experience with integrating SaaS products into an Enterprise Environment
• Experience with securing Container services
• Professional certifications such as AWS Certified Solutions Architect and Certified Information Systems Security Professional (CISSP)
• Experience in Offensive or Defensive Security techniques
• Experience in a regulated environment
• Experience with the Software Development Life Cycle (SDLC) governance
• Experience with DevSecOps

At this time, Capital One will not sponsor a new applicant for employment authorization, or offer any immigration related support for this position (i.e. H1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN, or another type of work authorization).

The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked.

New York City (Hybrid On-Site): $234,700 - $267,900 for Sr Manager, Cyber Technical

Illinois (Hybrid On-Site): $218,900 - $249,800 for Sr Manager, Cyber Technical

Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate’s offer letter.

This role is also eligible to earn performance-based incentive compensation, which may include cash bonus(es) and/or long-term incentives (LTI). Incentives could be discretionary or non-discretionary depending on the plan.

Capital One offers a comprehensive, competitive, and inclusive set of health, financial, and other benefits that support your total well-being. Learn more at the Capital One Careers website. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.

This role is expected to accept applications for a minimum of 5 business days.

No agencies please. Capital One is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex (including pregnancy, childbirth, or related medical conditions), race, color, age, national origin, religion, disability, genetic information, marital status, sexual orientation, gender identity, gender reassignment, citizenship, immigration status, protected veteran status, or any other basis prohibited under applicable federal, state or local law. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City’s Fair Chance Act; Philadelphia’s Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries.

If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at RecruitingAccommodation@capitalone.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.

For technical support or questions about Capital One's recruiting process, please send an email to Careers@capitalone.com

Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site.

Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better. Join us and build an exceptional experience for yourself, and a better working world for all.

The exceptional EY experience. It's yours to build.

EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities.

In a rapidly changing OT environment, clients from all industries look to us for trusted solutions for their increasingly complex risks and vulnerabilities. As a part of our Cybersecurity team you’ll be right at the heart of that goal, helping clients gain insight and context to their complex operational environments and assessing, designing, and building infrastructure, processes and policies to meet the client’s OT cybersecurity needs. You’ll get to use your technical and business skills to help us drive this mission and have an impact on cybersecurity at a global level.

Our cybersecurity services assist our clients in aligning security management strategy with business goals. With a focus on OT cybersecurity and network security, you will serve in a key role of leading technical discussions, guiding the development of strategic and tactical security architecture efforts, designing and driving implementations to completion, and function overall as a technical security leader for traditional solutions and evolving risk-based security architectures.

To qualify for the role you must have

• A bachelor's degree in a related field and approximately three (3) years of related work experience; or a graduate degree and approximately two (2) years of related work experience; or no degree and six or more (6+) years of related work experience
• Operational industry experience in the field/plant
• Working knowledge of NIST CSF and its application in OT environments
• Have performed an OT Cybersecurity assessment utilizing an industry accepted standard
• Firewall review experience and knowledge of industrial-centric protocols
• General network security experience and working knowledge of white listing, AV, IDS/IPS, firewalls, SIEM, etc.
• Experience in process definition, workflow design, and/or process mapping
• A valid driver's license in the US and a valid passport required; willingness and ability to travel internationally and a willingness to travel; travel is estimated at 60-80%

Ideally, you’d also have

• Strong presentation and communication skills
• Relevant security certifications (e.g., CISSP, CISM. GICSP)
• Program management experience
• Intimate knowledge of a relevant OT Cyber Framework such as NIST 800-82 or ISA62443

We’re interested in intellectually curious people with a genuine passion for cybersecurity. With your broad exposure across OT cybersecurity and security architecture, we’ll turn to you to speak up with innovative new ideas that could make a lasting difference not only to us, but also to the industry as a whole. If you have the confidence in both your presentation and technical abilities to grow into a leading expert here, this is the role for you.

What we offer

We offer a comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $103,800 to $190,300. The salary range for New York City Metro Area, Washington State, and California (excluding Sacramento) is $124,600 to $216,300. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.

• Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

EY is an equal opportunity, affirmative action employer providing equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY’s Talent Shared Services Team (TSS) or email the TSS at ssc.customersupport@ey.com

Summary Information about the Role and the Company Overview

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better. Join us and build an exceptional experience for yourself, and a better working world for all.

