מציאת משרת הייטק בחברות הטובות ביותר מעולם לא הייתה קלה יותר
Capital One Director Metrics Strategy United States, Virginia, Richmond 778278568
For years, the cybersecurity community has debated whether the CISO should report to the CIO or not. In regulated financial services, the answer is: both. The first-line CISO has operational responsibilities and reports to the CIO. The second-line Chief Tech Risk Officer (CTRO) and their Technology Risk Management (TRM) organization oversee cybersecurity but also have broader responsibilities for reliability, software quality, resilience, and other technology risks. The CTRO is independent, reports to the Chief Risk Officer, and oversees the work of the CISO and the CIO.
As the Director, Metrics Strategy, you will create a strategy for how to use metrics to drive change; help us update our suite of metrics for cybersecurity, technology risk, and developer quality; and drive the implementation of those metrics to effect systemic change. You will be an independent contributor who will partner with subject matter experts in TRM and across all three lines of defense.
Responsibilities:
Understand our current approach and develop a strategy to better use metrics, dashboards, and governance fora to drive change. The intended audience starts at the program manager level and progresses up through the Board of Directors and formal risk appetite metrics.
Develop suites of metrics across the technology, technology risk, and cybersecurity domains, aligned to industry frameworks.
Engage stakeholders across the first, second, and third lines of defense to align on the metrics and thresholds.
Dive deeply into different domains to understand the shortcomings and limitations of metrics and ensure they are appropriately documented and communicated.
Monitor metrics, investigate anomalies, and escalate necessary response actions.
Basic Qualifications:
Bachelor’s degree or military experience
At least 10 years of experience in cybersecurity or technology risk
At least 2 years of experience in cybersecurity or technology risk metrics
At least 2 years of experience with governance fora
Preferred Qualifications:
Bachelor’s degree in computer science, mathematics, or engineering.
Master’s degree in computer science, mathematics, or engineering.
At least 10 years of experience in cybersecurity or technology risks related to resilience, reliability, or code quality (e.g., the DORA work).
At least 2 years of experience in cloud computing.
An understanding of more than one of the following domains: cybersecurity, site reliability engineering, dev/ops, and developer excellence.
Experience revamping an organizational metrics program.
Experience with governance fora in which senior leaders use metrics to manage their organizations.
Execution oriented and a self-motivator.
Ability to collaborate effectively with colleagues, stakeholders, and leaders across multiple organizations to get consensus, socialize strategy, and achieve objectives.
Passion and expertise in technology risk and cybersecurity domains, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions.
Critical analytical thinker, including the ability to express a point of view supported by data (with both technical and non-technical audiences).
. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.
If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.
משרות נוספות שיכולות לעניין אותך
