LeesburgRecruiter Since 2001
the smart solution for Leesburg jobs

Manager, Software Development Security Risk Oversight - Cyber Risk Management

Company: Capital One
Location: Leesburg
Posted on: May 24, 2020

Job Description:

McLean 1 (19050), United States of America, McLean, VirginiaAt Capital One, we're building a leading information-based technology company. Still founder-led by Chairman and Chief Executive Officer Richard Fairbank, Capital One is on a mission to help our customers succeed by bringing ingenuity, simplicity, and humanity to banking. We measure our efforts by the success our customers enjoy and the advocacy they exhibit. We are succeeding because they are succeeding. Guided by our shared values, we thrive in an environment where collaboration and openness are valued. We believe that innovation is powered by perspective and that teamwork and respect for each other lead to superior results. We elevate each other and obsess about doing the right thing. Our associates serve with humility and a deep respect for their responsibility in helping our customers achieve their goals and realize their dreams. Together, we are on a quest to change banking for good.Manager, Software Development Security Risk Oversight - Cyber Risk ManagementCyber Risk Management is a growing organization focused on providing expert advice, credible challenge, and effective oversight of information security and technology activities to identify, assess, control, and manage cyber and technology risk throughout the company. This organization plays a critical role in helping to ensure that the company's risk-taking entities are aware of the risks inherent in their activities and decisions, the impact of their actions on the company at an enterprise level, and opportunities to reduce, mitigate, or avoid risks altogether. Associates within the Cyber Risk Management organization are highly-skilled information security, cyber, technology, or risk management professionals who have a wealth of experience and a demonstrated ability to provide value-added recommendations and deliver high-impact results in their areas of expertise.This position - Manager, Software Development Security Risk Oversight -will play a key role in assessing, challenging and advising on the secure software development lifecycle (SDLC), open-source software security (OSS), continuous integration/continuous deployment (CI/CD) pipelines, and agile delivery.As part of the second line of defense, you will collaborate closely with associates in Cyber, Technology, the Lines of Business, and other risk management offices. You will help develop and further build our 2nd line oversight and credible challenge program for the SDLC. You will perform and support evaluations of the Capital One's delivery pipeline, SDLC governance, controls and practices and offer independent advice and recommendations regarding ways to further mature the firm's cyber and technology risk management capabilities. In addition, you will contribute to the identification and analysis of new or emerging cybersecurity and technology risks to the enterprise, and aid in integrating cloud engineering practices with other risk management programs across the enterprise. Essential Functions (Responsibilities):- Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy.- Perform risk analysis of open source software and CI/CD policies, procedures, and controls.- Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options- Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders- Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically containerization, serverless, and emerging AWS services- Demonstrate strong analytical, problem-solving, and decision-making skills - Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers- Define, structure and plan work independently- Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance.- Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions- Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies- Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies- Professional security management certification; e.g. Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified in Risk and Information Systems Control (CRISC)Basic Qualifications:- Bachelor's Degree or military experience- At least 3 years of experience with agile software development, APIs, micro-services, and modern technology design patterns- At least 3 years experience with open source software security and vulnerability management- At least 2 years experience with Public Cloud implementations (AWS, Google, Azure)- At least 1 year experience in CI/CD pipelines with containerized workloads including EKS, ECS, Kubernetes, container-as-a-service, immutable infrastructure, and enabling blue-green deployments- At least 1 year experience with Application Security testing (DAST, SAST, IAST)Preferred Qualifications:- Master's Degree in Computer Science or in an Engineering discipline- AWS Certified Professional Architect or other equivalent AWS certification- CCSP, CCSK, or equivalent certification- Experience implementing resilient cloud applications and platform services on public cloud (AWS, GCP, Azure)- Experience with micro-services architecture, cloud native architecture and 12 factor application architecture principles and implementation- Experience in, Data Analytics; Data Science platforms, Integration Services (RESTful API, data streams, files), Real-time monitoring and intelligence, or DevOps/CI/CD- Experience with Information Security at the policy, architecture or implementation level- Experience with identifying and communicating key risks related to cloud native implementations and architectures- Experience applying control frameworks such as CSA-CSM, CIS, and FedRAMPAt this time, Capital One will not sponsor a new applicant for employment authorization for this position. SDL2017

