CrawlJobs Logo

Vulnerability Remediation Manager, Security Testing Service

capitalone.com Logo

Capital One

Location Icon

Location:
United States , McLean

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

147100.00 - 201400.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

Security is essential to what we do at Capital One, from protecting customer data to the associate experience. As a Cyber Remediation Manager within the Security Testing Service, you see security as an enabler and differentiator to empower the business through innovation. You partner with the business, understanding their goals and objectives while helping teams incorporate cybersecurity best practices. You will consult on initiatives, programs, and projects to prioritize security risk reduction activities. You are pragmatic and practical in your understanding of software development and IT operations, and familiar with Capital One’s cybersecurity objectives. Using this knowledge, you collaborate and innovate with customers and colleagues to enhance the technology risk posture.

Job Responsibility:

  • Serve as an Cyber Security Remediation subject matter expert
  • Collaborate with a team of Information Security professionals to provide subject matter expertise to business project & engineering teams
  • Evaluate the status of Cyber control programs through analysis of information security metrics
  • Articulate operations, compliance, and cybersecurity objectives for business leadership to inform prioritized risk reduction
  • Effectively communicate the impact of operations, compliance, and cybersecurity gaps to multiple audiences, encouraging remediation activities to enhance their cybersecurity posture
  • Lead activities in response to large-scale enterprise remediation efforts

Requirements:

  • High School Diploma, GED, or equivalent certification
  • At least 4 years of experience with vulnerability identification and management
  • At least 4 years of experience with IT operations
  • At least 4 years of experience with technology or cyber security risk management frameworks

Nice to have:

  • CISSP, CEH, AWS Cloud Practitioner or AWS Certified Solutions Architect Associate certification
  • Experience with monitoring, gathering, and assessing artifacts as part of continuous security monitoring (C&A, PO&AM, NIST 800-37)
  • Experience in operational compliance or IT audit
  • Experience as a Systems Administrator or Network Administrator
  • Experience with Static and Dynamic Application Security Testing, scanning tools and processes
  • Experience utilizing Agile methodologies
What we offer:
  • performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI)
  • comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being

Additional Information:

Job Posted:
February 19, 2026

Employment Type:
Fulltime
Work Type:
On-site work
Icon
Capital One - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Vulnerability Remediation Manager, Security Testing Service

Security Engineer II

The Security Engineer II is an individual contributor who will participate and m...
Location
Location
United States , Fountain Valley
Salary
Salary:
83940.00 - 120032.00 USD / Year
haeaus.com Logo
Hyundai AutoEver America
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s Degree in Computer Science, Information Systems, or related field, or equivalent experience
  • Minimum 3 years of IT relevant experience or equivalent combination of experience plus at least 1 year of experience performing Security Engineering/Planning/Operations, preferably with SIEM or vulnerability management
  • Experience in medium to complex computing environments, with advanced knowledge in security technologies and services
  • Hands-on experience with at least two or more of the following Enterprise Security Technologies: Network Intrusion Prevention/Detection
  • Virtual Private Networks
  • SSL, IPSec, and Site-to-Site
  • Enterprise-Class Stateful Inspection Firewalls
  • Network Access Controls in context to Identity Management
  • Windows Server OS & Desktop OS
  • Network Packet Inspection
Job Responsibility
Job Responsibility
  • Design, build, test, and deploy new security technologies, which include the development of the operational manual and run books
  • Provides technical security operations engineering services to support and update existing security systems and works to automate processes related to security implementations, monitoring, and enforcement
  • Investigates, recommends, evaluates, deploys, and integrates operational security tools (e.g., SIEM, vulnerability scanning) and techniques to enhance protection of corporate assets and infrastructure
  • Participate in technical risk assessments and security exposure analyses of systems, networks, and business applications
  • Analyzes network security elements and overall network security architectural designs to ensure secure and optimal system and network performance and cost-effectiveness
  • Oversees the installation, configuration, and supportive processes of security technologies
  • Participate in or lead the Incident Response activities
  • Interacts with internal and external clients on security operations requirements, identifies security processes, and develops strategies/solutions to security issues
  • Keeps fully abreast of trends and changing technologies as they relate to IT, Network Engineering, and Information Security fields
  • Lead or assist in periodic or ad-hoc security reports that provide relevant situational awareness to our senior stakeholders
  • Fulltime
Read More
Arrow Right

