Manager, Offensive Security: Purple Team
About The Position
At Capital One, you'll be part of a big group of makers, breakers, doers and disruptors, who love to solve real problems and meet real customer needs. We want you to be curious and ask “what if?” Capital One started as an information strategy company that specialized in credit cards, and we have become one of the most impactful and disruptive players in the industry. Capital One’s Offensive Security Purple Team reduces cyber risk by uncovering vulnerabilities and weaknesses in the enterprise cyber environment by conducting covert/overt adversary simulation and emulation. This position works closely with offensive and defensive partner teams to plan, coordinate, execute and report on detection gaps and control weaknesses to improve cyber defense across the enterprise. The successful candidate for this position will be part of an exciting and dynamic environment to build and deliver industry leading ethical hacking capabilities to continuously protect and defend Capital One’s brand, systems and data. Offensive Security is part of the Cyber Operations and Intelligence program and assists with identifying opportunities to enhance Capital One’s information security posture against a broad range of cyber threats, and develop strategies to most effectively address the threats.
Requirements
- High School Diploma, GED, or equivalent certification.
- At least 4 years of information security experience.
- At least 3 years of experience in Threat Hunting or Detection Engineering within a cloud or hybrid environment.
- At least 2 years of experience analyzing EDR telemetry and bypass techniques.
Nice To Haves
- 2+ years of experience performing offensive security operations
- 2+ years experience with Databricks, Spark, or similar for security analytics.
- 4+ years of experience in log analysis, threat detection engineering, threat hunt, incident response, forensics
- 4+ years of experience with scripting and compiled languages
- One or more of the following certifications: OSCP, OSCE, GPEN, GXPN, CRTO, GCFA, GCIH, OSTH, GDAT
Responsibilities
- Lead "Defense Improvement Analysis" (DIA): Deconstruct adversary simulation activities to identify control gaps and document the full lifecycle, from initial discovery to final technical resolution.
- Engineering & Analytics: Perform advanced analysis of log events using big data tools to identify, recommend, and engineer specific solutions for threat detection and response.
- Strategic Collaboration: Serve as the technical bridge between offensive and defensive stakeholders, translating complex adversary TTPs into durable defense strategies and actionable recommendations for both technical and executive audiences.
- Operational Research: Continuously research emerging threat behaviors and automate repetitive post-exploitation analysis tasks to scale the team’s ability to identify and address novel TTPs.
- Infrastructure & Tooling: Build and maintain the technical infrastructure and lab environments required to support and evolve Purple Team activities.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Manager
Education Level
High school or GED
Number of Employees
5,001-10,000 employees
