CrawlJobs Logo

Senior Lead Information Security Office Consultant

United States, McLean Employment contract 229900.00 - 262400.00 USD / Year · Job Posted May 15, 2026
Apply Position
Job Link Share

Job Description

As a Senior Lead Consultant in Capital One’s Cyber Information Security Office (ISO), you will work closely with our cybersecurity team and with extended technical teams to manage and improve the cybersecurity posture specifically related to Card Servicing & Commercial Card Portfolio. You are pragmatic and practical in your understanding of risk and security, but also willing to know when to pull in experts and escalate. You collaborate and innovate with other teams within Capital One to push the envelope. Security is essential to what we do here, from protecting our customers to our associates.

Job Responsibility

  • Act as a central Information Security point of contact for a portfolio of customer servicing technology assets
  • Coordinate and execute proactive Information Security consulting to the business and technology teams covering Infrastructure Security, Resiliency, Data Security, Network Architecture and Design, and User Access Management
  • Serve as an expert in Capital One’s Information Security capabilities, solutions, policies, procedures and standards
  • Influence customers to leverage security capabilities and solutions to shift and integrate security to the left in the development processes
  • Escalate and manage cyber security risk
  • Provide ad hoc support on special Information Security hot topics for the business
  • Provide regular updates to executive leadership with your line of business on the overall Information Security health and risk environment
  • Work with line of business leadership to anticipate their objectives and needs to better serve the line of business

Requirements

  • High School Diploma, GED or equivalent certification
  • At least 6 years of experience working in cyber security or information technology
  • At least 5 years of experience providing guidance and oversight of cyber security concepts
  • At least 4 years of experience performing cyber security risk assessments and cyber security architecture reviews
  • At least 4 years of experience with architecture, software design, networking or cloud infrastructure

Nice to have

  • Bachelor’s Degree
  • 7+ years of experience with Architecture, software design, networking or Cloud infrastructure
  • 6+ years of experience in securing a public cloud environment (AWS, GCP, or Azure)
  • 2+ years of experience utilizing Agile methodologies
  • 2+ years of experience in Financial Services
  • 2+ years of experience in web application security
  • AWS Certified Solutions Architect or Certified Information Systems Security Professional (CISSP)

What we offer

  • Performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI)
  • comprehensive, competitive, and inclusive set of health, financial and other benefits

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Senior Lead Information Security Office Consultant

8 matching positions

Senior Lead Information Security Office Consultant

At Capital One, you will help consult on initiatives, programs, and projects to ...
Location
Location
United States , Plano, Texas; McLean, Virginia
Salary
Salary:
Not provided
capitalone.com Logo
Capital One
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • High School Diploma, GED or equivalent certification
  • At least 6 years of experience working in cybersecurity or information technology
  • At least 5 years of experience providing guidance and oversight of cybersecurity concepts
  • At least 5 years of experience performing security risk assessments or security architecture reviews
  • At least 5 years of experience with architecture, software design, networking, or cloud infrastructure
  • At least 4 years of experience with cloud security engineering
  • At least 4 years of experience in securing a public cloud environment
Job Responsibility
Job Responsibility
  • Act as a central Information Security point of contact for the Data Protection Service, Endpoint Security and Cyber Intelligence services
  • Coordinate and execute proactive Information Security consulting to the business and technology teams covering Infrastructure Security, Resiliency, Data Security, Network Architecture and Design, and User Access Management
  • Serve as an expert in Capital One’s Information Security capabilities, solutions, policies, procedures and standards
  • Influence customers to leverage security capabilities and solutions to shift and integrate security to the left in the development processes
  • Escalate and manage cyber security risk
  • Provide ad hoc support on special Information Security hot topics for the business
  • Provide regular updates to executive leadership with your line of business on the overall Information Security health and risk environment
  • Work with line of business leadership to anticipate their objectives and needs to better serve the line of business
What we offer
What we offer
  • Performance based incentive compensation which may include cash bonus(es) and/or long term incentives (LTI)
  • Health, financial and other benefits that support your total well-being
  • Fulltime
Read More
Arrow Right