Product Security Engineer

At Atlassian, we're motivated by a common goal: to unleash the potential of ever...
Location
Location
United States , San Francisco
Salary
Salary:
150700.00 - 206000.00 USD / Year
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Science, Cybersecurity or related field
  • 24 months of experience working as Application Security Engineer, Product Security Engineer, or Penetration Tester
  • experience in application security tooling such as BurpSuite Pro, Postman, Docker, Command Line Interface (CLI) tools, Nmap, and Metasploit
  • understanding and coding common programming languages such as Java, Python, or Go
  • penetration testing, vulnerability assessment, composing and generating vulnerability reports
  • administering and managing Jira project
  • data analysis and data visualization tooling such as Tableau and Databricks
  • code versioning tools such as Bitbucket Cloud and GitHub
  • must pass technical interview
Job Responsibility
Job Responsibility
  • Evaluate submissions from security researchers to bug bounty program, assess the impact of each vulnerability, and communicate with the researcher community to help obtain additional details that may be helpful to engineering teams as they work to remediate the issues
  • drive improvement to the policies, processes, and automation to make bug bounty programs effective and ensure to get the most accurate information about each vulnerability to the proper engineering team as quickly as possible
  • work on vulnerability management improvements on processes, policies and standards
  • make sure the company's products and services are safe and secure, the internal vulnerability management workflow is accurate and up to date
  • identify vulnerabilities at scale and help engineering teams systematically remediate them
  • work on securing open-source supply chain
  • interact with some of the world’s leading security researchers through bug bounty program
  • build cutting edge tools to help identify and remediate vulnerabilities at scale
  • work with web application security and a strong ability to work with colleagues to develop and build solutions to help us scale in order to be successful in this role
  • read and write code
What we offer
What we offer
  • health and wellbeing resources
  • paid volunteer days
  • Fulltime
Read More
Arrow Right

Senior Product Security Engineer

Join our Product Security team, where you'll partner with development and game t...
Location
Location
United States , Las Vegas
Salary
Salary:
Not provided
take2games.com Logo
Take-Two Interactive Software, Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Technology, or a similar field, or equivalent experience
  • At least 5 years of demonstrated experience in application security, ideally within the gaming or technology sectors
  • Validated expertise in pentesting, security architecture, risk management, and securing CI/CD pipelines
  • Extensive knowledge of common and complex security vulnerabilities, along with effective mitigation techniques
  • Ability to translate design documents into security-focused guidelines and requirements for product development
  • Adapt quickly to new technologies, languages, and solve challenges outside your expertise
Job Responsibility
Job Responsibility
  • Develop threat models for a variety of applications and games to prioritize scope and use cases for security testing
  • Execute hands-on penetration tests and red team exercises to identify vulnerabilities in applications, infrastructure, and services
  • Conduct manual and automated secure code reviews in languages such as C#, Java, Python, and JavaScript, providing clear, actionable guidance to developers on vulnerability remediation
  • Triage, validate, and manage vulnerability reports from our bug bounty program, working with external researchers and internal teams on resolution
  • Develop and implement security automation tools to improve the efficiency and effectiveness of security processes
  • Provide security architecture and design guidance to development teams, ensuring secure coding practices are followed
  • Partner with teams to define and execute security strategy, driving security priorities across the organization
  • Stay ahead of emerging security threats, seeking and advocating for new technologies to address complex risks
What we offer
What we offer
  • Medical (HSA & FSA)
  • dental
  • vision
  • 401(k) with company match
  • employee stock purchase plan
  • commuter benefits
  • in-house wellness program
  • broad learning & development opportunities
  • a charitable giving platform with company match
  • Fitness allowance
  • Fulltime
Read More
Arrow Right

