המקום בו המומחים והחברות הטובות ביותר נפגשים
Capital One Director Policy Risk Reporting United States, Virginia, Arlington 96766079
For years, the cybersecurity community has debated whether the CISO should report to the CIO or not. In regulated financial services, the answer is: both. The first-line CISO has operational responsibilities and reports to the CIO. The second-line Chief Tech Risk Officer (CTRO) and their Technology Risk Management (TRM) organization oversee cybersecurity but also have broader responsibilities for reliability, software quality, resilience, and other technology risks. The CTRO is independent, reports to the Chief Risk Officer, and oversees the work of the CISO and the CIO.
As the Director, Policy & Risk Reporting, you will provide thought leadership and strategic guidance as we update and maintain our portfolio of policies, standards, and procedures, as well as establish policy-level requirements for the first line. You will drive improvements to our reporting processes and ensure that materials meet our high bar for clarity, consistency, and message. You will oversee the coordination and drafting of our quarterly memo to the Risk Committee of the Board of Directors, partnering closely with our peers in the second line and our counterparts in the first line. You will support the development of technology and cyber risk content for a committee composed of members of the Executive Committee. Lastly, you will oversee additional risk reporting, including the TRM Forum and monthly business reviews.
The successful candidate will:
Be a seasoned leader with strong influence, problem solving, and judgment skills
Strong technical writing skills as well as verbal and visual communication
Be a strategic and critical thinker who has the ability to express a point of view supported by data (with both technical and non-technical audiences)
Possess a high Emotional Intelligence
Be a self-starter that can work autonomously and take initiative
Have the ability to navigate “white space” or ambiguous situations
Collaborate effectively with colleagues, stakeholders, and leaders across multiple organizations to get consensus
Basic Qualifications:
Bachelor’s degree or military experience
At least 5 years experience with policy development or risk reporting
At least 5 years experience in the financial services industry
At least 5 years experience in the technology, cybersecurity, or risk management
At least 2 years experience as a people leader
Preferred Qualifications:
Master’s degree
Familiarity with industry frameworks such as NIST CSF, NIST 800-53, and/or COBIT
Knowledge of supervisory expectations
At least 2 years of experience working in an Agile environment
At least 3 years experience as a people leader
Professional security management certifications, such as a Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) or Certified in Risk and Information Systems Controls (CRISC)
. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.
If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.
משרות נוספות שיכולות לעניין אותך
