Sign In
 [New User? Sign Up]
Mobile Version

DevSecOps Director

Capital One


Location:
McLean, VA
Date:
04/27/2017
Job Code:
capitalone2-R16149
Categories:
  • Engineering
  • Management
  •  
  • Save Ad
  • Email Friend
  • Print
  • Research Salary

Job Details

Company Capital One

Job Title: DevSecOps Director

JobID: capitalone2-R16149

Location: McLean, VA, 22106, USA

Description: 1750 Tysons (12023), United States of America, McLean, Virginia



At Capital One, we’re building a leading information-based technology company. Still founder-led by Chairman and Chief Executive Officer Richard Fairbank, Capital One is on a mission to help our customers succeed by bringing ingenuity, simplicity, and humanity to banking. We measure our efforts by the success our customers enjoy and the advocacy they exhibit. We are succeeding because they are succeeding.



Guided by our shared values, we thrive in an environment where collaboration and openness are valued. We believe that innovation is powered by perspective and that teamwork and respect for each other lead to superior results. We elevate each other and obsess about doing the right thing. Our associates serve with humility and a deep respect for their responsibility in helping our customers achieve their goals and realize their dreams. Together, we are on a quest to change banking for good.



DevSecOps Director



Job Description



Capital One is a diversified bank that offers a broad array of financial products and services to consumers, small business and commercial clients. Ranked #124 on the Fortune 500, Capital One is one of the nation's top 10 banks and has one of the most widely recognized brands in America. We nurture a work environment where people with a variety of thoughts, ideas and backgrounds, guided by our shared Values, come together to make Capital One a great company and a great place to work.



Help us make application security easy. Automation is essential in our ability to meet the demands of our growing development teams. This Director role will be the DevSecOps lead and manage the static code analysis team, build out a scalable threat modeling framework and tool, manage and design automation to integrate AppSec into CI/CD, and act as the product owner of an internally developed security automation platform we are building. This is a growing team, with senior leaderships support and visibility. This role is involved in projects or issues of high complexity that requires an individual who can quickly think on their feet, challenge the status quo, and rapidly move from ideation to delivery.



- Strong written and verbal communication skills.



- Deep experience in enabling organizations with DevSecOps



- Deep experience in the automation of static and dynamic AppSec tools



- Strong experience in static code analysis



- Strong experience in rolling out Threat Modeling enterprise wide that can be consumed by developers and engineers



- Ability to prioritize and set the destiny of a security product



- Calmness and clarity of thought under pressure and ability to maintain confidentiality.



- Ability to maintain the goals and culture of the organization.



- High levels of integrity in the conduct of personal and professional affairs.



- Demonstrated leader with team-oriented interpersonal skills, with the ability to interface effectively upper management, IT leaders, and technology vendors.



- Ability to work well under minimal supervision, reporting to the head of application security



**Basic Qualifications:**



- A bachelor’s degree or military experience



- At least 7 years of experience in Information Security



- At least 5 years of experience with Applications Security, including familiarity with the leading toolsets supporting Application Security (dynamic and static)



- At least 2 years of experience with product design, delivery, and ownership



- At least 2 years experience in threat modeling



**Preferred Qualifications:**



- 2 years of Agile experience



- 2 years of experience with integrating tools into DevOps and CI/CD pipelines



- 4 years experience with static code analysis



- 1 year of experience with architecting and designing security infrastructures with special emphasis on cloud environments.



- 1 year of experience with SOX and regulatory and statutory compliance.



- Professional security management certification, such as a Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM)



At this time, Capital One will not sponsor a new applicant for employment authorization for this position.



At this time, Capital One will not sponsor a new applicant for employment authorization for this position.



At Capital One, we’re building a leading information-based technology company. Still founder-led by Chairman and Chief Executive Officer Richard Fairbank, Capital One is on a mission to help our customers succeed by bringing ingenuity, simplicity, and humanity to banking. We measure our efforts by the success our customers enjoy and the advocacy they exhibit. We are succeeding because they are succeeding.                                               


Featured Employers

Featured Jobs

CareerConnection Video