Information Security Officer

The Information Security Officer is a senior leadership role responsible for ove...
Location
Location
Portugal , Lisbon; Oporto; Madrid; Barcelona
Salary
Salary:
Not provided
https://www.tui.com Logo
TUI
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experienced authentic leader with a good understanding of technology and managing Information Security risks in the enterprise
  • Passionate about Information Security, delivering business value and driving continuous improvement
  • Strong people leadership skills and experience in building a positive enabling security culture based on trust, quality and pragmatic risk management
  • Great communicator and influencer comfortable working across hierarchical, organisational, cultural and market boundaries
  • Experience of managing teams, mentoring and developing security talent from different cultural backgrounds
  • Professionally qualified holding a recognised security accreditation (CISSP/CISM/CISA etc.,) or equivalent experience with demonstrable Continuous Professional Development
  • Maintain a good understanding of latest security threats and the mitigating strategies
  • Ability to provide advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards
  • Experience of the implementation, operation and maintenance of an Information Security Management framework such as ISO27001 or NIST CSF
  • Good understanding of integrating security into software or product development lifecycle and cloud security
Job Responsibility
Job Responsibility
  • Promote and inspire a security first culture at TUI
  • Direct the development, implementation, delivery and support of an enterprise Information Security strategy aligned to the strategic requirements of the business
  • Lead the provision of Information Security resources expertise, guidance and systems necessary to execute strategic and operational plans across all of the organisation’s information systems
  • Ensure that each Domain is motivated and empowered to deliver the prioritised roadmap
  • Protect the TUI brand and its customers, detect and respond to incidents, strengthen defences, reduce the attack surface and secure behaviours
  • Drive adoption of and adherence to security policies, standards and controls through the provision of expert advice and guidance
  • Protect our most critical assets and ensure appropriate assurance and rigorous testing is in place
  • Ensure security incidents are managed effectively through engagement with the security operations team, and that lessons learned and audit findings are remediated
  • Ensure effective security operations (e.g. vulnerability scanning, patching)
  • Protect the integrity, availability, authenticity, non-repudiation and confidentiality of information and data in storage and in transit
What we offer
What we offer
  • Attractive remuneration, bonus opportunity, exclusive travel perks & discounts, extensive health & wellbeing support
  • Flexible working: hybrid or remote working models
  • Opportunities to upskill, reskill and grow your career
  • Access the TUI Tech Learning Hub to level-up and reach your ambitions
  • Participate in our tech communities and collaborate on global projects and teams
  • Get involved with incredible local charity and sustainability initiatives like the TUI Care Foundation and the Sustainable Tech Community
  • Fulltime
Read More
Arrow Right

Senior Product Security Engineer

Ready to make an impact on the security of products from the ground up? Join our...
Location
Location
United States , Austin
Salary
Salary:
Not provided
take2games.com Logo
Take-Two Interactive Software, Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Technology, or a similar field, or equivalent experience
  • At least 5 years of demonstrated experience in application security, ideally within the gaming or technology sectors
  • Validated expertise in pentesting, security architecture, risk management, and securing CI/CD pipelines to ensure seamless and secure software delivery
  • Extensive knowledge of common and complex security vulnerabilities, along with effective mitigation techniques
  • Ability to translate design documents into security-focused guidelines and requirements for product development
  • Adapt quickly to new technologies, languages, and solve challenges outside your expertise
  • Travel: No routine travel required
  • occasional travel as needed.
Job Responsibility
Job Responsibility
  • Develop threat models for a variety of applications and games to prioritize scope and use cases for security testing
  • Execute hands-on penetration tests and red team exercises to identify vulnerabilities in applications, infrastructure, and services
  • Conduct manual and automated secure code reviews in languages such as C#, Java, Python, and JavaScript, providing clear, actionable guidance to developers on vulnerability remediation
  • Triage, validate, and manage vulnerability reports from our bug bounty program, working with external researchers and internal teams on resolution
  • Develop and implement security automation tools to improve the efficiency and effectiveness of security processes
  • Provide security architecture and design guidance to development teams, ensuring secure coding practices are followed
  • Partner with teams to define and execute security strategy, driving security priorities across the organization
  • Stay ahead of emerging security threats, seeking and advocating for new technologies to address complex risks.
What we offer
What we offer
  • Medical (HSA & FSA), dental, vision, 401(k) with company match, employee stock purchase plan, commuter benefits, in-house wellness program, broad learning & development opportunities, a charitable giving platform with company match
  • Fitness allowance, employee discount programs, discounted games & events and stocked pantries.
  • Fulltime
Read More
Arrow Right

