Senior Manager, Technology & Cyber Risk

Company: Capital One
Location: Cambridge
Posted on: March 17, 2023

Job Description:

Center 2 (19050), United States of America, McLean, Virginia

Senior Manager, Technology & Cyber Risk

The Technology Risk team is a dynamic first line function, with a focus on ensuring they are the conscience of all areas of Technology when it comes to Technology and Cyber Risk. As we look to build on the foundations of our current Risk Management team and services, we are looking for a Senior Manager to join our new Technology and Cyber Risk Assessment team, working closely with the Technology teams and Risk partners across the wider Enterprise to establish best practices and be a Contributor, with an ability to influence positive outcomes supporting the wider Cyber and Tech Risk Strategy for Capital One.

Technology Risk Management professionals ensure our Company remains well-managed and profitable. They are highly motivated, experienced, collaborative, credentialed Risk Management professionals that are forward thinking, quick to adapt, and technologically adept. These skills allow them to gain insights, act as a change agent to influence technology partners, and deliver value-added risk management services. As a member of the Enterprise Services Tech Risk Management Team, you will focus on reviews of critical technology functions including cloud-based technology, emerging technology, and cybersecurity risks. You will have a high level of exposure across lines of business and have the opportunity to work with senior Technical and Cyber Executives to create and implement innovative solutions to appropriately identify, assess, and mitigate risks across Capital One Technology Lines of Business.

What you will do

• Be part of a team of dedicated Technical Risk Assessment professionals to provide a one stop service to all lines of business for areas for high priority technical risk assessments.
• Support the Provisioning of a service to enable Enterprise Services Risk to provide a differentiated risk assessment service and view that can more proactively identify risk, and support management in the key decisions .
  • Provide centralised technical risk assessment support to :
    • Areas of focus identified by Tech Risk Guides from across the Business
    • Cyber Initiatives managed by the Cyber Enterprise Program Office
    • Areas of focus from second and third lines of defence
    • Provide support to the remediation of Audit and Regulatory requests
      • Use you technical skills and knowledge to challenge and support Technology teams to articulate and drive actions that will reduce and remediate risk
      • Be a trusted advisor both leading and driving effective and relevant Tech and Cyber risk conversations with Technology and Cyber leadership and their teams.
      • Be comfortable in reaching pragmatic outcomes between short-term and long-term business needs
      • Informed consultant to develop and deliver appropriate messages on risk themes and challenge remediation activities and plans.
      • Approachable and effective partner to navigate regulatory and compliance requirements and to help develop fit for purpose solutions with the ability to flex where appropriate
      • Partner with Enterprise, including UK, Risk Partners to remove complexity and improve efficiency
      • Maintain an up-to-date and in-depth industry and technical expertise in areas of technology risk
      • Ensuring key messages are understood and actions are underway, providing risk input, context and challenge through appropriate and timely reporting and governance actions. What we're looking for
        • An Engineer with Technology Governance, Risk, and Compliance knowledge and expertise (including cyber).
        • Excellent verbal presentation and written communication skills to confidently interact with the cyber organization and enterprise stakeholders
        • Proven problem-solving, analytical and critical thinking skills to effectively respond to shifting priorities, demands and timelines
        • Knowledge of the UK and US regulatory landscapes
        • Practical hands-on experience in a Technology and/or Cyber environment, with a proven ability to remove or reduce complexity, ideally within a large organization.
        • Experience in performing Control Self Assessments (CSAs), or completing assessments against established industry risk frameworks, including the NIST Framework.
        • Experience performing data analysis in support of internal risk assessments and control reviews
        • Relevant organizational and communication skills to establish effective relationships with diverse business and technical areas
        • Data visualization, analysis, and reporting using Tableau Basic Qualifications:
          • Bachelor's Degree or military experience
          • At least 7 years experience in Technology/Cyber Risk, Technology/Cyber Internal or External Audit, or a combination Preferred Qualifications:
            • Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), Certified Information Security Manager (CISM), or related certifications
            • Consulting experience with a Big 4 firm At this time, Capital One will not sponsor a new applicant for employment authorization for this position.
              
              The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked.
              
              Location is New York City: $195,200 - $222,800 for Sr. Manager, Cyber Risk & Analysis
              
              Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter.
              
              This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan.
              Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.
              
              No agencies please. Capital One is an Equal Opportunity Employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex, race, color, age, national origin, religion, physical and mental disability, genetic information, marital status, sexual orientation, gender identity/assignment, citizenship, pregnancy or maternity, protected veteran status, or any other status prohibited by applicable national, federal, state or local law. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries.
              
              If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.
              
              For technical support or questions about Capital One's recruiting process, please send an email to
              
              Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site.
              
              Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).
              
              

Keywords: Capital One, Cambridge , Senior Manager, Technology & Cyber Risk, Executive , Cambridge, Massachusetts