The exceptional EY experience. It's yours to build.

EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities.

From strategy to execution, the Government & Public Sector practice of Ernst & Young provides a full range of consulting and audit services to help our Federal, State, Local and Education clients implement new ideas to help achieve their mission outcomes. We deliver real change and measurable results through our diverse, high-performing teams, quality work at the highest professional standards, operational know-how from across our global organization, and creative and bold ideas that drive innovation. We enable our government clients to achieve their mission of protecting the nation and serving the people; increasing public safety; improving healthcare for our military, veterans, and citizens; delivering essential public services; and helping those in need. EY is ready to help our government build a better working world.

EY | Building a better working world

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform, and operate.

Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

• Providing expert guidance and training to staff on best practices for privileged access management and security awareness.
• Applying solutions for managing privileged access within cloud service provider tools (AWS IAM, Azure Directory)
• Addressing platform specific implementation requirements for Windows Server (Server 2012, Server 2022) and Linux operating systems (Redhat Enterprise Linux, Amazon Linux)
• Security Architecture
• Implementing and supporting NIST best practices for the Least Privilege Model for the enterprise
• Implementing advanced capabilities including Just-In-Time Provisioning for Privileged Access, Zero Trust principles, Privileged Account Session Management, Privilege Elevation and Delegation Management, and Lifecycle Management
• Working with other security engineers to develop and implement security policies and procedures as applied to cloud service provider hosted systems
• Supporting the development and enhancement of enterprise secrets management uses cases and features, including backend vault platforms
• Implementing Role Based Access Controls (RBACs) and manage ongoing infrastructure changes, ensuring implementation of least privilege and separation of duties best practices within cloud and on prem environments.
• Providing identity cloud expertise to inform strategic cloud policy and updated cloud governance and architecture to be aligned with PAM initiatives. Experience with Microsoft Azure is preferred but AWS experience is also considered valuable
• Scripting and automation; scripting languages like PowerShell, Python, or others for automating tasks and processes related to privileged access management tools
• Manage and govern privileged accounts on multiple systems and applications. Identify owners, who is using it (humans or systems), develop risk-based classification models, and partner with other teams to timely redress and remediate unsafe practices or accounts
• Experience with common tools for automation in owned-premise and cloud service provider operating environments (Jenkins/Cloudbees/Harness i.o, Github actions, AWS Lambda) beneficial
• Excellent problem-solving skills and the ability to work in a fast-paced, evolving environment.
• Strong troubleshooting skills to identify and resolve issues related to privileged access management tool implementations
• Supporting Continuous Diagnostics and Mitigation (CDM), work with other security, engineering, and operations teams to develop necessary safeguarding, logging, alert generation, etc. to detect relevant anomalies.
• Monitoring, recording, auditing, and analyzing privileged access, sessions, actions, across multi-cloud, hybrid-cloud, and on-prem systems
• Managing definition, planning, and delivery of work product through Agile SCRUM, Kanban.

To qualify for the role, you must have

• Bachelor’s Degree
• 5-8+ years of relevant experience
• Strong communication and leadership skills, with the ability to collaborate effectively across all levels of the organization
• Effective communication skills to articulate technical concepts to both technical and non-technical stakeholders
• Deep technical knowledge of PAM tools and technologies (e.g., CyberArk)
• High level of proficiency in Microsoft Office applications (Word, Excel, Project and PowerPoint)
• Ability to coordinate SMEs across multiple knowledge domains to offer solutions to USCIS mission needs

Ideally, you'll also have

• Consulting experience or experience working on technical projects
• MS in STEM degree

Due to the nature of our work in the Government and Public Sector, work may be required to be completed at client, EY and/or contractor sites. Our goal is to assign professionals to projects within a commutable distance of their work location office. In certain circumstances, travel may be required beyond your work location based on client and project needs. Candidates should be willing to travel on average 25% to 30% or more in a hybrid environment.

We offer a competitive compensation package where you’ll be rewarded based on your performance and recognized for the value you bring to our business. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.

If you can demonstrate that you meet the criteria above, please contact us as soon as possible.