Distinguished Software Engineer - Identity

As a Distinguished Engineer at Capital One, you will be a part of a community of technical experts working to define the future of banking in the cloud. The Mission: We are moving beyond the era of static, administrative-time access to a future defined by Adaptive, Policy-Based Orchestration. We aren't just migrating our core infrastructure from on-premise to the Cloud; we are fundamentally re-architecting how identity serves as the perimeter in a highly regulated environment. Our goal is to abstract the complexity of legacy Identity Governance and Administration (IGA) and replace standing privileges with a Just-In-Time (JIT) ecosystem. We are looking for a visionary architect to build an intelligent, self-sufficient platform that evaluates real-time context—integrating endpoint risk, network signals, and behavioral heuristics—to grant the right access, to the right resources, at the exact moment it's needed. What You Will Lead: The Move to Just-In-Time (JIT): Architect the transition away from "permanent access" to a model of zero standing privileges. You will design the systems that enable seamless, automated access elevation and revocation based on real-time necessity. Policy-as-Code & Abstraction: Lead the effort to abstract IGA components, moving us toward a centralized, policy-based access model that is agnostic of the underlying stack and highly automated. Contextual & Adaptive Security: Design an authorization fabric that factors in multi-dimensional telemetry—including device posture, network risk, and user behavior—to make dynamic, risk-based access decisions. Engineering Self-Sufficiency: Champion an "Identity-as-a-Service" internal culture, building developer-centric APIs and self-service capabilities that allow our product teams to move fast without compromising our rigorous regulatory guardrails. Governance in a Regulated Landscape: Navigate the complexity of a highly regulated financial environment, ensuring that our leap into the future of IAM meets and exceeds the most stringent compliance and audit standards. The Visionary We Need: You are a recognized leader in the Identity space who understands that the "Cloud Journey" is only the foundation. You have experience decoupling legacy monoliths, implementing Open Policy Agent (OPA) or similar policy engines, and building resilient, high-scale distributed systems. You don’t just "manage" identity; you treat Identity as the core engine of a modern Zero Trust architecture. Distinguished Engineers are expected to lead through technical contribution. You will operate as a trusted advisor for our key technologies, platforms and capability domains, creating clear and concise communications, code samples, blog posts and other material to share knowledge both inside and outside the organization. You will specialize in a particular subject area, but your input and impact will be sought and expected throughout the organization. If you are ready to provide thought leadership and build engineering excellence across Capital One's engineering teams, come join us in our mission to change banking for good.