Capital One Senior Manager Cyber Technical 

United States, Virginia, Arlington 

285980237

The Senior Risk Manager,CyberOperations will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of cybersecurity controls, operational capabilities, and associated processes. This individual will provide subject matter expertise and oversight and effective challenge of key cybersecurity domains such as cloud security, data protection/data loss, incident response, endpoint security, network security, and security infrastructure and tools.

Technology Risk Management (TRM)'s second line of defense function is a growing organization focused on providing expert advice, credible challenge, and effective advisory and oversight of technology andcyberrisks. TRM Associates are highly-skilledcyber, technology, and risk management professionals who bring a wealth of experience to deliver high-impact analysis and recommendations that are rooted in direct knowledge ofcyberand technology.

As part of the second line of defense, you will collaborate closely with associates in operational divisions in first lineCyber, Technology, the lines of business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm’scybercontrols infrastructure, and offer independent advice and recommendations regarding ways to further mature the firm’scyberrisk management capabilities.

Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the firm. The position affords opportunities for substantial growth. The demands and high-visibility nature of this position require an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately.

Responsibilities:

• Play a lead role in identifying areas ofcyberrisk to provide oversight, analysis, effective challenge, and risk-informed recommendations for enhancement

• Providetechnicalassessments of cybersecurity and controls design and effectiveness

• Draft assessments for senior management and other stakeholders, to include regulatory agencies and the Board of Directors, as needed

• Stay current on emergingcyberthreats and potential implications to the firm

• Collaborate effectively with colleagues, stakeholders, and leaders across multiple organizations to achieve objectives

• Coordinate program-related activities and deliverables to ensure effective collaboration within the team and across stakeholder groups

• Proven track record of leading, mentoring, and influencing others.

• Prior experience as a team leader ortechnicallead

• Ability to communicate clearly in written and verbal form

• Ability to influence effectively at all levels of the organization

• Ability to manage multiple projects while maintaining superior results

• Ability to work cross-functionally, individually, and to lead work among a team

• Execution oriented and a self-motivator

Basic Qualifications:

• Bachelor’s degree or military experience

• At least 5 years of experience in a security operations center (SOC)

• At least 5 years of experience withcybertechnologies

• At least 3 years of experience with AWS security suite

• At least 2 years of audit or risk management experience

Preferred Qualifications:

• 2+ years of consulting experience

• 2+ years of digital forensics and incident response (DFIR) experience

• Familiarity with NIST Cybersecurity Framework controls, NIST 800-53, ISO 27000-1

• Professionalcybercertification

• Professional AWS certification (Solutions Architect, Security Specialty)

. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.