Capital One National Association
Director, Cyber and Tech Risk Execution
Capital One National Association, Plano, Texas, us, 75086
Overview
Director, Cyber and Tech Risk Execution. Capital One is a growth‑oriented technology and risk organization. We emphasize cybersecurity, reliability, software quality, and data management as we scale technology and risk programs across the enterprise. Technology & Data Risk Management (TDRM) is a team of approximately 200 professionals overseeing around 14,000 developers. We shape strategy, test risk, and ensure risk and data management standards are met across the organization. The Chief Tech Risk Officer (CTRO) leads risk oversight, reporting to the Chief Risk Officer. The role collaborates with the CISO, CIO/CTO, and Chief Data Officer to support first‑line technology decisions with strong risk guidance. Our business leaders continuously make technology decisions. TDRM provides risk information to enable informed decisions. We have a diverse team of information security, cybersecurity, site reliability engineering, technology, data analytics, data science, and risk management professionals who deliver high‑impact results. Role Summary: As a Director of Cyber and Tech Risk Execution, you will support the first line with the practical application of the Risk Levelling Program, ensuring risks are defined and measured consistently to drive action. You will influence across the organization, execute the program, mentor senior risk managers, and meet enterprise‑wide deadlines. You will also execute risk framework activities across divisions, advising on risk assessment and treatment options, and stay current on technology risk trends and regulatory developments. Responsibilities also include guiding and mentoring associates in the RAPID team and demonstrating model behavior in risk expertise and stakeholder influence while delivering against deadlines. Qualifications focus on strong risk knowledge, strategic thinking, and the ability to thrive in undefined problem spaces. Responsibilities
Influence executives across the Lines of Business to take accountability for complex technology and cyber risks. Execute the Risk Leveling program across centralized and decentralized divisions. Leverage leadership experience and executive influencing skills to improve risk maturity. Engage in constructive debate and connect assessments across risk and control activities, business processes, new initiatives, scenario analysis, and risk acceptances. Identify opportunities to influence risk-taking strategies. Provide robust risk management oversight in support of internal audits and regulatory exams. Mentor and develop associates to meet professional development goals. Maintain a broad, expert understanding of technology risk frameworks and apply it to risk identification and mitigation. Communicate subject‑matter expertise in risk categorization and safeguarding the enterprise in evolving environments. Demonstrate strong critical thinking and the ability to navigate the unknown. Utilize reporting and tools to analyze data points, inform policies, and drive tech and cyber risk change. Manage lifecycle program activities including action plans, impediments, risks, and stakeholder training/engagement. Qualifications
Basic Qualifications: Bachelor’s Degree with at least 7 years of information security, information technology, or risk management experience; or High School Diploma/GED with at least 9 years in these areas. At least 5 years of experience developing, evaluating, or implementing cybersecurity, technology, or risk assessment activities. Professional security or risk management certification (e.g., CISSP, CISM, CISA, CRISC, CIPP, or Open FAIR) is preferred. Preferred Qualifications
Master’s Degree (preferred). Knowledge of supervisory expectations in FFIEC IT Handbook, Federal Reserve Supervisory Letters, OCC Bulletins, or FDIC Financial Institution Letters. At this time, Capital One will not sponsor a new applicant for employment authorization for this position. The salary ranges listed are location‑specific and subject to offer letter terms. Locations include McLean, VA; New York, NY; Plano, TX; and Richmond, VA. Other locations follow the salary range for that location. This role is eligible for performance‑based incentives, which may include cash bonuses and long‑term incentives. Capital One offers comprehensive benefits and a focus on well‑being. All applicants will be considered for employment without regard to any protected characteristic. Capital One is an equal opportunity employer (EOE) committed to non‑discrimination and a drug‑free workplace. We may consider qualified applicants with criminal histories in accordance with applicable laws. If you require accommodations during the application process, please contact Capital One Recruiting at 1‑800‑304‑9102 or via email for accommodations. The information provided will be used solely to provide needed accommodations. For technical support or questions about Capital One’s recruiting process, please contact Careers@capitalone.com. Capital One does not provide, endorse, guarantee, or assume liability for third‑party products or services listed on this site. Capital One Financial is made up of several entities, and postings may refer to Capital One Canada, Capital One Europe, or Capital One Philippines Service Corp depending on location.
