DevSecOps Director

  • Company: Capital One
  • Location: McLean, Virginia
  • Posted: December 19, 2016
  • Reference ID: R16149
1750 Tysons (12023), United States of America, McLean, Virginia

DevSecOps Director

Job Description

Capital One is a diversified bank that offers a broad array of financial products and services to consumers, small business and commercial clients. Ranked #124 on the Fortune 500, Capital One is one of the nation's top 10 banks and has one of the most widely recognized brands in America. We nurture a work environment where people with a variety of thoughts, ideas and backgrounds, guided by our shared Values, come together to make Capital One a great company and a great place to work.

Help us make application security easy. Automation is essential in our ability to meet the demands of our growing development teams. This Director role will be the DevSecOps lead and manage the static code analysis team, build out a scalable threat modeling framework and tool, manage and design automation to integrate AppSec into CI/CD, and act as the product owner of an internally developed security automation platform we are building. This is a growing team, with senior leaderships support and visibility. This role is involved in projects or issues of high complexity that requires an individual who can quickly think on their feet, challenge the status quo, and rapidly move from ideation to delivery. 

- Strong written and verbal communication skills.

- Deep experience in enabling organizations with DevSecOps

- Deep experience in the automation of static and dynamic AppSec tools

- Strong experience in static code analysis

- Strong experience in rolling out Threat Modeling enterprise wide that can be consumed by developers and engineers

- Ability to prioritize and set the destiny of a security product

- Calmness and clarity of thought under pressure and ability to maintain confidentiality.

- Ability to maintain the goals and culture of the organization.

- High levels of integrity in the conduct of personal and professional affairs.

- Demonstrated leader with team-oriented interpersonal skills, with the ability to interface effectively upper management, IT leaders, and technology vendors.

- Ability to work well under minimal supervision, reporting to the head of application security

- A bachelor’s degree or military experience

- At least 7 years of experience in Information Security

- At least 5 years of experience with Applications Security, including familiarity with the leading toolsets supporting Application Security (dynamic and static)

- At least 2 years of experience with product design, delivery, and ownership

- At least 2 years experience in threat modeling

- 2 years of Agile experience

- 2 years of experience with integrating tools into DevOps and CI/CD pipelines

- 4 years experience with static code analysis

- 1 year of experience with architecting and designing security infrastructures with special emphasis on cloud environments. 

- 1 year of experience with SOX and regulatory and statutory compliance.

- Professional security management certification, such as a Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM)

At this time, Capital One will not sponsor a new applicant for employment authorization for this position. 

At this time, Capital One will not sponsor a new applicant for employment authorization for this position.

Share this Job