Senior Manager, Active Directory Security
Plano, TX

Job Description

Melville 1 (22567), United States of America, Melville, New York

At Capital One, we're building a leading information-based technology company. Still founder-led by Chairman and Chief Executive Officer Richard Fairbank, Capital One is on a mission to help our customers succeed by bringing ingenuity, simplicity, and humanity to banking. We measure our efforts by the success our customers enjoy and the advocacy they exhibit. We are succeeding because they are succeeding.

Guided by our shared values, we thrive in an environment where collaboration and openness are valued. We believe that innovation is powered by perspective and that teamwork and respect for each other lead to superior results. We elevate each other and obsess about doing the right thing. Our associates serve with humility and a deep respect for their responsibility in helping our customers achieve their goals and realize their dreams. Together, we are on a quest to change banking for good.

Senior Manager, Active Directory Security

Capital One is looking for a Senior Manager, Active Directory Security within the Identity and Access Management organization to lead, manage, and mentor a team of engineers responsible for securing Capital One's enterprise Directory Services environment that includes Active Directory, Azure Active Directory, AWS Microsoft Active Directory, Google Cloud Domain Directory, and LDAP.

Individual must be an experienced people manager and technical expert in Active Directory security, be self-motivated, and be able to work well in a fast paced, results focused, geographically dispersed team environment.

Candidates for this role should have expert level knowledge and experience in securing complex enterprise level Active Directory environments and have a passion for risk assessment and mitigation, learning new technologies, and leading a high performing team of engineers.

This position provides the opportunity to learn and develop new technical skills across multiple cloud directories and environments from AWS, Microsoft, and Google.

Responsibilities:

* Manage a team of engineers responsible for the security of Capital One's enterprise Active Directory environment including on-premise and cloud environments from AWS, Microsoft, and Google


* Provide leadership during the analysis, troubleshooting, and investigation of security related events within the Active Directory platforms


* Recommend information security technologies and procedures by proactively identifying problems and evaluating industry trends


* Ensure the Active Directory roadmap aligns with security initiatives, business needs, and forward looking requirements


* Manage quarterly security audits and ensure the Active Directory environment adheres to security and compliance settings


* Prepare security metrics and socialize to leadership on a monthly basis


* Be the project lead or participate as a team member on certain projects within or across technology and business teams


* Be the product owner for tools such as StealthINTERCEPT and StealthAUDIT to protect the environment and monitor for security breaches, intrusions and irregular system behavior


* Partner with our CyberSecurity organization to translate risks and requirements into implemented technology solutions


* Ensure that Active Directory security aligns with the corporate Information Security Standards and IAM Procedures


* Participate in the evaluation, development, and implementation of security standards and best practices for Active Directory and recommend security enhancements to management as needed


* Educate team members on information security through training and increased awareness



Basic Qualifications:

* Bachelor's degree or military experience


* At least 5 years of hands-on technical experience securing enterprise level Active Directory and Windows environments


* At least 3 years of experience preventing Active Directory credential theft attacks (Pass the Hash, Golden Ticket or lateral movement)


* At least 3 years of experience with Group Policy Objects, Security Log Analysis and Delegation of Permissions


* At least 3 years of experience with DNS, Kerberos, LDAP, SAML and OAuth


* At least 2 years of experience with Active Directory engineering, operational support, and implementation of enterprise solutions


* At least 2 years of people management including building and managing technical teams



Preferred Qualifications:

* Bachelor's or Master's degree in Computer Science, Computer Engineering, Information Technology, or Cyber Security


* 2+ years of experience with Windows Server 2012 or 2016 Active Directory


* 2+ years of experience with StealthINTERCEPT, StealthAUDIT or similar products


* 2+ years of experience with scripting languages such as PowerShell, Python, or VBScript


* 1+ years of experience supporting Active Directory in a cloud hosted environment from AWS, Microsoft, or Google


* 1+ years of experience with cloud-based directories such as Microsoft Azure, AWS Microsoft AD, and Google Cloud Domain Directory


* 1+ years of Agile and ITIL methodologies


* Possess an industry recognized information security certificate such as CISSP, CISM, CEH, or similar



At this time, Capital One will not sponsor a new applicant for employment authorization for this position.