Capital One - New York, NY
posted 3 months ago
Capital One's Offensive Security team is dedicated to reducing cyber risk by identifying vulnerabilities and weaknesses within the enterprise cyber environment through coordinated ethical hacking and penetration testing scenarios. The Lead Penetration Tester will work closely with team members to plan, coordinate, execute, and report on sophisticated ethical hacking exercises aimed at uncovering cyber vulnerabilities and enhancing the overall security posture of Capital One's systems. This role is crucial in identifying and exploiting security weaknesses, providing actionable recommendations, and collaborating with various teams to bolster our security measures. The successful candidate will thrive in a dynamic environment, contributing to the development and delivery of industry-leading ethical hacking capabilities that protect and defend the Capital One brand, systems, and data. As part of the Cyber Operations and Intelligence program, the Offensive Security team plays a vital role in identifying opportunities to enhance Capital One's information security posture against a wide array of cyber threats. This includes developing strategies to effectively address these threats and ensuring that the organization remains resilient against potential attacks. In this position, the Lead Penetration Tester will be responsible for performing penetration testing across enterprise networks, services, applications, and infrastructure. They will also develop automation and tooling to enhance the capabilities of the Offensive Security team, assess Capital One's development practices, and help drive corporate security standards. Collaboration with developers will be essential to provide remediation guidance and improvements throughout the Software CI/CD pipeline, ensuring that security is integrated into the development process.