Mainframe Security Engineer
About The Position
Mainframe Security Engineer Do you love building and pioneering in the technology space? Do you enjoy solving complex business problems in a fast-paced, collaborative, inclusive , and iterative delivery environment? At Capital One, you'll be part of a big group of makers, breakers, doers and disruptors, who love to solve real problems and meet real customer needs. We are seeking a Mainframe Security Engineer who is passionate about marrying data with emerging technologies to join our team. As a Mainframe Security Engineer you’ll have the opportunity to be on the forefront of driving a major transformation within Capital One.
Requirements
- High School Diploma, GED, or equivalent certification
- At least 3 years of experience working in cybersecurity or information technology
- At least 3 years of experience in Mainframe Security Risk Assessment & Remediation
Nice To Haves
- Bachelor's Degree
- 6+ years in Identity and Access Management
- 4+ years of experience in RACF Administration (z/OS 2.1 and above)
- 4+ years of experience issuing RACF and Top Secret Commands & Diagnostic Expertise
- 4+ years of Privilege Access Management (CyberArk, SailPoint IIQ)
- GIAC CISSP
Responsibilities
- Optimize cybersecurity program processes and output.
- Contribute to the broader program roadmap.
- Drive reporting accuracy and demand excellence in department deliverables.
- Actively manage and escalate risk and customer-impacting issues within the day-to-day role to management.
- Manage and execute cybersecurity risk assessments using qualitative and quantitative methodologies to support the organization's overall security posture.
- Maintain an awareness of emerging cybersecurity threats by analyzing and reporting on cybersecurity risk against various Cybersecurity Frameworks (NIST CSF, NIST 800-53, PCI DSS).
- Perform in-depth analysis of security issues and vulnerabilities using tools including WhiteHat, Veracode, and Qualys to ensure compliance with audit, regulatory and legal requirements.
- Design metrics and develop advanced capabilities to ensure confidentiality, integrity, availability, authentication, and non-repudiation to communicate elevated risk in a business friendly manner to Cybersecurity Leadership and 2nd line partners.
- Proactively identify and report control deficiencies as issues within action plans.
- Conduct strategic and operational effectiveness assessments as required for cyber events, and regulatory and audit reviews.
- Utilize ServiceNow and Cyber Risk System for risk management and risk remediation, processing potential security exceptions and/or risk acceptances against established security policies and standards.
- Gather and challenge data, evidence, or statuses for accuracy to achieve initiative and risk mitigation completion.
Benefits
- comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Principal
Education Level
High school or GED