Senior Manager, Information Security Office (AI) Consultant

At Capital One, the AIML Division is working to bring the transformative power o...
Location
Location
United States , McLean; Plano; Richmond; New York
Salary
Salary:
209000.00 - 286200.00 USD / Year
capitalone.com Logo
Capital One
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • High School Diploma, GED or equivalent certification
  • At least 6 years of experience working in cybersecurity or information technology
  • At least 5 years of experience providing guidance and oversight of cyber security concepts
  • At least 5 years of experience performing cyber security risk assessments or cyber security architecture reviews
  • At least 4 years in securing a public cloud environment
  • At least 3 years of experience with API security, observability, cloud access control and privacy best practices
Job Responsibility
Job Responsibility
  • Lead the development of secure, enterprise grade AI/ML and agentic AI solutions
  • Establish Ai-First SDLC practices and build scalable platforms
  • Design and implement security controls for AI/ML systems, including LLM applications
  • Conduct threat modeling, risk assessments and security reviews using frameworks such as NIST AI RMF, OWASP, and MITRE ATLAS
  • Define and enforce AI Model guardrails, safety standards, and governance policies
  • Identify and mitigate risk in open -source AI ML models
  • Build and scale processes for AI security testing, monitoring and stress validation
  • Partner with engineering, research, and security teams to deliver secure and compliant AI solutions
  • Advise senior leadership on AI cybersecurity risks, strategy, and regulatory considerations
  • Drive continuous improvement through vulnerability assessments, risk remediation, and security innovation
What we offer
What we offer
  • performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI)
  • comprehensive, competitive, and inclusive set of health, financial and other benefits
  • Fulltime
Read More
Arrow Right

Senior Security Consultant

We have an exciting opportunity for a Senior Security Consultant to join our gro...
Location
Location
United Kingdom , Glasgow or Reading, Berkshire
Salary
Salary:
Not provided
fsp.co Logo
FSP
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience of designing, leading and delivering cyber governance, risk and assurance outcomes
  • Strong knowledge of recognised cyber security frameworks and standards, including ISO/IEC 27001, NIS Directives, NIST, and UK Government Functional Standards
  • Experience aligning security controls to MOD requirements such as DEFSTAN 05-138, JSP 440, JSP 604 and Defence Cyber Resilience policies
  • Experience applying UK Government security and assurance frameworks, including GovAssure, the Cyber Assessment Framework (CAF), Defence Cyber Certification (DCC) and Government Standard (GovS) 007
  • Relevant academic or professional qualifications, such as, an MSc in cyber security or related specialism, Cyber Essentials Assessor, Cyber Assurance Assessor, CISM, CISSP, PCIRM or ISO/IEC 27001 Lead Implementer or Lead Auditor certification
  • Hold, or are actively working towards, Principal or Chartered Cyber Security Professional (ChCSP) status
  • Eligible to work in the UK and able to obtain and maintain UK security clearances
  • Flexibility to work from home, FSP office locations or at times visit client sites
Job Responsibility
Job Responsibility
  • Lead cyber governance, risk and compliance engagements, applying strong knowledge of cyber threats, risks, controls and mitigations to deliver effective security outcomes
  • Engage with clients to understand their threat landscape and business context, conducting risk and compliance assessments against recognised frameworks (e.g. ISO 27001, NIST, SOC 2)
  • Design, review and advise on the implementation and adoption of information security policies, standards, procedures and frameworks
  • Lead cyber and third-party risk assessments, evaluate supplier security posture, and provide risk-based recommendations for supplier selection and oversight
  • Identify control gaps, document findings, and track remediation activities to support assurance and audit outcomes
  • Produce clear, concise risk and compliance reports for executive and C-suite stakeholders, including prioritised mitigation strategies and improvement roadmaps
  • Contribute to thought leadership and continuous improvement by staying current with industry developments and sharing knowledge across the cyber security community
  • Demonstrate strong communication, stakeholder management and mentoring skills, upholding the highest standards of integrity and professionalism
What we offer
What we offer
  • A collaborative and supportive environment in which you can grow and develop your career
  • The tools and opportunity to do work you can be proud of
  • A chance to work alongside some of the best people in the industry, who always seek to share their knowledge and experience
  • Hybrid working – we empower you to make smart choices about when and where to work to achieve great results
  • Industry leading coaching and mentoring
  • Plus the excellent benefits package we offer at FSP
  • Fulltime
Read More
Arrow Right
New

