Capital One
Director of Business Risk Management for Enterprise Services
Capital One, York, Pennsylvania, United States, 17404
Join Capital One as a Director of Business Risk Management for our Enterprise Services Risk Office. Capital One is recognized as one of the top 10 banks in the nation, providing a diverse array of financial products and services tailored to consumers, small businesses, and commercial clients. We foster an inclusive work environment that values a variety of thoughts, ideas, and backgrounds, and we invite innovative, collaborative, and skilled professionals to help us redefine the financial landscape.
In this pivotal role, you will lead the charge in developing and implementing effective technology risk solutions that support innovation while safeguarding our customers, shareholders, and partners. You'll collaborate with various teams, including Divisional CIOs and Information Security professionals, to ensure that we have robust risk management practices in place.
Your responsibilities will include:
Acting as the Technology Risk Guide leader, driving risk initiatives across our business lines.
Collaborating with Enterprise Services Business Risk leadership to fulfill strategic goals.
Providing oversight on critical Technology initiatives, focusing on enhancing architectures that align with business objectives.
Advising interdepartmental stakeholders on technology risks and compliance measures.
Identifying and implementing improvements based on industry standards related to technology risk management.
Collecting and analyzing risk and control data to support informed decision-making.
Engaging with leaders across various departments to address technology risks.
Developing and monitoring risk analysis activities and initiatives aimed at reducing overall risk.
Supporting Risk Control and Self Assessments (RCSAs) to strengthen our practices.
Conducting thorough reviews of current capabilities using established risk frameworks and industry benchmarking.
Writing and revising procedures, policies, and guidelines, and crafting presentations that enhance our risk methodologies.
Basic Qualifications: Bachelor's Degree or military experience.
Minimum of 8 years in Cybersecurity, Technology, or Internal/External Audit.
At least 8 years' experience leading IT audits or risk assessments.
5+ years of People Management experience.
5+ years in data management and analysis in cloud environments.
5+ years of experience with compliance frameworks like SOC2, ISO27001, PCI, and NIST SP 800-53.
Preferred Qualifications: 12+ years in Cybersecurity, Technology, or Audit roles.
Certifications such as CISSP, CISA, CRISC, CISM, or AWS Security preferred.
10+ years performing Control Self Assessments (CSAs) against risk frameworks.
10+ years’ support of compliance frameworks like SOC2, ISO27001, PCI, and NIST SP 800-53.
10+ years of data analysis supporting internal assessments.
3+ years of CI/CD, DevOps, or SDLC framework experience.
3+ years of Application Architecture review experience.
3+ years of experience in the Financial Services industry.
Excellent verbal and written communication skills for effective stakeholder interaction.
At this time, Capital One will not sponsor a new applicant for employment authorization for this position. The minimum and maximum full-time annual salaries for this role are as follows: Chicago, IL: $205,400 - $234,400; McLean, VA: $226,000 - $257,900; New York, NY: $246,500 - $281,300; Richmond, VA: $205,400 - $234,400. Salaries are subject to location-based adjustments. This position is also eligible for performance-based incentive compensation, including cash bonuses and long-term incentives. Explore Capital One's comprehensive health, financial, and other benefits designed to support your well-being. If you require an accommodation during the application process, please contact Capital One Recruiting. All information provided will be kept confidential. Capital One is an equal opportunity employer committed to non-discrimination. We support a drug-free workplace and consider for employment qualified applicants with a criminal history.
Collaborating with Enterprise Services Business Risk leadership to fulfill strategic goals.
Providing oversight on critical Technology initiatives, focusing on enhancing architectures that align with business objectives.
Advising interdepartmental stakeholders on technology risks and compliance measures.
Identifying and implementing improvements based on industry standards related to technology risk management.
Collecting and analyzing risk and control data to support informed decision-making.
Engaging with leaders across various departments to address technology risks.
Developing and monitoring risk analysis activities and initiatives aimed at reducing overall risk.
Supporting Risk Control and Self Assessments (RCSAs) to strengthen our practices.
Conducting thorough reviews of current capabilities using established risk frameworks and industry benchmarking.
Writing and revising procedures, policies, and guidelines, and crafting presentations that enhance our risk methodologies.
Basic Qualifications: Bachelor's Degree or military experience.
Minimum of 8 years in Cybersecurity, Technology, or Internal/External Audit.
At least 8 years' experience leading IT audits or risk assessments.
5+ years of People Management experience.
5+ years in data management and analysis in cloud environments.
5+ years of experience with compliance frameworks like SOC2, ISO27001, PCI, and NIST SP 800-53.
Preferred Qualifications: 12+ years in Cybersecurity, Technology, or Audit roles.
Certifications such as CISSP, CISA, CRISC, CISM, or AWS Security preferred.
10+ years performing Control Self Assessments (CSAs) against risk frameworks.
10+ years’ support of compliance frameworks like SOC2, ISO27001, PCI, and NIST SP 800-53.
10+ years of data analysis supporting internal assessments.
3+ years of CI/CD, DevOps, or SDLC framework experience.
3+ years of Application Architecture review experience.
3+ years of experience in the Financial Services industry.
Excellent verbal and written communication skills for effective stakeholder interaction.
At this time, Capital One will not sponsor a new applicant for employment authorization for this position. The minimum and maximum full-time annual salaries for this role are as follows: Chicago, IL: $205,400 - $234,400; McLean, VA: $226,000 - $257,900; New York, NY: $246,500 - $281,300; Richmond, VA: $205,400 - $234,400. Salaries are subject to location-based adjustments. This position is also eligible for performance-based incentive compensation, including cash bonuses and long-term incentives. Explore Capital One's comprehensive health, financial, and other benefits designed to support your well-being. If you require an accommodation during the application process, please contact Capital One Recruiting. All information provided will be kept confidential. Capital One is an equal opportunity employer committed to non-discrimination. We support a drug-free workplace and consider for employment qualified applicants with a criminal history.