Capital One: Senior Associate - Responsible Disclosure


Capital One


Posted Under: Danville, Virginia jobs in Other; Other jobs
Posted On: 2020-08-03 00:00:00

7900 Westpark Drive (12131), United States of America, McLean, VirginiaAt Capital One, we're building a leading information-based technology company. Still founder-led by Chairman and Chief Executive Officer Richard Fairbank, Capital One is on a mission to help our customers succeed by bringing ingenuity, simplicity, and humanity to banking. We measure our efforts by the success our customers enjoy and the advocacy they exhibit. We are succeeding because they are succeeding.Guided by our shared values, we thrive in an environment where collaboration and openness are valued. We believe that innovation is powered by perspective and that teamwork and respect for each other lead to superior results. We elevate each other and obsess about doing the right thing. Our associates serve with humility and a deep respect for their responsibility in helping our customers achieve their goals and realize their dreams. Together, we are on a quest to change banking for good.Senior Associate Responsible DisclosureCapital One's Responsible Disclosure team manages internal and external responsible disclosure programs to help identify, track, and remediate vulnerabilities. You will be the first line of defense for these threats, performing initial triage and working with outside vendors as well as internal partners to neutralize threats and remediate issues.Responsibilities:Conduct initial assessment and analysis of vulnerabilities to gauge validity and severityCoordinate remediation of reported vulnerability and bugsPartner with external vendors and internal stakeholders and leadership to identify and close gaps in coverage and shorten remediation timesManage relationships with third party vendorsBuild and manage relationships with internal Capital One stakeholders, to include working with app teams to identify and prioritize known vulnerabilities or issuesDesign and execute processes, reporting, and communication toolsBasic Qualifications:High School Diploma, GED or Equivalent CertificationAt least 3 years of experience in cybersecurity or information securityPreferred Qualifications:4+ years of experience in information security or cybersecurityProfessional certifications such as: Security+, CISSP, SANS GIAC, CISA/CISM, CCSP, or OSCP1+ year of experience with application security best practices including OWASP Top 10 and OWASP Mobile Top 101+ year of experience with penetration testing tools such as BurpSuite, OWASP Zap, SoapUI etc.1+ year of experience with adversary tools, techniques, tactics, protocols and basic understanding of forensic procedures1+ year of experience with AWS1+ year of experience with Offensive and/or Defensive Security techniquesUnderstanding and/or awareness of cybersecurity frameworks, including NISTBasic knowledge in securing and developing web applications, APIs/web services, and mobile appsKnowledge of Web, API, and mobile application security testing frameworks and methodologiesKnowledge of penetration testing and/or application security engineeringAt this time, Capital One will not sponsor a new applicant for employment authorization for this position.