Description:
We are seeking a Mainframe Security Engineer who is passionate about marrying data with emerging technologies to join our team. As a Mainframe Security Engineer you’ll have the opportunity to be on the forefront of driving a major transformation within Capital One.
As a Mainframe Security Engineer, you will:
- Optimize cybersecurity program processes and output.
- Contribute to the broader program roadmap.
- Drive reporting accuracy and demand excellence in department deliverables.
- Actively manage and escalate risk and customer-impacting issues within the day-to-day role to management.
- Manage and execute cybersecurity risk assessments using qualitative and quantitative methodologies to support the organization's overall security posture.
- Maintain an awareness of emerging cybersecurity threats by analyzing and reporting on cybersecurity risk against various Cybersecurity Frameworks (NIST CSF, NIST 800-53, PCI DSS).
- Perform in-depth analysis of security issues and vulnerabilities using tools including WhiteHat, Veracode, and Qualys to ensure compliance with audit, regulatory and legal requirements.
- Design metrics and develop advanced capabilities to ensure confidentiality, integrity, availability, authentication, and non-repudiation to communicate elevated risk in a business friendly manner to Cybersecurity Leadership and 2nd line partners.
- Proactively identify and report control deficiencies as issues within action plans.
- Conduct strategic and operational effectiveness assessments as required for cyber events, and regulatory and audit reviews.
- Utilize ServiceNow and Cyber Risk System for risk management and risk remediation, processing potential security exceptions and/or risk acceptances against established security policies and standards.
- Gather and challenge data, evidence, or statuses for accuracy to achieve initiative and risk mitigation completion.
Basic Qualifications:
- High School Diploma, GED, or equivalent certification
- At least 3 years of experience working in cybersecurity or information technology
- At least 3 years of experience in Mainframe Security Risk Assessment & Remediation