Purple Team Manager

Responsibilities

• Lead "Defense Improvement Analysis" (DIA) by deconstructing adversary simulation activities to identify control gaps and document the full lifecycle from discovery to resolution
• Perform advanced analysis of log events using big data tools to engineer specific solutions for threat detection and response
• Serve as a technical bridge between offensive and defensive stakeholders, translating complex adversary TTPs into actionable defense strategies
• Research emerging threat behaviors and automate post-exploitation analysis tasks to scale team capabilities
• Build and maintain the technical infrastructure and lab environments required to support Purple Team activities

Requirements

• High School Diploma, GED, or equivalent certification
• At least 4 years of information security experience
• At least 3 years of experience in Threat Hunting or Detection Engineering within a cloud or hybrid environment
• At least 2 years of experience analyzing EDR telemetry and bypass techniques

Preferred Qualifications

• 2+ years of experience performing offensive security operations
• 2+ years of experience with Databricks, Spark, or similar for security analytics
• 4+ years of experience in log analysis, threat detection engineering, threat hunt, incident response, or forensics
• 4+ years of experience with scripting and compiled languages
• Relevant certifications such as OSCP, OSCE, GPEN, GXPN, CRTO, GCFA, GCIH, OSTH, or GDAT

Benefits

• Comprehensive, competitive, and inclusive health and financial benefits
• Performance-based incentive compensation, including cash bonuses and/or long-term incentives
• Support for total well-being through various health and financial wellness programs

About the Company

Capital One is an impactful and disruptive player in the financial industry. Our Offensive Security Purple Team reduces cyber risk by uncovering vulnerabilities and weaknesses through adversary simulation and emulation to continuously protect our brand, systems, and data.