Cybersecurity - Senior Information System Security Manager

At Boeing, we innovate and collaborate to make the world a better place. We’re c...
Location
Location
United States , Berkeley; Hazelwood
Salary
Salary:
161500.00 - 218500.00 USD / Year
boeing.com Logo
Boeing
Expiration Date
July 14, 2026
Flip Icon
Requirements
Requirements
  • Successfully completed Tier 5 Investigation (T5), formerly known as a Single Scope Background Investigation (SSBI) by the federal government within the last 5 years, or requires candidate to have been enrolled in a Continuous Vetting program within the last 5 years
  • Currently hold certification in good standing to satisfy IAM Level III (CISSP, GSLC, or CISM)
  • 10+ years of combined experience and education in IT, cybersecurity, or related fields
  • 5+ years of experience utilizing security relevant tools, systems, and applications in support of Risk Management Framework (RMF) to include NESSUS, ACAS, DISA STIGs, SCAP, Audit Reduction, and HBSS
  • 5+ years of experience with cybersecurity leadership overseeing programs and teams, authorizing risk decisions, coordinating stakeholders, and improving security and compliance
  • 5+ years of experience communicating complex technical risks, translating impact, and advising senior leaders
  • Experience with Risk Management Framework (RMF) and with cybersecurity policies and RMF implementation (e.g., DAAG, CNSSI 1253, ICD-503, JSIG, or NIST SP 800 series)
Job Responsibility
Job Responsibility
  • Oversee the development and deployment of program information security for all program systems to meet the program and enterprise requirements, policies, standards, guidelines and procedures (multiple locations)
  • Manage assigned team to facilitate effective execution of Risk Management Framework (RMF) through organization and execution of the Responsible, Accountable, Consulted and Informed model and other methods
  • Provide assignment, guidance and coaching to support the team within Information Security
  • Communicate with security assessors and program office personnel to ensure requirements are tracked and followed
  • Manage and perform security compliance continuous monitoring
  • Oversee and participate in security assessments and audits
  • Prepare, review, and present technical reports and briefings
  • Identify root causes, prioritize threats and recommend and/or implement corrective action
  • Explore the enterprise and industry for evolving state of industry knowledge and methods regarding information security best practices and cloud methodologies
  • Lead development of enterprise-wide information security policies, standards, guidelines and procedures that may reach across multiple stakeholder organizations
What we offer
What we offer
  • Health insurance
  • Flexible spending accounts
  • Health savings accounts
  • Retirement savings plans
  • Life and disability insurance programs
  • Paid and unpaid time away from work
  • Generous company match to your 401(k)
  • Industry-leading tuition assistance program pays your institution directly
  • Fertility, adoption, and surrogacy benefits
  • Up to $10,000 gift match when you support your favorite nonprofit organizations
  • Fulltime
Read More
Arrow Right

