Senior Cyber Technical Engineer

Senior Cyber Technical Engineer Do you thrive on outsmarting vulnerabilities and engineering defense-in-depth at scale? At Capital One, weu2019re looking for security-focused pioneers to join a team of disruptors dedicated to protecting our software supply chain. We are seeking Cyber Technical Engineers to build automated, enterprise-grade guardrailsu2014specifically focusing on advanced secrets scanning solutions and third-party JavaScript analysisu2014to secure our software supply chain against emerging threats. If youu2019re passionate about treating security as code and want to lead a major transformation in how we proactively defend our digital perimeter, we want to meet you. General Responsibilities: 1. Advanced Programming & Automation + Python Proficiency: Build performant, concurrent backend services, APIs, and sophisticated automation scripts to power our security platforms. + Data Proficiency: Design, implement, and optimize data storage and retrieval in SQL databases, including PostgreSQL and Snowflake. + Operational Scripting: Expert-level Bash/Shell scripting for deep pipeline integration and automating complex operational workflows. + Distributed Systems: Apply strong troubleshooting and debugging skills across complex, distributed architectures to ensure high availability of security services. 2. Secrets Discovery & Prevention Strategy + Tooling Excellence: Configure, scale, and operationalize industry-leading secrets detection tools (e.g., TruffleHog, Gitleaks ) across the entire codebase and Infrastructure-as-Code (IaC) repositories. + Shift-Left Implementation: Design and implement developer-facing prevention mechanisms, including pre-commit and pre-receive hooks , to stop credential leaks before they reach the server. + Continuous Improvement: Monitor detection efficacy and refine rulesets to minimize false positives while maximizing coverage. 3. Strategic Initiative & Project Delivery + End-to-End Ownership: Drive complex technical initiatives from ideation to full delivery, leveraging a deep understanding of cybersecurity practices and software engineering principles. + Agile Execution: Navigate high-visibility, high-impact enterprise projects using Agile frameworks , ensuring superior results across planning, development, testing, and deployment. + Requirement Management: Lead the technical requirements gathering and design phases for large-scale security solutions that impact cross-functional teams. 4. Leadership, Influence & Stakeholder Engagement + Collaborative Partnerships: Foster open, productive relationships with internal technology groups, stakeholders, and external vendors. + Executive Communication: Translate complex technical data into clear, actionable insights for diverse audiences, including the ability to influence leadership decisions. + Cross-Team Alignment: Author high-quality Technical Design Documents (TDDs) for new features and platform integrations to ensure technical clarity across the organization. 5. DevSecOps Empathy & Mindset + Product-Focused Security: Approach security tooling with a

Created: 2026-03-13