Offensive Security Purple Team Lead

At Capital One youll be part of a big group of makers breakers doers and disruptors who love to solve real problems and meet real customer needs. We want you to be curious and ask what if Capital One started as an information strategy company that specialized in credit cards and we have become one of the most impactful and disruptive players in the industry.

The Offensive Security Purple Team at Capital One is a collaborative and innovative team that works to reduce cyber risk by proactively improving security posture. The team is composed of seasoned offensive and defensive cyber experts who work closely with tech and cyber partners to plan coordinate test and report on defensive gaps and control weaknesses.

The Purple Team Lead will be a highly experienced and knowledgeable cybersecurity professional who will play a pivotal role in enhancing the organizations overall cyber defense posture. This individual will not only lead and manage the Purple Team but also work collaboratively across various departments to identify and address security vulnerabilities proactively improve detection and response capabilities and ensure the continuous improvement of the enterprises security controls.

The successful candidate for this position will be part of an exciting and dynamic environment to build and deliver industry leading cyber capabilities to continuously protect and defend Capital Ones brand systems and data. Offensive Security is part of the Cyber Operations and Intelligence program and assists with identifying opportunities to enhance Capital Ones information security posture against a broad range of cyber threats and develop strategies to most effectively address those threats.

Responsibilities:

• Developing and implementing a comprehensive Purple Team strategy that aligns with the organizations overall security objectives.

• Leading and coordinating Purple Team exercises that emulate realworld attack scenarios to assess the effectiveness of existing security controls and identify areas for improvement.

• Collaborating with Red and Blue Teams to facilitate knowledge sharing improve communication and enhance the overall effectiveness of the organizations security operations.

• Analyzing Purple Team exercise results and providing actionable insights to relevant stakeholders to drive remediation efforts and improve the organizations security posture.

• Staying abreast of emerging threats and attack techniques to ensure that the Purple Teams strategy and exercises remain relevant and effective.

• Providing mentorship and guidance to Purple Team members to foster professional development and enhance the teams overall capabilities.

• Clearly and effectively convey technical information and results to diverse audiences including senior management and those without a technical background.

Basic Qualifications:

• High School Diploma GED or equivalent certification

• At least 6 years of operational cyber security experience

• At least 4 years of experience on a Hunt or Red team

• At least 3 years of People Management experience

• At least 2 years of experience with incident response threat detection or security operations center processes and workflows

• At least 2 years of experience with security tools and SIEM platforms

• At least 2 years of experience with defensive or offensive security concepts tools and methodologies

Preferred Qualifications:

• 4 years of experience in developing offensive or defensive tools using scripted and compiled languages

• 3 years of experience leading teams through all phases of security engagements

• 3 years of experience with security event response

• OSCP OSCE GPEN GXPN CRTO GCFA or GCIH certification

At this time Capital One will not sponsor a new applicant for employment authorization or offer any immigration related support for this position (i.e. H1B F1 OPT F1 STEM OPT F1 CPT J1 TN or another type of work authorization).

The minimum and maximum fulltime annual salaries for this role are listed below by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for parttime roles will be prorated based upon the agreed upon number of hours to be regularly worked.

Candidates hired to work in other locations will be subject to the pay range associated with that location and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidates offer letter.

Capital One offers a comprehensive competitive and inclusive set of health financial and other benefits that support your total wellbeing. Learn more at theCapital One Careers website. Eligibility varies based on full or parttime status exempt or nonexempt status and management level.

If you have visited our website in search of information on employment opportunities or to apply for a position and you require an accommodation please contact Capital One Recruiting ator via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.

For technical support or questions about Capital Ones recruiting process please send an email to

Capital One does not provide endorse nor guarantee and is not liable for thirdparty products services educational tools or other information available through this site.

Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).