#J-18808-Ljbffr
Director, Cyber and Tech Risk Execution. Capital One is a growth‑oriented technology and risk organization. We emphasize cybersecurity, reliability, software quality, and data management as we scale technology and risk programs across the enterprise. Technology & Data Risk Management (TDRM) is a team of approximately 200 professionals overseeing around 14,000 developers. We shape strategy, test risk, and ensure risk and data management standards are met across the organization. The Chief Tech Risk Officer (CTRO) leads risk oversight, reporting to the Chief Risk Officer. The role collaborates with the CISO, CIO/CTO, and Chief Data Officer to support first‑line technology decisions with strong risk guidance. Our business leaders continuously make technology decisions. TDRM provides risk information to enable informed decisions. We have a diverse team of information security, cybersecurity, site reliability engineering, technology, data analytics, data science, and risk management professionals who deliver high‑impact results. Role Summary: As a Director of Cyber and Tech Risk Execution, you will support the first line with the practical application of the Risk Levelling Program, ensuring risks are defined and measured consistently to drive action. You will influence across the organization, execute the program, mentor senior risk managers, and meet enterprise‑wide deadlines. You will also execute risk framework activities across divisions, advising on risk assessment and treatment options, and stay current on technology risk trends and regulatory developments. Responsibilities also include guiding and mentoring associates in the RAPID team and demonstrating model behavior in risk expertise and stakeholder influence while delivering against deadlines. Qualifications focus on strong risk knowledge, strategic thinking, and the ability to thrive in undefined problem spaces. Responsibilities
Influence executives across the Lines of Business to take accountability for complex technology and cyber risks. Execute the Risk Leveling program across centralized and decentralized divisions. Leverage leadership experience and executive influencing skills to improve risk maturity. Engage in constructive debate and connect assessments across risk and control activities, business processes, new initiatives, scenario analysis, and risk acceptances. Identify opportunities to influence risk-taking strategies. Provide robust risk management oversight in support of internal audits and regulatory exams. Mentor and develop associates to meet professional development goals. Maintain a broad, expert understanding of technology risk frameworks and apply it to risk identification and mitigation. Communicate subject‑matter expertise in risk categorization and safeguarding the enterprise in evolving environments. Demonstrate strong critical thinking and the ability to navigate the unknown. Utilize reporting and tools to analyze data points, inform policies, and drive tech and cyber risk change. Manage lifecycle program activities including action plans, impediments, risks, and stakeholder training/engagement. Qualifications
Basic Qualifications: Bachelor’s Degree with at least 7 years of information security, information technology, or risk management experience; or High School Diploma/GED with at least 9 years in these areas. At least 5 years of experience developing, evaluating, or implementing cybersecurity, technology, or risk assessment activities. Professional security or risk management certification (e.g., CISSP, CISM, CISA, CRISC, CIPP, or Open FAIR) is preferred. Preferred Qualifications
Master’s Degree (preferred). Knowledge of supervisory expectations in FFIEC IT Handbook, Federal Reserve Supervisory Letters, OCC Bulletins, or FDIC Financial Institution Letters. At this time, Capital One will not sponsor a new applicant for employment authorization for this position. The salary ranges listed are location‑specific and subject to offer letter terms. Locations include McLean, VA; New York, NY; Plano, TX; and Richmond, VA. Other locations follow the salary range for that location. This role is eligible for performance‑based incentives, which may include cash bonuses and long‑term incentives. Capital One offers comprehensive benefits and a focus on well‑being. All applicants will be considered for employment without regard to any protected characteristic. Capital One is an equal opportunity employer (EOE) committed to non‑discrimination and a drug‑free workplace. We may consider qualified applicants with criminal histories in accordance with applicable laws. If you require accommodations during the application process, please contact Capital One Recruiting at 1‑800‑304‑9102 or via email for accommodations. The information provided will be used solely to provide needed accommodations. For technical support or questions about Capital One’s recruiting process, please contact Careers@capitalone.com. Capital One does not provide, endorse, guarantee, or assume liability for third‑party products or services listed on this site. Capital One Financial is made up of several entities, and postings may refer to Capital One Canada, Capital One Europe, or Capital One Philippines Service Corp depending on location.
#J-18808-Ljbffr