Mainframe Security Engineer

Do you love building and pioneering in the technology space? Do you enjoy solving complex business problems in a fast-paced, collaborative, inclusive , and iterative delivery environment? At Capital One, you'll be part of a big group of makers, breakers, doers and disruptors, who love to solve real problems and meet real customer needs. We are seeking a Mainframe Security Engineer who is passionate about marrying data with emerging technologies to join our team. As a Mainframe Security Engineer you'll have the opportunity to be on the forefront of driving a major transformation within Capital One.

As a Mainframe Security Engineer, you will:

• Optimize cybersecurity program processes and output.
• Contribute to the broader program roadmap.
• Drive reporting accuracy and demand excellence in department deliverables.
• Actively manage and escalate risk and customer-impacting issues within the day-to-day role to management.
• Manage and execute cybersecurity risk assessments using qualitative and quantitative methodologies to support the organization's overall security posture.
• Maintain an awareness of emerging cybersecurity threats by analyzing and reporting on cybersecurity risk against various Cybersecurity Frameworks (NIST CSF, NIST 800-53, PCI DSS).
• Perform in-depth analysis of security issues and vulnerabilities using tools including WhiteHat, Veracode, and Qualys to ensure compliance with audit, regulatory and legal requirements.
• Design metrics and develop advanced capabilities to ensure confidentiality, integrity, availability, authentication, and non-repudiation to communicate elevated risk in a business friendly manner to Cybersecurity Leadership and 2nd line partners.
• Proactively identify and report control deficiencies as issues within action plans.
• Conduct strategic and operational effectiveness assessments as required for cyber events, and regulatory and audit reviews.
• Utilize ServiceNow and Cyber Risk System for risk management and risk remediation, processing potential security exceptions and/or risk acceptances against established security policies and standards.
• Gather and challenge data, evidence, or statuses for accuracy to achieve initiative and risk mitigation completion.

• High School Diploma, GED, or equivalent certification
• At least 3 years of experience working in cybersecurity or information technology
• At least 3 years of experience in Mainframe Security Risk Assessment & Remediation, * Bachelor's Degree
• 6+ years in Identity and Access Management
• 4+ years of experience in RACF Administration (z/OS 2.1 and above)
• 4+ years of experience issuing RACF and Top Secret Commands & Diagnostic Expertise
• 4+ years of Privilege Access Management (CyberArk, SailPoint IIQ)
• GIAC
• CISSP

At this time, Capital One will not sponsor a new applicant for employment authorization, or offer any immigration related support for this position (i.e. H1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN, or another type of work authorization).

The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $161,800 - $184,600 for Prin Assoc, Cyber Technical Plano, TX: $147,100 - $167,900 for Prin Assoc, Cyber Technical Richmond, VA: $147,100 - $167,900 for Prin Assoc, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website (https://www.capitalonecareers.com/benefits) . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level., Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).