Information Security Office Consultant

Social network you want to login/join with:

Client: Capital One

Location: London, United Kingdom

Job Category: Other

EU work permit required: Yes

Job Reference: 8bfcb836c20b

Job Views: 11

Posted: 26.04.2025

Expiry Date: 10.06.2025

White Collar Factory (95009), United Kingdom, London, London. Information Security Office Consultant

Security is integral to our culture at Capital One. It is essential for maintaining our industry leadership, and every employee is responsible for safeguarding information, preventing unauthorized access, and ensuring regulatory compliance. Information Security impacts privacy, consumer confidence, external reputation, and is a priority for all.

Capital One's mission is to change banking for good by bringing humanity, ingenuity, and simplicity to banking. The successful candidate will join the Information Security Office (ISO) for the UK Division.

You will consult on initiatives, programs, and projects to enhance Information Security. You should be pragmatic about risk and security, willing to escalate issues when necessary, and collaborative in your approach. Familiarity with Cloud Service technologies like Storage Services, Security & Access Control Management, Container Services, and API Management is required, along with understanding different Cloud models such as IaaS, PaaS, and SaaS.

Security is crucial in protecting our customers and staff.

The role involves collaboration within the UK and with North American teams supporting global cybersecurity initiatives.

1. Serve as the main contact for your business line within Capital One’s Information Security Office.
2. Provide proactive consulting on Cloud, Infrastructure Security, Data Security, and User Access Management.
3. Influence stakeholders through threat modeling to integrate security early in development.
4. Help identify, manage, and reduce cybersecurity risks.
5. Deliver secure, robust solutions in an agile environment.
6. Mentor application owners and delivery teams.
7. Define and communicate compliance and risk management standards clearly to the business.
8. Support Cloud Productivity Engineering teams with cybersecurity advice on information architecture and data management.
9. Become an expert in Capital One’s security policies, solutions, and standards.
10. Manage and escalate cybersecurity risks as needed.

• Ability to communicate complex information clearly to senior leadership and peers.
• Strong analytical skills and a proactive approach to challenging the status quo.
• Understanding of strategic business objectives with results-driven focus.
• Effective engagement with diverse roles, including management and vendors.
• Passion for securing modern computing platforms.
• Experience or certification in AWS cloud technologies.
• Desire to thrive in a fast-paced, modern environment.
• Continuous learning mindset about new technologies.
• Ability to work independently and navigate ambiguity.
• Calmness and confidentiality under pressure.
• Strong communication skills.

• Security architecture and consultancy experience.
• Experience in regulated environments like finance.
• Cloud Security: AWS, Salesforce, SaaS.
• Implementing security solutions for cloud transformation, data management, storage.
• Threat modeling using MITRE ATT&CK/STRIDE.
• Application Security (OWASP Top 10).
• Software Security Architecture.
• Integrating SaaS into enterprise environments.
• Agile methodologies.
• Regulatory standards: PCI DSS, GDPR, PSD2.
• Information Assurance frameworks.
• Risk analysis, assessment, and mitigation.

This is a permanent role based in London or Nottingham. Our hybrid model allows working from home and office, typically with in-office days on Tuesdays, Wednesdays, and Thursdays, depending on work needs and team patterns. Flexible arrangements are available.

• Contribute to organizational transformation and career growth.
• Access to training programs and external development opportunities.
• Comprehensive benefits including pension, bonus, holidays, private medical insurance, and flexible benefits.
• Modern workspaces with amenities, including gyms, restaurants, and relaxation areas.

We value diversity and inclusion, partnering with organizations like Women in Finance, Race At Work, Stonewall, and upReach. We encourage applications from all backgrounds and provide support for reasonable adjustments during the recruitment process.