Capital One
Senior Manager, Risk Advisor, Technology and Data Risk Management
Capital One, Mc Lean, Virginia, us, 22107
Overview
Senior Manager, Risk Advisor, Technology and Data Risk Management Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, software quality, and data management. Technology & Data Risk Management (TDRM) is a small organization that packs a big punch. The ~200 professionals in TDRM oversee ~14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk, and data management risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. The Chief Tech Risk Officer (CTRO) is independent and oversees the work of the CISO, the CIO/CTO, and the Chief Data Officer. The CTRO reports to the Chief Risk Officer, who reports directly to the CEO. Our business leaders must make technology decisions constantly, and TDRM provides the tech and data risk information they need to make good decisions. Responsibilities
Lead independent risk analysis workshops and apply quantitative and qualitative risk assessment methodologies. Understand the stack of controls, identify new approaches to reducing risk, and review, analyze, aggregate and compare outputs of different assessments. Influence the 1st Line to drive definition and prioritization of high‑leverage risk reduction initiatives and provide expert guidance across TRM. Foster strong working relationships with other 1st and 2nd Line groups and navigate the Enterprise Risk Management framework. Shape and refine the risk program, operate with autonomy and empowerment from senior leadership, and think strategically to drive change. Ideal Candidate
Contributes to an inclusive and accountable team culture. Critical analytical thinker who can express a point of view supported by data for technical and non-technical audiences. Excellent communication and teaching skills; strong influencing and persuasion abilities. Raises concerns early and knows when to escalate, facilitating constructive problem-solving at all levels. Passion and expertise in technology and cybersecurity; able to register dissenting opinions respectfully and articulately. Able to manage multiple parallel initiatives while delivering superior results. Execution oriented and self-motivated; personal resilience to stay optimistic during crises or change. Required Qualifications
Bachelor’s degree or military experience. At least 6 years of experience managing, consulting, or auditing in risk management, information security or technology. At least 5 years of experience performing or challenging risk assessments using qualitative and quantitative methodologies (COSO, FAIR, PRC library, RCSA, scenario analysis, etc.). Professional security management certification (Open FAIR, CISSP, CISM, CISA, or CRISC). Preferred Qualifications
Master’s degree in Information Technology, Cybersecurity, or equivalent. 5+ years of experience communicating and presenting data to technical and non-technical audiences. 5+ years of experience applying risk quantification methodologies and rolling out risk framework changes. 4+ years of experience interacting with stakeholders and leaders across multiple organizations. 4+ years of experience in a second-line or oversight role at a financial institution or regulatory agency. Note: Capital One will not sponsor new employment authorization for this position. Compensation and Benefits
The minimum and maximum full-time annual salaries are listed by location in this posting. Pay ranges reflect the amount Capital One is willing to pay at the time of hire for specific locations. Salaries for part-time roles will be prorated. Locations include Chicago, IL; McLean, VA; New York, NY; Plano, TX; and Richmond, VA. Candidates hired in other locations will be paid according to the applicable location range. This role is eligible for performance-based incentive compensation and may include cash bonuses and/or long-term incentives. Capital One offers a comprehensive and inclusive set of benefits. Eligibility varies by status and management level. For accommodation requests during the application process, contact Capital One Recruiting. Additional Information
Capital One is an equal opportunity employer (EOE, including disability/vet) and promotes a drug-free workplace. Capital One may consider qualified applicants with criminal histories in a manner consistent with applicable laws. For questions about recruiting or accommodations, contact RecruitingAccommodation@capitalone.com. For technical support or questions about the recruiting process, please email Careers@capitalone.com. Capital One does not guarantee third-party products or services available through this site. Some postings may be for Capital One entities in different regions.
#J-18808-Ljbffr
Senior Manager, Risk Advisor, Technology and Data Risk Management Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, software quality, and data management. Technology & Data Risk Management (TDRM) is a small organization that packs a big punch. The ~200 professionals in TDRM oversee ~14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk, and data management risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. The Chief Tech Risk Officer (CTRO) is independent and oversees the work of the CISO, the CIO/CTO, and the Chief Data Officer. The CTRO reports to the Chief Risk Officer, who reports directly to the CEO. Our business leaders must make technology decisions constantly, and TDRM provides the tech and data risk information they need to make good decisions. Responsibilities
Lead independent risk analysis workshops and apply quantitative and qualitative risk assessment methodologies. Understand the stack of controls, identify new approaches to reducing risk, and review, analyze, aggregate and compare outputs of different assessments. Influence the 1st Line to drive definition and prioritization of high‑leverage risk reduction initiatives and provide expert guidance across TRM. Foster strong working relationships with other 1st and 2nd Line groups and navigate the Enterprise Risk Management framework. Shape and refine the risk program, operate with autonomy and empowerment from senior leadership, and think strategically to drive change. Ideal Candidate
Contributes to an inclusive and accountable team culture. Critical analytical thinker who can express a point of view supported by data for technical and non-technical audiences. Excellent communication and teaching skills; strong influencing and persuasion abilities. Raises concerns early and knows when to escalate, facilitating constructive problem-solving at all levels. Passion and expertise in technology and cybersecurity; able to register dissenting opinions respectfully and articulately. Able to manage multiple parallel initiatives while delivering superior results. Execution oriented and self-motivated; personal resilience to stay optimistic during crises or change. Required Qualifications
Bachelor’s degree or military experience. At least 6 years of experience managing, consulting, or auditing in risk management, information security or technology. At least 5 years of experience performing or challenging risk assessments using qualitative and quantitative methodologies (COSO, FAIR, PRC library, RCSA, scenario analysis, etc.). Professional security management certification (Open FAIR, CISSP, CISM, CISA, or CRISC). Preferred Qualifications
Master’s degree in Information Technology, Cybersecurity, or equivalent. 5+ years of experience communicating and presenting data to technical and non-technical audiences. 5+ years of experience applying risk quantification methodologies and rolling out risk framework changes. 4+ years of experience interacting with stakeholders and leaders across multiple organizations. 4+ years of experience in a second-line or oversight role at a financial institution or regulatory agency. Note: Capital One will not sponsor new employment authorization for this position. Compensation and Benefits
The minimum and maximum full-time annual salaries are listed by location in this posting. Pay ranges reflect the amount Capital One is willing to pay at the time of hire for specific locations. Salaries for part-time roles will be prorated. Locations include Chicago, IL; McLean, VA; New York, NY; Plano, TX; and Richmond, VA. Candidates hired in other locations will be paid according to the applicable location range. This role is eligible for performance-based incentive compensation and may include cash bonuses and/or long-term incentives. Capital One offers a comprehensive and inclusive set of benefits. Eligibility varies by status and management level. For accommodation requests during the application process, contact Capital One Recruiting. Additional Information
Capital One is an equal opportunity employer (EOE, including disability/vet) and promotes a drug-free workplace. Capital One may consider qualified applicants with criminal histories in a manner consistent with applicable laws. For questions about recruiting or accommodations, contact RecruitingAccommodation@capitalone.com. For technical support or questions about the recruiting process, please email Careers@capitalone.com. Capital One does not guarantee third-party products or services available through this site. Some postings may be for Capital One entities in different regions.
#J-18808-Ljbffr