India Cyber Controls Lead - Senior Vice President

The India Cyber Controls Lead (CCL) is a senior management level position respon...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 12+ years of relevant experience
  • Demonstrable information security risk knowledge based on working in similar environments and situations
  • Excellent verbal and written communication skills and ability to comfortably interact with senior management as well as external agencies and regulators
  • Advanced Microsoft Office skills
  • Demonstrated ability to collaborate with a variety of analytical groups and service delivery organizations
  • Advanced analytical and problem solving skills
  • Consistently demonstrates clear and concise written and verbal communication
  • Proficient in interpreting and applying policies, standards and procedures
  • Demonstrated ability to remain unbiased in a diverse working environment
  • Bachelor’s degree/University degree or equivalent experience
Job Responsibility
Job Responsibility
  • Manage a large/complex team or multiple teams, overseeing resources, budget, policy formation and short to medium term planning
  • Manage and support risk and control programs for the organization including working with global teams to effectively deliver quality information security services to businesses in India
  • Manage and validate deliverables of all Information Security (IS) programs, ensuring closure per agreed timelines and goals
  • Perform Business Consulting Activities on IS topics, and ensure Information Security Officer (ISO) consulting services are performed
  • Conduct cost-benefit analysis to justify IS investment, and build the IS team by promoting partnerships, and marketing IS developments
  • Partner with Global Information Security Officers and Global Information Security Program Managers to improve processes and reduce risk
  • Ensure risks are identified, assessed, mitigated and controlled, and assist Security Incident Response Teams as the Business IS Consultant
  • Ensure Control Preparedness and control effectiveness, as part of the Audit preparedness exercise, ensuring IS programs are audit ready
  • Manage critical regulatory interactions and assessments making optimum use of available resources
  • Ensure CISO presence in appropriate country forums and conduct regulatory required meetings and discussions
  • Fulltime
Read More
Arrow Right

Senior Consultant - AI & Infra

Microsoft Industry Solution - Global Center for Innovation and Delivery (GCID) d...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 9+ years of overall IT industry experience with at least 5+ years of handson expertise in Azure Infrastructure architecture, design, and operations.
  • Bachelor’s degree in computer science, Engineering, or equivalent professional experience
  • advanced technical certifications or higher education preferred.
  • Mandatory Microsoft Azure Administrator certification (AZ104)
  • Azure Solutions Architect Expert (AZ305) highly preferred.
  • Terraform Associate certification strongly valued, with proven experience in InfrastructureasCode (IaC) automation.
  • Cloud AI certification such as Microsoft Azure AI Fundamentals (AI‑900) or equivalent is a strong advantage, with practical understanding of AI/ML workloads on cloud platforms.
  • Experience across both application architecture and cloud infrastructure domains, with the ability to bridge development and operations teams effectively.
  • Professional certifications in Delivery Management methodologies (Scrum, Agile, ITIL, Change/Project Management) considered a strong advantage.
  • Proficiency in Python for automation, AI integration, and scripting across infra workflows
Job Responsibility
Job Responsibility
  • As a full Stack Infrastructure Consultant, design, build, and optimize endtoend cloud and onpremises infrastructure solutions, ensuring secure, scalable, and highperforming environments across the entire technology stack.
  • Collaborate with the customer/partner team of Chief Information Officers (CIOs), other C-level executives, and technical and business decision-makers to align customer vision with solutions.
  • Manages risk and Services business goals within engagements.
  • Responsible for technical quality assurance, identification, and mitigation of technical risk across customer or partner deliverables delivery technology strategy aligned solutions
  • Applies technical experience and industry-specific knowledge to develop solutions, based on an analysis of how the proposed approach affects the business objectives of customers and partners.
  • Applies information-compliance and assurance policies to ensure stakeholder confidence.
  • Identifies new processes and innovations to help customers or partners build and accelerate capabilities by using Microsoft technologies.
  • Identifies the best practice approach for a project, across a wide scope of technical issues, and develops or reuses intellectual capital with customers, world-wide, and for programs and initiatives across Microsoft.
  • Defines engagements and opportunities to use Intellectual Property (IP) and address product gaps, while leveraging existing IP and community resources to ensure consistency and improve predictability.
  • Drives new ways of thinking, across the division and subsidiary, to improve quality, engineering productivity, and responsiveness to feedback and changing priorities.
  • Fulltime
Read More
Arrow Right

