Director, Technology & Cyber Risk Officer
Company: Capital One
Location: Richmond
Posted on: September 27, 2024
Job Description:
NYC 299 Park Avenue (22957), United States of America, New York,
New YorkDirector, Technology & Cyber Risk OfficerCapital One is one
of the fastest growing organizations in the world today, powered by
our passion for our customers. We are serious about technology, we
dream big, and we execute: Capital One moved our entire enterprise
to the public cloud over the course of five years. Just as we
prioritize driving innovation through technology, we equally
prioritize cybersecurity, reliability, and managing technology
risk. -For years, the cybersecurity community has debated whether
the CISO should report to the CIO or not. In regulated financial
services, the answer is: both. The first-line CISO has operational
responsibilities and reports to the CIO. The second-line Chief Tech
Risk Officer (CTRO) and the Technology Risk Management (TRM)
organization have broader responsibilities for cybersecurity but
also reliability, software quality, resilience, and other
technology risks. The CTRO is independent, reports to the Chief
Risk Officer, and oversees the work of the CISO and the
CIO.Technology Risk Management (TRM) is a small organization that
packs a big punch. The -100 professionals in TRM are trusted
experts who oversee -14,000 developers at Capital One. We raise the
bar for excellence in cybersecurity, reliability, and tech risk. We
shape strategy and decisions, challenge activities to ensure they
meet our standards, and perform independent tests of our security
and technology risk.Our business leaders must make technology
decisions constantly. TRM makes sure they have the tech risk
information they need to make good decisions. Associates within TRM
are highly-skilled information security, cybersecurity, site
reliability engineering, technology, and risk management
professionals. They have a wealth of experience and a demonstrated
ability to add value with their advice and to deliver high-impact
results.This position - Director, Technology & Cyber Risk - will
play a high-impact role in enhancing the organization's
cybersecurity and technology risk posture. - The successful
candidate will be an Individual Contributor covering - three
divisions: Commercial, Retail and our growing portfolio - across
Premium Products and Experiences inclusive of Capital One Shopping.
-Key responsibilities include - - identifying potential
cybersecurity and technology risks associated with critical
business processes, assessing potential impacts to those processes
and elevating the level of engagement with business and tech
leaders. - They will provide guidance to key stakeholders including
by.and engaging with other leaders to counseling them on the risk
treatment options based on Line of Business and enterprise risk
appetite. -The successful candidate will excel in building
relationships across levels based upon trust, respect and knowledge
sharing to solve complex problems with innovative solutions. -
Strong knowledge of technology/cyber risk, industry, and regulatory
trends are essential, paired with strategic thinking, an
intellectually curious nature and an ability to thrive in undefined
problem spaces. This role will also be expected to lead on our
"GLU" (Growing Together, Learning and Upskilling) Program to
support the team moving into a new phase of maturity for our Risk
Advisors. The development of the GLU program is integral to RiskIDs
success throughout 2024 and beyond with the primary focus on
people, not process. - -As part of the second line of defense, it
is critical to foster strong working relationships with other
leaders in the Lines of Business, Cyber and Technology
organizations, and other risk management offices to perform and
support evaluations of the firm's risk posture and offer
independent advice and recommendations regarding ways to reduce
risks. - -Responsibilities:
- Influence executives across the Lines of Business to take
accountability for complex (and sometimes sensitive) technology and
cyber risks
- Develop and implement Divisional Risk profiles -
- Leverage leadership experience and executive influencing skills
to raise the level of challenge activities to a strategic
focus
- Constructively debate issues and connect the dots across
various assessments (typically includes risk and control
self-assessments, critical business process-level assessments,
assessments of new initiatives, scenario analysis, challenge of
risk acceptances, etc.)