Keywords: Capital One, Leesburg , Manager, Software Development Security Risk Oversight - Cyber Risk Management, IT / Software / Systems , Leesburg, Virginia

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category
within


Other IT / Software / Systems Jobs


Software Engineer Staff Scientist II: Human Language Technologies
Description: Are you an experienced, passionate pioneer in technology who is versatile, displays leadership qualities and is enthusiastic about tackling new problems Do you enjoy creating experiments, prototyping (more...)
Company: Raytheon Intelligence & Space
Location: Columbia
Posted on: 06/1/2020

Database Site Reliability Engineer
Description: Type of Requisition:RegularClearance Level Must Currently Possess:NoneClearance Level Must Be Able to Obtain:NoneSuitability:No Suitability RequiredPublic Trust/Other Required:NACLC T3 Job Family:Systems (more...)
Company: General Dynamics Information Technology
Location: Rockville
Posted on: 06/2/2020

Senior DB2 iSeries Database Administrator
Description: Do you want to join a team that is agile, collaborative, and highly skilled Here at OneMain you will be part of a DBA team with cross-training opportunities to learn even more about other database platforms. (more...)
Company: OneMain Financial
Location: Millersville
Posted on: 06/1/2020


Software Developer
Description: Interview for this job and dozens of other career opportunities at the upcoming TECHEXPO Hiring Event: Wednesday, April 22nd 3:00pm 7:00pm BWI Marriott 1743 West Nursery Road Linthicum Heights, MD 21090 (more...)
Company: TECHEXPO
Location: Ellicott City
Posted on: 06/2/2020

Mobile Notary Association Club
Description: Nationwide Looking for a mobile notary to sign and stamp your documents We notarize sign documents in all 50 states, and we will always be at your service. Hours: Available
Company: Certified Mobile Notary Services
Location: District Heights
Posted on: 06/1/2020

Principal Software Engineer
Description: Principal Software Engineer br - Sorry US. citizens only since clearance will need to be obtained once hired -Role: Lead Software EngineerLocation: Alexandria with flexibility to work partially remote (more...)
Company: CyberCoders
Location: Alexandria
Posted on: 06/2/2020

Computer Programmer - NLP Expertise - NIH - Bethesda, MD
Description: Computer Programmer - NLP Expertise ---NIH - Bethesda, MD Kelly Government Solutions is a strategic supplier and business partner to the federal government and its key suppliers. Through our partnership (more...)
Company: Kelly
Location: Bethesda
Posted on: 06/2/2020

Information Technology Support Specialist
Description: Information Technology Support Specialist George Mason University's University Life - Technology Services invites applicants for the position of Information Technology IT Support Specialist. The individual (more...)
Company: George Mason University
Location: Fairfax
Posted on: 06/1/2020

Mobile Notary Association Club
Description: Nationwide Looking for a mobile notary to sign and stamp your documents We notarize sign documents in all 50 states, and we will always be at your service. Hours: Available
Company: Certified Mobile Notary Services
Location: Baltimore
Posted on: 06/2/2020

Software Engineer- .NET, C#, SQL Server
Description: Software Engineer- .NET, C , SQL Server br - This role reports to West Falls Church, VA- If you are a Software Engineer- .NET, C , SQL Server with experience, please read on br Top Reasons to Work (more...)
Company: CyberCoders
Location: Washington
Posted on: 06/1/2020

Log In or Create An Account

Get the latest Virginia jobs by following @recnetVA on Twitter!

Leesburg RSS job feeds