Senior Lead Secure by Design

We are seeking a Secure by Design professional to lead technically orientated se...
Location
Location
India , Pune
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive professional experience in information technology and cyber security, with strong capability in securing Office IT products and services
  • Demonstrated expertise with Microsoft technologies, including O365 Security & Compliance, Copilot, Microsoft Defender, Azure and cloud productivity ecosystems
  • Strong understanding of AI security and governance, including LLM risk management, prompt security and secure enterprise AI deployment
  • Solid background in enterprise risk management across cloud, Office IT and AI-related environments
  • Proficient in agile ways of working, modern cloud service consumption models and identity management in collaboration ecosystems
  • Ability to communicate complex technical matters to diverse non‑technical business stakeholders clearly and effectively
  • Holds relevant qualifications such as CISSP, CISM, CISA, CRISC, ISO 27001 LA, GIAC, TOGAF or SABSA
  • Minimum 5 years of experience in cyber security, 10+ years with Microsoft Office 365 and related services, and 5+ years in cloud security
Job Responsibility
Job Responsibility
  • Deliver technically focused security assessments for OIT products and services, ensuring alignment to secure by design principles
  • Define, communicate and oversee implementation of security requirements for new and existing services
  • Provide expert security design consultancy to architecture, delivery and operational teams across markets and group entities
  • Evaluate risks and compliance status of Office IT products, cloud services and AI-driven platforms, ensuring mitigation to acceptable levels
  • Guide suppliers and third parties in meeting Vodafone’s security expectations and standards
  • Support agile teams by coaching Security Champions and managing external security consultancy resources
  • Influence a collaborative approach that positions security as a business enabler
What we offer
What we offer
  • Opportunity to influence global cyber security practices across multiple markets and functions
  • Work on cutting-edge technologies including cloud, AI and enterprise collaboration platforms
  • Exposure to cross-functional global teams and high-impact security governance
  • Ability to shape secure solutions for products used by millions globally
Read More
Arrow Right

Director of Information Security

The Director of Information Security is responsible for the design, development ...
Location
Location
United States , Mesa
Salary
Salary:
Not provided
verramobility.com Logo
Verra Mobility
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree from an accredited university
  • 10 years of progressive technology experience
  • Minimum of 5 years of experience in a cybersecurity engineering or architecture leadership role
  • The ability to motivate and lead a team of cybersecurity staff
  • Articulate with strong business acumen and executive presence
  • Foster and build a collaborative working relationship with various stakeholders
  • Expert in information security management, and business risk management
  • Ability to develop and maintain relationships with senior leaders at Verra Mobility and with customers, up to and including C-level executives
  • Must be adept at developing senior management presentations, enterprise communications, and whitepapers
  • Must be proficient in leading cross-functional teams of senior employees to achieve objectives
Job Responsibility
Job Responsibility
  • Responsible for the planning, design and implementation of security measures created to safeguard access to resources, enterprise networks, computer systems, and data elements
  • Setting the strategy for the enterprise cybersecurity solutions
  • Configure, deploy, fine tune, and monitor SIEM, WAF, Firewall, Zero-Trust, IAM, MFA, EPP, SOAR, Vulnerability Management, Threat Intelligence, DLP, CASB, Secure Web & Email Gateway
  • Stay abreast of industry best practices in risk management techniques and integrate new methods and tools as appropriate
  • Monitor vendor and third-party security reports/lists and proactively patch vulnerabilities
  • Work with business line executives to provide visibility into the security risks with a standard risk management approach to track, mitigate and report on the risks
  • Engage with internal and external partners to help design, test, and implement state-of-the-art secure operating systems, applications, networks, and database products/solutions
  • Lead and participate in security operations support and incident management
  • Oversee individual contributors such as security engineers to provide them with clear vision and goals so that cybersecurity is seen as an integral component of enterprise architecture and portfolio management
  • Serve as the cybersecurity subject matter expert by providing guidance and consulting services to IT teams and business units
  • Fulltime
Read More
Arrow Right