Senior Manager, Cyber Risk and Analysis - Capital One
Company: Capital One
Location: Dedham
Posted on: April 24, 2024
|
|
Job Description:
West Creek 1 (12071), United States of America, Richmond,
VirginiaSenior Manager, Cyber Risk and AnalysisAt Capital One, you
will help consult on initiatives, programs, and projects to raise
their game in Information Security. You are pragmatic and practical
in your understanding of risk and security, but also willing to
know when to pull in experts and escalate. You collaborate and
innovate with other teams within Capital One to push the envelope.
The associate in this role will provide leadership, risk
management, and controls expertise to the Card Technology top of
house organization from a Cyber and Technology lens. In part, this
position will lead first line quality assurance control execution,
evaluation of control design and operating effectiveness, and help
propel the Card organization toward preventive and automated
controls management. Additionally, you will collaborate closely
with associates in our cyber and broader technology organization,
as well as enterprise risk management to evaluate Card's compliance
in the effectiveness of the company's technology controls
infrastructure, and offer independent advice and recommendations
regarding ways to further mature the division's technology risk
management capabilities. You will challenge and innovate within the
Divisional teams and with our Enterprise Cyber & Risk partners to
drive process improvements, automation, and to elevate controls
program efficiency. Security is essential to what we do here, from
protecting our customers to our associates. Responsibilities:
Design a risk management framework enabling line of sight and
governance to both processes and platforms Serve as a liaison,
interfacing with business partners, Tech, and other assurance
functions, such as risk management and cyber to drive meaningful
reductions in risk Synthesize data and reporting; perform analysis
and bring valuable insights through evaluation of data provided by
team analysts Proactively identify information security risk and
partner with key stakeholders to reduce or eliminate risk
Impeccable written and oral communication credentials, coupled with
strategic influencing skills Assess and rationalize control
appropriateness, and glean insights from issues and events across
tech Provide technical assessments of technology control design and
effectiveness by advising on/performing independent testing when
necessary Participate in management of the overall technology
control inventory which defines the scope of the controls review
program Collaborate internally and with our risk community (e.g.
risk managers, risk leads, IRM groups, business risk offices, front
line process owners) to mature our risk event practice
methodologies and advance learning About You: You have a desire to
work in a very fast moving, forward leaning, and modern computing
environment You are a thoughtful leader with focus on people
development You have a strong desire to continually learn about new
technologies You possess strong conceptual thinking and
communication skills You are able to work well under minimal
supervision You are a demonstrated team-oriented professional with
interpersonal skills and the ability to interface effectively with
a broad range of people and roles, including upper management, IT
leaders, and external third parties You maintain calmness and
clarity of thought under pressure and ability to maintain
confidentiality You demonstrate strong ability to analyze
information and data You demonstrate strong subject matter
expertise and sound judgment when analyzing third party risk You
operate in a collaborative manner to effectively assess risk while
maintaining business relationships You develop and communicate
quality recommendations to key stakeholders You communicate
technical issues to non-technical people You demonstrate
collaborative partnership skills for working with various points of
contacts You demonstrate capacity to think broadly but go deep into
subject matter when needed You have a deep understanding of
strategic business objectives and the ability to drive results
toward those objectives Basic Qualifications: High School Diploma,
GED, or equivalent certification At least 8 years of experience
with technology or cyber security risk management frameworks At
least 5 years of experience developing, evaluating, or implementing
cybersecurity, technology, or risk assessment activities Preferred
Qualifications: Bachelors Degree 5+ years of experience in PCI DSS,
NIST, ISO, Physical Security, or IT Operations Management 3+ years
of experience at a Financial Institution 3+ years of IT audit
experience with a big four consulting firm CISSP, CISA, CISM or
CRISC certification 3+ years of experience performing Control Self
Assessments (CSAs), or completing assessments against established
industry risk frameworks, including: the NIST Cybersecurity
Framework, ISO, COBIT v5, or COSO Experience in a regulated
environment At this time, Capital One will not sponsor a new
applicant for employment authorization for this position. Capital
One offers a comprehensive, competitive, and inclusive set of
health, financial and other benefits that support your total
well-being. Learn more at the Capital One Careers website.
Eligibility varies based on full or part-time status, exempt or
non-exempt status, and management level. This role is expected to
accept applications for a minimum of 5 business days.No agencies
please. Capital One is an equal opportunity employer committed to
diversity and inclusion in the workplace. All qualified applicants
will receive consideration for employment without regard to sex
(including pregnancy, childbirth or related medical conditions),
race, color, age, national origin, religion, disability, genetic
information, marital status, sexual orientation, gender identity,
gender reassignment, citizenship, immigration status, protected
veteran status, or any other basis prohibited under applicable
federal, state or local law. Capital One promotes a drug-free
workplace. Capital One will consider for employment qualified
applicants with a criminal history in a manner consistent with the
requirements of applicable laws regarding criminal background
inquiries, including, to the extent applicable, Article 23-A of the
New York Correction Law; San Francisco, California Police Code
Article 49, Sections 4901-4920; New York City's Fair Chance Act;
Philadelphia's Fair Criminal Records Screening Act; and other
applicable federal, state, and local laws and regulations regarding
criminal background inquiries.If you have visited our website in
search of information on employment opportunities or to apply for a
position, and you require an accommodation, please contact Capital
One Recruiting at 1-800-304-9102 or via email at
RecruitingAccommodation@capitalone.com. All information you provide
will be kept confidential and will be used only to the extent
required to provide needed reasonable accommodations. For technical
support or questions about Capital One's recruiting process, please
send an email to Careers@capitalone.com Capital One does not
provide, endorse nor guarantee and is not liable for third-party
products, services, educational tools or other information
available through this site. Capital One Financial is made up of
several different entities. Please note that any position posted in
Canada is for Capital One Canada, any position posted in the United
Kingdom is for Capital One Europe and any position posted in the
Philippines is for Capital One Philippines Service Corp.
(COPSSC).
Keywords: Capital One, Malden , Senior Manager, Cyber Risk and Analysis - Capital One, Executive , Dedham, Massachusetts
Click
here to apply!
|