Security Analyst

WiseTech Global is a world-leading software company building software for the gl...
Location
Location
United States , Chicago
Salary
Salary:
75000.00 - 95000.00 USD / Year
blumeglobal.com Logo
Blume Global
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Min 6 years' experience in a similar Cyber Security role
  • Working knowledge of security frameworks, policies and standards such as ISO27001, PCI DSS, Essential Eight, NIST CSF, and MITRE ATT&CK and applying them into operational context
  • Experience with cloud-based services and technologies
  • Ability to detect and defend against commonly-used attack tactics, techniques and procedures (TTPs) against known attack surfaces such as identity, email, endpoint, network and cloud
  • Passionate about growth and learning
  • A background prior to security in IT support/infrastructure would be advantageous (e.g. servers, networking protocols, security controls, O365/Azure)
  • First-hand experience with SIEM platforms, enterprise intrusion prevention systems, endpoint detection and response tools, and other security products
  • Able to communicate effectively in verbal and written format with technical and non-technical audiences
  • Ability to effectively plan, schedule and adapt to changing priorities, tasks and requirements to meet deadlines
  • Ability to work under pressure and at times with limited supervision
Job Responsibility
Job Responsibility
  • Analyze, review and respond to security alerts, events including triaging and advising on mitigation activities
  • Investigate security incidents and breaches to identify root causes and recommend improvements
  • Engage in testing and monitoring the performance of systems and services, making sure that security requirements are met
  • Maintain strong working relationships, work collaboratively, and share ideas, knowledge and experience with team members as required
  • Assist in continuously updating the company’s security incident, data breach response and disaster recovery plans
  • Undertake threat detection practices
  • Undertake security hardening support practices with teams
  • Vulnerability management to analyze findings from vulnerability reports, assist with risk assessments on the vulnerabilities and coordinate remediation and patching activities with system owners
  • Taking on a wide variety of security operations tasks on an as needed basis
Read More
Arrow Right
New

IT Security Engineer

At Phiillips & Cohen Associates, we are dedicated to excellence in the Banking &...
Location
Location
United Kingdom , Salford
Salary
Salary:
50000.00 - 55000.00 GBP / Year
jobs.360resourcing.co.uk Logo
360 Resourcing Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience as a Security Engineer, preferably within the Banking & Financial Services industry
  • Strong understanding of network security protocols, encryption technologies, and security frameworks
  • Experience with security tools such as SIEM, IDS/IPS, firewalls, endpoint protection, and vulnerability scanners
  • Familiarity with industry regulations and standards including GDPR, PCI DSS, ISO 27001, and FCA compliance
  • Relevant certifications advantageous, such as CISSP, CISM, CEH, or CompTIA Security+
  • Excellent analytical and problem-solving skills with a detail-oriented mindset
  • Strong communication skills, able to explain complex security concepts to non-technical stakeholders
  • Degree in Computer Science, Information Security, or a related field is preferred
Job Responsibility
Job Responsibility
  • Secure Development Lifecycle (SDLC): Integrate security tools and processes into the CI/CD pipelines (DevSecOps), ensuring security is "shifted left"
  • Vulnerability Management: Manage and execute Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) on proprietary applications
  • Remediation & Guidance: Act as the primary security resource for development teams, providing technical advice on vulnerability fixes and secure coding practices (e.g., adherence to the OWASP Top 10)
  • Threat Modelling: Conduct formal threat modelling exercises for new features and application architectures to proactively identify and mitigate design flaws
  • Secure Baselines: Define, implement, and audit secure configuration standards for all corporate systems, including servers (Windows/Linux), cloud resources (AWS, Azure), and critical databases, ensuring compliance with CIS Benchmarks or equivalent standards
  • Endpoint Security: Deploy, manage, and optimize Endpoint Detection and Response (EDR) solutions and host-based firewalls to enhance visibility and defensive capabilities
  • Identity & Access Management (IAM): Engineer and govern the secure configuration of IAM services, including Multi-Factor Authentication (MFA), Single Sign-On (SSO), and Privileged Access Management (PAM) tools
  • Patch & Vulnerability Management: Oversee the technical operation of the enterprise vulnerability scanning program, working with IT Operations to prioritize and track remediation of system and software vulnerabilities
  • Firewall Management: Design, implement, and maintain complex rule sets and policies on Next-Generation Firewall (NGFW) platforms, managing network segmentation, site-to-site VPNs, and secure remote access
  • Intrusion Detection/Prevention (NIPS): Configure and tune Network Intrusion Prevention Systems (NIPS) and Intrusion Detection Systems (IDS) to actively block and alert on malicious network traffic and policy breaches
What we offer
What we offer
  • Competitive salary package reflecting your skills and experience
  • Comprehensive pension scheme to support your future
  • Generous annual leave entitlement plus bank holidays
  • Opportunities for professional development and certifications
  • Supportive and inclusive working environment focused on career growth
  • Employee assistance programme and wellbeing initiatives
  • Access to cutting-edge technology and tools within a leading financial services firm
  • On-site parking
  • Fulltime
Read More
Arrow Right

Information Security Officer

TUI Group is the world’s number one integrated tourism business. The Security Do...
Location
Location
Portugal , Lisbon; Oporto
Salary
Salary:
Not provided
https://www.tui.com Logo
TUI
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • An experienced authentic leader with a good understanding of technology and managing Information Security risks in the enterprise
  • Passionate about Information Security, delivering business value and driving continuous improvement
  • Strong people leadership skills and experience in building a positive enabling security culture based on trust, quality and pragmatic risk management
  • Great communicator and influencer comfortable working across hierarchical, organisational, cultural and market boundaries
  • Experience of managing teams, mentoring and developing security talent from different cultural backgrounds
  • Professionally qualified holding a recognised security accreditation (CISSP/CISM/CISA etc.,) or equivalent experience with demonstrable Continuous Professional Development
  • Maintain a good understanding of latest security threats and the mitigating strategies
  • Ability to provide advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards
  • Experience of the implementation, operation and maintenance of an Information Security Management framework such as ISO27001 or NIST CSF
  • Good understanding of integrating security into software or product development lifecycle and cloud security
Job Responsibility
Job Responsibility
  • Promote and inspire a security first culture at TUI
  • Direct the development, implementation, delivery and support of an enterprise Information Security strategy aligned to the strategic requirements of the business
  • Lead the provision of Information Security resources expertise, guidance and systems necessary to execute strategic and operational plans across all of the organisation’s information systems
  • Ensure that each Domain is motivated and empowered to deliver the prioritised roadmap
  • Protect the TUI brand and its customers
  • Detect and respond to incidents, strengthen our defences, reduce the attack surface and secure our behaviours
  • Drive adoption of and adherence to security policies, standards and controls through the provision of expert advice and guidance
  • Protect our most critical assets and ensure appropriate assurance and rigorous testing is in place
  • Ensure security incidents are managed effectively through engagement with the security operations team, and that lessons learned and audit findings are remediated
  • Ensure effective security operations (e.g. vulnerability scanning, patching)
What we offer
What we offer
  • Attractive remuneration
  • Bonus opportunity
  • Exclusive travel perks & discounts
  • Extensive health & wellbeing support
  • Flexible working
  • Opportunities to upskill, reskill and grow your career
  • Access the TUI Tech Learning Hub
  • Participate in tech communities and collaborate on global projects and teams
  • Get involved with local charity and sustainability initiatives like the TUI Care Foundation and the Sustainable Tech Community
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy