I am...

Senior Manager, Cyber Security Operations

​

Capital One’s Cyber Organization is a fast-paced, dynamic environment committed to enabling and securing the business. Our Operations & Intelligence division is searching for an experienced Senior Manager to be an independent contributor and thought leader in our Cyber Security Operations Center team. In this role, you will be responsible for solving hard problems using cutting edge technology, setting enterprise strategy, and managing risk related to analyzing external threats to our environment.

• Serve as the subject matter expert guiding projects and technical investigative teams to protect a large enterprise
• Strategize and implement technology best practices for risk mitigation associated with analysis of security operations center alerts and cases
• Engage with internal teams and cyber and technology industry partners to ensure threats from external actors are evaluated and mitigated where appropriate
• Understand the business drivers, and associate culture of the enterprise and partner with relevant stakeholders to ensure regulatory compliance, data protection, and associate protection are in place
• Collaborate with engineering and other teams to drive automation for analysis efficiency, containment, and remediation activities
• Advocate for change, and excel at partnering with various cross functional stakeholders
• Collaborate with other CSOC leaders to deliver a continuous monitoring and response capability
• Use data across CSOC operations to drive decisions, with emphasis on resource allocation, threat mitigation, and associate development

Basic Qualifications:

• High School Diploma, GED, or Equivalent Certification
• At least 6 years of experience in cyber security or information technology
• At least 6 years of experience with Linux, MacOS, or Windows operating systems
• At least 5 years of experience in cyber operations
• At least 4 years of experience conducting cyber incident response and remediation
• At least 3 years of experience in Application Development
• At least 2 years of experience managing, monitoring, or configuring public cloud environments (AWS, Azure, or GCP)

​

Preferred Qualifications:

• Bachelor’s Degree
• 3+ years of experience managing security operations projects
• 3+ years of experience optimizing security operations tooling
• 2+ years of experience developing SIEM alerts
• 2+ years of experience configuring SOAR automations
• 2+ years of experience configuring security appliances
• CISSP, CISM, CCSP, GCIH, GCFA, GREM, or AWS Security Certification

At this time, Capital One will not sponsor a new applicant for employment authorization, or offer any immigration related support for this position (i.e. H1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN, or another type of work authorization).

​

Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.

​

This role is expected to accept applications for a minimum of 5 business days.

​

No agencies please. Capital One is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex (including pregnancy, childbirth or related medical conditions), race, color, age, national origin, religion, disability, genetic information, marital status, sexual orientation, gender identity, gender reassignment, citizenship, immigration status, protected veteran status, or any other basis prohibited under applicable federal, state or local law. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City’s Fair Chance Act; Philadelphia’s Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries.

​

If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at RecruitingAccommodation@capitalone.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.

​

For technical support or questions about Capital One's recruiting process, please send an email to Careers@capitalone.com.

​

Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site.

​

Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).

Senior Cybersecurity Risk and Compliance Consultant

​

POSITION OVERVIEW

The Senior Cybersecurity Risk and Compliance Consultant responsible for conducting Cybersecurity gap assessments and ongoing consulting with our clients daily in Huntsville, Alabama. The Senior Cybersecurity Risk and Compliance Consultant should be familiar with multiple security frameworks such as National Institute of Standards (NIST 800-171), Risk Management Framework (RMF), Cybersecurity Framework (CSF), CIS Critical Security Controls (CIS Controls), Defense Federal Acquisition Regulation Supplement (DFARS), and Cybersecurity Maturity Model Certification (CMMC). In this position, you will conduct gap assessments through interviews and asking questions to determine the state of an environment while capturing evidence and artifacts to support the assessment results and effectively measure our client’s security posture and compliance.

​

About MAD Security, LLC

MAD Security, LLC, founded in 2010, is a veteran-owned cybersecurity provider dedicated to safeguarding business and simplifying the cybersecurity challenge by delivering compliance through cost-effective, results-driven solutions. Headquartered in Huntsville, Alabama, and recognized as a Top 250 MSSP by MSSP Alert, MAD Security delivers world-class, industry-leading managed services and technology solutions regularly to defense industry-based providers including aviation and aerospace, government contractors, financial institutions, technology services providers, higher education institutions, and manufacturing to manage risk, meet compliance requirements, and reduce costs.

• Conduct Cybersecurity gap assessments and provide resulting reports
• Conduct Cybersecurity consulting engagements to assist with and partner on clients’ POA&M remediation efforts
• Manage and execute project-level tasks and milestones
• Educate clients on information security and applicable control requirements
• Baseline existing risks, exposure, framework, and compliance levels
• Advise on risk mitigation and remediation plans

Required Qualifications

• Subject Matter Expert (SME) in Cybersecurity Compliance
• SOC (Security Operations Center) knowledge and understanding of services within
• Three or more (3+) years of experience in the information security field
• Experience leading information security engagements with a preference for DFARS, NIST, and CMMC assessments, as well as reporting
• Experience authoring cybersecurity policies and procedures (to include Incident response, business continuity, disaster recovery, and more)
• One (1) or more of the following: Certified CMMC Professional (CCP), Certified CMMC Assessor (CCA), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or equivalent certification
• Good time management, project management and problem-solving skills
• A desire to take on roles of increasing responsibility including defining services, managing teams, and coordinating resources
• Integrity: Ethical and respectful to clients and team
• Grit: Ability to self-motivate, self-manage, and meet deadlines when faced with competing priorities
• Customer-centric: Understand that partnership with our clients is a “win-win” scenario
• Selfless: Understand that when one team member succeeds, we all succeed
• Ability to review security architecture and advise on security requirements

Supervisor Responsibilities

N/A

​

Knowledge, Skills, and Abilities

10 Characteristics of Every Professional at MAD Security

1. Customer Service and Satisfaction First. Understanding and satisfying our customers is the cornerstone to our success. We must do what is necessary to meet those needs.
2. Expertise is our Specialty. The very word professional implies expertise, and technical competence is essential to our service-oriented structure. We must become an expert in the skills and tools we use in our operations, we must perform to the best of our abilities, and we must keep our knowledge up to date.
3. Do and Deliver More Than Expected. Professionals are expected to produce results. We strive to complete deliverables before they are due, of higher quality than anticipated, and under budget. Professionals exceed expectations whenever possible.
4. Deliver on What We Say and What We Can Do. Professionals deliver on promises made. We engage our brain before speaking; Before we say we can do something, we make sure we can do it.
5. Communicate Effectively. Whether verbal or written, professionals communicate clearly, concisely, thoroughly, and accurately. Effective communication is ultimately our responsibility as a professional.
6. Follow Exceptional Guiding Principles. Professionals adhere to high ethical values and principles. We appreciate and support our co-workers, practice good manners and proper etiquette, are honest and fair in all our dealings, and have a high ethical and moral standard.
7. Praise Our Co-workers. Professionals are humble and generous in their praise for others. We respect and acknowledge the talents and capabilities of our co-workers.
8. Share Knowledge. Professionals help their peers and co-workers and are respected for doing so. Information isn't a limited resource; our minds won't be emptied by giving away kernels of wisdom or experience. We think of knowledge as an ocean of facts and not a stream of data. It is possible to share what we know and stay one step ahead of the competition — professionals simply apply themselves to learn something new daily.
9. Express Gratitude. Professionals thank others in a meaningful way that most benefits the recipient.
10. Maintain the Right Attitude. Professionals are pleasant even during trying times.

​

Location and Work Environment

Onsite in Huntsville, Alabama. While performing the duties of this Job Description, the employee regularly works in an office setting.

​

Physical Demands

The physical demands described herein are representative of those which much be met by an employee to perform the Primary Duties of this Job Description successfully.

​

Travel

Occasional travel may be required.

