13 days old

Cybersecurity Risk Manager - Operational & Compliance Risk

Capital One
McLean 1 (19050), United States of America, McLean, Virginia

At Capital One, were building a leading information-based technology company. Still founder-led by Chairman and Chief Executive Officer Richard Fairbank, Capital One is on a mission to help our customers succeed by bringing ingenuity, simplicity, and humanity to banking. We measure our efforts by the success our customers enjoy and the advocacy they exhibit. We are succeeding because they are succeeding.                                               

Guided by our shared values, we thrive in an environment where collaboration and openness are valued. We believe that innovation is powered by perspective and that teamwork and respect for each other lead to superior results. We elevate each other and obsess about doing the right thing. Our associates serve with humility and a deep respect for their responsibility in helping our customers achieve their goals and realize their dreams. Together, we are on a quest to change banking for good.

Cybersecurity Risk Manager - Operational & Compliance Risk

Cyber Risk Management (Cyber RM), a component of Operational & Compliance Risk (OCR) within Capital One, is a newly formed organization focused on providing expert advice, credible challenge, and effective oversight of information security and technology risk activities to identify, assess, control, and manage cyber risk throughout the company. Cyber RM plays a critical role in helping to ensure the companys risk taking entities are aware of the risks inherent in their activities and decisions, the impact of their actions at an enterprise level, and opportunities to reduce, mitigate, or avoid the risks altogether. Associates within Cyber RM are highly skilled information security, cyber, technology, and risk management professionals who have a wealth of experience and a demonstrated ability to provide value-added recommendations and deliver high-impact results to their areas of expertise.

This position Manager, Cybersecurity Risk will engage with product teams, developers and others across lines of business to analyze a diverse array of new technology-related products and initiatives (e.g., mobile and web applications, internal and external APIs, major cybersecurity tools and programs), as well as corporate development activities, to identify information security or technology risks and recommend mitigation actions to reduce those risks. As part of the second line of defense, this position will also collaborate closely with associates in Cyber, Technology, the Lines of Business, and other risk management offices to perform and support evaluations of the firms cyber capability maturity and offer independent advice and recommendations regarding ways to further mature the firms cyber and risk management capabilities. We are looking for a technology or cybersecurity specialist who can provide advice, risk review, and effective challenge to business partners. The demands and high-visibility nature of this position requires an expert with proven ability to work independently in a fast-paced environment and who can begin contributing immediately.

Essential Functions (Responsibilities):
- Manage the Cyber RM organizations participation in assessing cyber risks associated with new products and initiatives
- Manage the Cyber RM organizations participation in assessing cyber risks associated with corporate development activities
- Coordinate with product teams, developers, and other subject matter experts to understand the intent and enabling technology associated with new initiatives
- Develop reports and products for senior managers detailing risks and mitigation recommendations
- Review existing assessment processes and develop and implement process changes as warranted
- Support other cyber risk oversight and assessment functions as required

Basic Qualifications:
- A bachelors degree or military experience
- At least 5 years of experience in information security, cyber, technology, risk management, compliance, or audit
- At least 3 years of experience in performing information security or technology risk assessments
- At least 1 year of experience drafting reports or analytic assessments for senior management

Preferred Qualifications:
- Ability to manage multiple high-visibility and high-impact projects while maintaining superior results

- Strong written and verbal communication skills
- Execution oriented and a self-motivator
- Prior experience working in financial services or other highly-regulated sector

- Demonstrated ability to communicate clearly and to interact effectively at all levels of the organization, and to influence senior management and executives
- Deep expertise with producing and analyzing risk metrics and communicating the implications of the data to executives and other stakeholders throughout the enterprise
- Passion and expertise in cybersecurity and technology
- An ability to be confident, respectful, and articulate when registering dissenting opinions with colleagues and senior management
- Professional security management certifications, such as a Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM)

At this time, Capital One will not sponsor a new applicant for employment authorization for this position.


Posted: 2019-08-07 Expires: 2019-09-06

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Cybersecurity Risk Manager - Operational & Compliance Risk

Capital One

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast