Senior Manager, Data Loss Prevention (DLP)

Capital One
McLean, Virginia
Nov 08, 2021
Dec 06, 2021
Full Time
7900 Westpark Drive (12131), United States of America, McLean, Virginia

Senior Manager, Data Loss Prevention (DLP)

Capital One is hiring a technical Cyber Security professional to join the Data Loss Prevention (DLP) team and work with the line of business stakeholders building DLP policies based on ongoing regulatory requirements and analysis of user business processes and workflows.

You will:
  • Drive DLP program objectives, implement DLP controls, define standards and policies to protect Capital One
  • Work with DLP product team to influence/define product strategy, roadmaps
  • Assess, report on, and make recommendations regarding current and proposed architectures, strategies, and systems in the DLP space
  • Analyze business requirements and provide recommendations for tuning content detection rules to improve accuracy across multiple systems
  • Help develop secure system solutions to meet DLP program requirements
  • Analyze SaaS productivity tool workflows and design CASB controls
  • Create and maintain documentation related to DLP solutions; this may include conceptual, logical, and physical diagrams; new environment design documents; write ups on technical capabilities and solution configurations; etc.
  • Following up and working with internal IT teams to ensure solutions are built, deployed, and modified as necessary according to the projects
  • Lead the DLP operations teams to deliver on day-to-day commitments.
    • Write playbooks for incident responders
    • Support audit responses and investigations
    • Track and report key performance indicators and metrics
    • Identify gaps in controls, processes, systems and recommend solutions
    • Lead team to apply technical skills to recommend, implement, support, improve, and operate information protection technologies
  • Provide project updates to leadership in various project meetings
  • Provide subject matter expertise to management, business areas, and IT Teams as well as implement appropriate data loss prevention security controls and monitoring
  • Participate in various DLP audit, control testing and other processes

You should:
  • Have good people management skills
  • Have good written and oral communication skills
  • Be comfortable leading a team, prioritize the work and manage team's day to day operations
  • Have experience in deploying and operating email security proxies, endpoint DLP agents, CASB systems, and other data loss prevention tools
  • Have experience as an analyst responding to DLP alerts
  • Have demonstrated understanding of Data Loss Prevention fundamentals
  • Have demonstrated understanding of false positive, false negative, and true positive detection rates and how they impact DLP systems
  • Possess experience manipulating data in data warehouses to create DLP metrics
  • Be comfortable developing content detection rules for enterprise DLP tools including writing regular expressions for sensitive data detection
  • Have experience working in a security operations center, on an incident response team, in an IT support role or on data classification/search projects.
  • Have experience working with some of the best in class DLP capabilities such as; CASB, Network Proxies, Sensitive Data Scanning, Content Filtering, and Data Marking/Classification tools
  • Understand DLP information protection technology from both a managerial/strategic level and have experience in hands on technical design and implementation
  • Be comfortable in driving business collaboration and adoption of DLP tools, ensuring the business is trained and BAU processes are in place to enable efficient operation

Basic Qualifications:
  • High School Diploma, GED or equivalent certification
  • At least 5 years of experience in a Cyber Security
  • At least 2 years experience developing and responding to DLP alerts
  • At least 2 years of experience with cyber policy management
  • At least 2 years experience with people management

Preferred Qualifications:
  • Bachelor's Degree
  • One or more security related professional certifications
  • 3+ years developing search queries for knowledge engineering, data classification, ediscovery or digital forensics projects
  • 3 + years experience with scripting and writing SQL queries
  • 1+ years of experience working with a Cloud Access Security Broker (CASB)

At this time, Capital One will not sponsor a new applicant for employment authorization for this position.

No agencies please. Capital One is an Equal Opportunity Employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex, race, color, age, national origin, religion, physical and mental disability, genetic information, marital status, sexual orientation, gender identity/assignment, citizenship, pregnancy or maternity, protected veteran status, or any other status prohibited by applicable national, federal, state or local law. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries.

If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.

For technical support or questions about Capital One's recruiting process, please send an email to

Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site.

Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).