Capital One
Director of Data Protection - Technology Risk Management
Capital One, Mc Lean, Virginia, us, 22107
* Play a lead role in identifying areas of cyber risk to provide oversight, analysis, effective challenge, and risk-informed recommendations.* Provide and manage the production of technical assessments of the effectiveness and design of cybersecurity controls* Conduct assessments and draft assessment for senior management and other stakeholders, to include regulatory agencies and the Board of Directors, as needed.* Manage a team of cybersecurity professionals. Set vision and direction, manage performance and career development of associates.* Stay current on emerging cyber threats and risk management approaches.* Collaborate effectively with stakeholders and leaders across multiple organizations to achieve objectives.* Coordinate program-related activities and deliverables to ensure effective collaboration within the team and across stakeholder groups.* Promote and influence change in technology and program from the first line of defense that drives management of technology and cyber risk within the company’s appetite.* A Bachelor’s degree or military experience* At least 7 years of cybersecurity operations experience with enterprise-grade data protection tools or processes* At least 5 years of experience in data protection or technology processes, Data Loss Prevention (DLP), data identification, classification, minimization, tokenization, encryption, secure transfer, retention, destruction or a combination.* At least 5 years of experience of people management* At least 2 years of data or certificate management experience* At least 2 years of experience with public cloud infrastructure or security principles* At least 1 professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified in Risk and Information Systems Control (CRISC), Security+ - CompTIA* Excellent written and verbal communication skills. This role requires the ability to articulate complex technical concepts in clear, concise, actionable manner through both written products and verbal communications* At least 2 years of experience managing, consulting, auditing, or working in the fields of information security, technology, or risk management* Familiarity with the field of
threat intelligence concepts. Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers* Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate* Familiarity with financial sector regulatory practices and second line of defense effective challenge* Experience with performing risk assessments and risk reporting* Passion and expertise in cybersecurity, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions* Ability to manage multiple projects while maintaining superior results* Ability to work cross-functionally, individually, and to lead work among a team* Execution oriented and a self-motivator* Familiarity NIST Cybersecurity Framework controls, NIST 800-53, ISO 27000-1Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. #J-18808-Ljbffr
threat intelligence concepts. Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers* Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate* Familiarity with financial sector regulatory practices and second line of defense effective challenge* Experience with performing risk assessments and risk reporting* Passion and expertise in cybersecurity, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions* Ability to manage multiple projects while maintaining superior results* Ability to work cross-functionally, individually, and to lead work among a team* Execution oriented and a self-motivator* Familiarity NIST Cybersecurity Framework controls, NIST 800-53, ISO 27000-1Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. #J-18808-Ljbffr