- Identify opportunities to influence risk-taking strategies and
ensure that aggregate risk is understood
- Demonstrate robust risk management oversight in supporting
various internal audits and regulatory exams
- Mentor and develop associates to meet their professional
development goalsA successful candidate will have:
- Superb communication skills that include active listening and
executive presentation skills
- Proven critical analytical, including and the ability to
express a point of view supported by data (with both technical and
non-technical audiences)
- Comfort raising concerns early and knows when to escalate,
including the ability to raise issues and facilitate constructive
problem-solving at all levels of the organization
- Expertise in technology and cybersecurity domains, with an
ability to be confident, respectful, and articulate when
registering dissenting or unpopular opinions
- Ability to collaborate effectively with colleagues,
stakeholders, and leaders across multiple organizations to get
consensus, socialize strategy, and achieve objectives
- Track record of providing strategic direction to teams, peers,
and stakeholders to drive results, solve problems, and influence
outcomesBasic Qualifications:
- Bachelor's degree or military experience
- At least 5 years of experience working in information security,
information technology or risk management -
- At least 5 years of experience developing, evaluating, or
implementing cybersecurity, technology or risk assessment
activities
- At least 1 professional security management or risk management
certification: Certified Information Systems Security Professional
(CISSP), Certified Information Security Manager (CISM), Certified
Informations Systems Auditor (CISA), Certified Risk & Information
Systems Control (CRISC), Certified Information Privacy Professional
(CIPP) or Open FAIR Certified Preferred Qualifications:
- Master's degree
- Knowledge of supervisory expectations expressed in the FFIEC IT
Handbook, Federal Reserve Supervisory Letters, Office of the
Comptroller of the Currency Bulletins, and/or Federal Deposit
Insurance Corporation Financial Institution LettersAt this time,
Capital One will not sponsor a new applicant for employment
authorization for this position.The minimum and maximum full-time
annual salaries for this role are listed below, by location. Please
note that this salary information is solely for candidates hired to
perform work within one of these locations, and refers to the
amount Capital One is willing to pay at the time of this posting.
Salaries for part-time roles will be prorated based upon the agreed
upon number of hours to be regularly worked.New York City (Hybrid
On-Site): $233,100 - $266,000 for Director, Cyber Risk &
AnalysisCandidates hired to work in other locations will be subject
to the pay range associated with that location, and the actual
annualized salary amount offered to any candidate at the time of
hire will be reflected solely in the candidate's offer letter.This
role is also eligible to earn performance based incentive
compensation, which may include cash bonus(es) and/or long term
incentives (LTI). Incentives could be discretionary or non
discretionary depending on the plan.Capital One offers a
comprehensive, competitive, and inclusive set of health, financial
and other benefits that support your total well-being. Learn more
at the -Capital One Careers website. Eligibility varies based on
full or part-time status, exempt or non-exempt status, and
management level.This role is expected to accept applications for a
minimum of 5 business days.No agencies please. Capital One is an
equal opportunity employer committed to diversity and inclusion in
the workplace. All qualified applicants will receive consideration
for employment without regard to sex (including pregnancy,
childbirth or related medical conditions), race, color, age,
national origin, religion, disability, genetic information, marital
status, sexual orientation, gender identity, gender reassignment,
citizenship, immigration status, protected veteran status, or any
other basis prohibited under applicable federal, state or local
law. Capital One promotes a drug-free workplace. Capital One will
consider for employment qualified applicants with a criminal
history in a manner consistent with the requirements of applicable
laws regarding criminal background inquiries, including, to the
extent applicable, Article 23-A of the New York Correction Law; San
Francisco, California Police Code Article 49, Sections 4901-4920;
New York City's Fair Chance Act; Philadelphia's Fair Criminal
Records Screening Act; and other applicable federal, state, and
local laws and regulations regarding criminal background
inquiries.If you have visited our website in search of information
on employment opportunities or to apply for a position, and you
require an accommodation, please contact Capital One Recruiting at
1-800-304-9102 or via email at
RecruitingAccommodation@capitalone.com. All information you provide
will be kept confidential and will be used only to the extent
required to provide needed reasonable accommodations.For technical
support or questions about Capital One's recruiting process, please
send an email to Careers@capitalone.comCapital One does not
provide, endorse nor guarantee and is not liable for third-party
products, services, educational tools or other information
available through this site.Capital One Financial is made up of
several different entities. Please note that any position posted in
Canada is for Capital One Canada, any position posted in the United
Kingdom is for Capital One Europe and any position posted in the
Philippines is for Capital One Philippines Service Corp.
(COPSSC).
Keywords: Capital One, Richmond , Director, Technology & Cyber Risk Officer, Executive , Richmond, Virginia
Didn't find what you're looking for? Search again!
Loading more jobs...