Manager, Cyber Risk and Analysis
Company: Capital One
Location: Annandale
Posted on: April 24, 2024
|
|
Job Description:
Center 3 (19075), United States of America, McLean,
VirginiaManager, Cyber Risk and AnalysisCapital One is one of the
fastest growing organizations in the world today. The growth of the
business is being accelerated by leveraging innovative and emerging
technologies. We are serious about technology, we dream big, and we
execute: Capital One moved our entire enterprise to the public
cloud over the course of five years, fully exiting our data
centers. Just as we prioritize driving innovation through
technology, we equally prioritize cybersecurity and managing
technology risk. Cybersecurity Risk professionals at Capital One
are trusted expert advisers who shape decisions, challenge
activities to ensure they meet our standards, and generally oversee
technology, cybersecurity, and information security risk across the
business and the central technology organization. Cybersecurity
risk and analysis plays a critical role in ensuring that the
company's risk-taking entities are aware of the risks inherent in
their activities and decisions, the impact of their actions on the
company at an enterprise level, and opportunities to reduce,
mitigate, or avoid the risks altogether. Associates are
highly-skilled and have a wealth of experience and a demonstrated
ability to provide value added recommendations and deliver
high-impact results in the cybersecurity domain areas. As an
associate in Capital One's Cyber Information Security Office, you
will work with top talent in an entrepreneurial environment to
solve problems and drive solutions to help the company reduce cyber
risk. You will work with smart and passionate people to deliver
results that have a direct impact on the company's cyber risk
portfolio. You will be challenged to excel alongside the brightest
talent in the industry and be rewarded for your achievements. The
demands and high-visibility nature of this position require an
expert with a proven ability to work independently in a fast-paced
environment and who can begin contributing immediately. Job
Responsibilities: Analyze and interpret industry standards,
regulations, and best practices to develop risk management tooling
to identify cyber risk trends, gap analysis, or maturity
opportunities Normalize and translate cyber risks at the
organizational level to support a fully integrated, prioritized,
enterprise-wide view of organizational risks to drive strategic and
business decisions Using risk profiles and dynamic reporting
mechanisms, cybersecurity risk information is incorporated into the
organization's enterprise risk management program and utilized to
provide a fully integrated, prioritized, enterprise-wide view of
organizational risks to drive strategic and business decisions Help
to enhance cyber risk management processes across Capital One by
providing thought leadership, oversight, and coordination with
other risk management activities across the company Aggregate and
evaluate risks, develop and maintain a risk register, perform risk
analysis and quantification to enumerate top risks and provide risk
reporting Analyze information to proactively identify risks,
trends, and process improvements; supporting reporting on risk
topics to management Assist and drive project and program delivery,
including project and process management, reporting, engagement in
senior leadership meetings, drafting and reviewing materials for
senior management and the Board of directors, and other governance
activities Build successful relationships with Tech, Cyber, and
Enterprise Risk to understand the impact of cyber risk on business
processes Participate in risk and other management forums and
contribute to continuous improvement of risk and project or program
management practices Candidates for this role will have: Deep
understanding of risk management principles, expertise in assessing
cybersecurity controls, and a strong technical background
Experience in risk evaluation or assessment methodologies, risk
analysis, and risk reporting Self prioritize and effectively plan
your own work activities managing multiple priorities and tasks
across the team to deliver quality results. Proactively take on
additional work to support the team when possible Establish and
maintain good working relationships during engagement. Effectively
communicate information and project process to team and other
stakeholders involved Advanced skill presenting findings,
conclusions, alternatives, and information clearly and concisely
Basic Qualifications: High School Diploma, GED, or equivalent
certification At least 6 years of project management experience
leading cross functional projects in Risk At least 6 years of
experience with Risk Management Frameworks (RMF) At least 6 years
of experience in cybersecurity, risk, or technology industry
standards (ISO 27001, NIST CSF and 800 series, MITRE ATTACK, MITRE
DEFEND, FFIEC, COBIT, PCI-DSS, or FAIR) At least 6 years of
experience developing, evaluating, or implementing cybersecurity,
information technology, or risk assessment activities Preferred
Qualifications: Bachelor's Degree Experience with cloud risk,
governance, control, and security CISA, CISM, CRISC, or CISSP
Certification At this time, Capital One will not sponsor a new
applicant for employment authorization for this position. Capital
One offers a comprehensive, competitive, and inclusive set of
health, financial and other benefits that support your total
well-being. Learn more at the Capital One Careers website.
Eligibility varies based on full or part-time status, exempt or
non-exempt status, and management level. This role is expected to
accept applications for a minimum of 5 business days.No agencies
please. Capital One is an equal opportunity employer committed to
diversity and inclusion in the workplace. All qualified applicants
will receive consideration for employment without regard to sex
(including pregnancy, childbirth or related medical conditions),
race, color, age, national origin, religion, disability, genetic
information, marital status, sexual orientation, gender identity,
gender reassignment, citizenship, immigration status, protected
veteran status, or any other basis prohibited under applicable
federal, state or local law. Capital One promotes a drug-free
workplace. Capital One will consider for employment qualified
applicants with a criminal history in a manner consistent with the
requirements of applicable laws regarding criminal background
inquiries, including, to the extent applicable, Article 23-A of the
New York Correction Law; San Francisco, California Police Code
Article 49, Sections 4901-4920; New York City's Fair Chance Act;
Philadelphia's Fair Criminal Records Screening Act; and other
applicable federal, state, and local laws and regulations regarding
criminal background inquiries.If you have visited our website in
search of information on employment opportunities or to apply for a
position, and you require an accommodation, please contact Capital
One Recruiting at 1-800-304-9102 or via email at
RecruitingAccommodation@capitalone.com. All information you provide
will be kept confidential and will be used only to the extent
required to provide needed reasonable accommodations. For technical
support or questions about Capital One's recruiting process, please
send an email to Careers@capitalone.com Capital One does not
provide, endorse nor guarantee and is not liable for third-party
products, services, educational tools or other information
available through this site. Capital One Financial is made up of
several different entities. Please note that any position posted in
Canada is for Capital One Canada, any position posted in the United
Kingdom is for Capital One Europe and any position posted in the
Philippines is for Capital One Philippines Service Corp.
(COPSSC).
Keywords: Capital One, Burke , Manager, Cyber Risk and Analysis, Executive , Annandale, Virginia
Click
here to apply!
|