Security Vulnerability And Remediation Manager Jobs Vacancy at Capital One London
Capital One London urgently required following position for Security Vulnerability And Remediation Manager. Please read this job advertisement carefully before apply. There are some qualifications, experience and skills requirement that the employers require. Does your career history fit these requirements? Ensure you understand the role you are applying for and that it is suited to your skills and qualifications.
Follow the online directions, complete all the necessary fields, and provide all relevant information so your application is submitted correctly. When you click the 'Apply this Job' button (open in new window) you will be taken to the online application form. Here you will be asked to provide personal and contact details, respond to employment-related questions, and show how you meet the key selection criteria.
Security Vulnerability And Remediation Manager Jobs Vacancy at Capital One London Jobs Details:
At Capital One, we’re building a leading information-based technology company. Still founder-led by Chairman and Chief Executive Officer Richard Fairbank, Capital One is on a mission to help our customers succeed by bringing ingenuity, simplicity, and humanity to banking. We measure our efforts by the success our customers enjoy and the advocacy they exhibit. We are succeeding because they are succeeding.
Guided by our shared values, we thrive in an environment where collaboration and openness are valued. We believe that innovation is powered by perspective and that teamwork and respect for each other lead to superior results. We elevate each other and obsess about doing the right thing. Our associates serve with humility and a deep respect for their responsibility in helping our customers achieve their goals and realize their dreams. Together, we are on a quest to change banking for good.
Security Vulnerability and Remediation Manager
Capital One is committed to diversity in the workplace.
Reporting into Head of Security Operations, our Security Vulnerability Manager plays a crucial role in supporting and developing our vulnerability management activities.
The role is responsible for owning the vulnerability management process execution, system and architecture in the UK, leveraging automation to streamline and improve processes and time-to-fix. They will partner with the wider global Cyber team, as well as other technical teams (both locally in the UK and Globally) to champion the vulnerability remediation lifecycle in the UK. They will act as the business owner’s subject matter experts on vulnerability impact and risk, providing guidance on root cause, and managing the full lifecycle of reported vulnerabilities through to closure.
Assessment and Oversight of the remediation of vulnerabilities
- Assess vulnerabilities, investigate tooling and countermeasures.
- Review and validate vulnerability findings, providing false positive validation.
- Advise technical and non-technical audiences on appropriate prioritization of patch deployment.
- Support vulnerability remediation through re-test & closure
Vulnerability Management Reporting, Education and Awareness
- Report and track remediation activities affecting On-Premise, Cloud Hosted, Perimeter environments
- Support compliance and due diligence led activities and audits, including regulatory updates.
- Collaborate with teams and stakeholders to create both tactical and strategic plans as it relates to Vulnerability Management.
- Champion security best practice within technology and be regarded as the ‘go-to’ individual for security vulnerability management.
- Provide security and remediation advice to cross-business stakeholders at a technical level.
- Proactive identification and communication of external themes and threats.
- Help drive security maturity in vulnerability management and security in general across the business, through positive engagement and teaching.
Vulnerability Management UK Process Ownership and Coverage
- Maintain and further improve the scanning scope and capability of the vulnerability scanning service, through automation and tooling.
- Provide Vulnerability Assessment scan guidance and training.
- Familiarity with Infrastructure and Web Application Scanning tools (e.g. Qualys, Nessus, etc.) and relevant remediation management / risk tools.
- Sound understanding of network/infrastructure and web/mobile application weakness and anti-patterns (CWE, OWASP)
- A good understanding of Information Security principles and best-practices
- A passion to make a difference and positively challenge the status quo through continuous improvement
- providing a thoughtful approach to risk management and controls simplification with measurable data driven outcomes ensuring all appropriate exception, issue or risk processes were strictly adhered to if non-compliances were discovered.
Any of these would also be beneficial
- Familiarity with open-source tooling
- Experience of Cloud (e.g. AWS, Azure)
- Experience with Kenna or similar
- Solid, hands-on system infrastructure operations, security operations or security engineering background
Capital One is committed to diversity in the workplace.
If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at RecruitingAccommodation@capitalone.com . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.
For technical support or questions about Capital One's recruiting process, please send an email to Careers@capitalone.com
Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site.
Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).