​

Other Duties

Please note this Job Description is intended to describe the general nature and level of work to be performed by the employee(s) assigned to this Job Title. It is not designed to contain nor be interpreted as a comprehensive and/or all-inclusive list of duties, responsibilities, and qualifications. MAD Security, LLC reserves the right to amend and/or change responsibilities to meet business and organizational needs, as necessary, with or without notice.

About The Company

​

Join AT&T and reimagine the communications and technologies that connect the world. Our Chief Security Office team is delivering cutting-edge and dependable security solutions to ensure robust, seamless protection for our customers. Bring your bold ideas and fearless risk-taking to redefine connectivity and transform how the world shares stories and experiences that matter. When you step into a career with AT&T, you won’t just imagine the future-you’ll create it.

​

About The Team

​

Our team works with the latest advancements in encryption algorithms and cryptographic techniques. We leverage state-of-the-art tools and technologies to stay ahead of evolving threats. Every encryption solution you design will help secure sensitive data for millions of users globally. Team members share insights and learn from seasoned professionals in a supportive and inclusive environment, promoting collaboration and continuous learning. We invest in your development through continuous training, certifications, and opportunities to attend leading industry conferences. Being a part of our team means growing your career while making a significant impact on cybersecurity. We encourage innovative thinking and creative problem-solving. Bring your ideas to life as you develop new encryption methods and solutions that set industry standards.

• The work will be a combination of technical, architectural, analytical, consultation, remediation, project management, and being an overall Encryption SME.
• Strong knowledge of Cloud environments (Microsoft Azure and AWS) is required.

Required Qualifications:

​

• Strong security background (5+ years of successful career advancement in Cyber Security), with an emphasis on Encryption and Digital Certificates.
• Extensive knowledge of PKI (Public & Private) architecture, encryption technologies (e.g., data at rest, data in transit, structured & unstructured data encryption, TLS protocols, VPN, IPSec, etc.).
• Identity & Access Management (IDM), Key Management (KMS), and Secrets Management systems.
• Strong communication skills and ability to interact with all levels of Technical Management and application teams seeking consultation on encryption topics.
• Ability to work in a multi-tasking fast paced dynamic environment.

​

Preferred Qualifications:

​

• Successful background in Security with strong knowledge of Security Fundamentals and a CISSP Certification.
• Experience with KeyFactor EJBCA, KeyFactor CMD, Voltage SecureData, Thales data at rest encryption.
• Prior experience with certifications such as Microsoft Azure Fundamentals (AZ-900), Microsoft Azure Security Engineer Associate (AZ-500), Microsoft Azure Developer Associate (AZ-203), Microsoft Azure Solutions Architect Expert (AZ-305), AWS Certified Solutions Architect, AWS Certified Security Specialist.

This position is only available in the following locations: Alpharetta, GA; Dallas, TX, Middleton/Bedminster, NJ; and Bothell, WA.

​

Our Lead Cybersecurity, earns between $143,800.00-$215,800.00 USD Annual, Not to mention all the other amazing rewards that working at AT&T offers. Individual starting salary within this range may depend on geography, experience, expertise, and education/training.

​

Joining our team comes with amazing perks and benefits:

​

• Medical/Dental/Vision coverage.
• 401(k) plan
• Tuition reimbursement program.
• Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)
• Paid Parental Leave.
• Paid Caregiver Leave.
• Additional sick leave beyond what state and local law require may be available but is unprotected.
• Adoption Reimbursement.
• Disability Benefits (short term and long term)
• Life and Accidental Death Insurance.
• Supplemental benefit programs: critical illness/accident hospital indemnity/group legal.
• Employee Assistance Programs (EAP)
• Extensive employee wellness programs.
• Employee discounts up to 50% off on eligible AT&T mobility plans and accessories, AT&T internet (and fiber where available) and AT&T phone.

​

AT&T is leading the way to the future – for customers, businesses and the industry. We're developing new technologies to make it easier for our customers to stay connected to their world. Together, we’ve built a premier integrated communications and entertainment company and an amazing place to work and grow. Team up with industry innovators every time you walk into work, creating the world you always imagined. Ready to #transformdigital with us?

​

Apply now!