Senior Cyber Technical Engineer

About The Position

Requirements

• High School Diploma, GED or equivalent certification
• At least 3 years of experience working in cybersecurity or information technology
• At least 3 years of experience in application security
• At least 3 years of experience with Python, Shell Scripting, SQL databases, DevOps or DevSecOps tooling

Nice To Haves

• Bachelors degree
• 4+ years of experience with Cyber security technologies dynamic application security testing, penetration testing, risk analysis, or software testing techniques
• One of the following cybersecurity certifications: OSCP, CISSP, CEH
• 4+ years of experience architecting, securing, and operating Amazon Web Services

Responsibilities

• Advanced Programming & Automation Python Proficiency: Build performant, concurrent backend services, APIs, and sophisticated automation scripts to power our security platforms.
• Data Proficiency: Design, implement, and optimize data storage and retrieval in SQL databases, including PostgreSQL and Snowflake.
• Operational Scripting: Expert-level Bash/Shell scripting for deep pipeline integration and automating complex operational workflows.
• Distributed Systems: Apply strong troubleshooting and debugging skills across complex, distributed architectures to ensure high availability of security services.
• Secrets Discovery & Prevention Strategy Tooling Excellence: Configure, scale, and operationalize industry-leading secrets detection tools (e.g. TruffleHog, Gitleaks ) across the entire codebase and Infrastructure-as-Code (IaC) repositories.
• Shift-Left Implementation: Design and implement developer-facing prevention mechanisms, including pre-commit and pre-receive hooks , to stop credential leaks before they reach the server.
• Continuous Improvement: Monitor detection efficacy and refine rulesets to minimize false positives while maximizing coverage.
• Strategic Initiative & Project Delivery End-to-End Ownership: Drive complex technical initiatives from ideation to full delivery, leveraging a deep understanding of cybersecurity practices and software engineering principles.
• Agile Execution: Navigate high-visibility, high-impact enterprise projects using Agile frameworks , ensuring superior results across planning, development, testing, and deployment.
• Requirement Management: Lead the technical requirements gathering and design phases for large-scale security solutions that impact cross-functional teams.
• Leadership, Influence & Stakeholder Engagement Collaborative Partnerships: Foster open, productive relationships with internal technology groups, stakeholders, and external vendors.
• Executive Communication: Translate complex technical data into clear, actionable insights for diverse audiences, including the ability to influence leadership decisions.
• Cross-Team Alignment: Author high-quality Technical Design Documents (TDDs) for new features and platform integrations to ensure technical clarity across the organization.
• DevSecOps Empathy & Mindset Product-Focused Security: Approach security tooling with a "Developer Experience" ( DevEx ) first mindset. The secure workflow must be the easiest workflow.
• Operational Excellence: Participate in and manage on-call rotations, maintaining a high standard of reliability for the tools you build.
• Cultural Catalyst: Act as a champion for security, fostering rapid adoption of tools by reducing friction for engineering teams.

Benefits

• Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being.
• Learn more at the Capital One Careers website .
• Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.