Center 3 (19075), United States of America, McLean, Virginia

Manager, Cyber Risk and Analysis

Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity and managing technology risk.

Technology Risk Management (TRM) is a small organization that packs a big punch. The ~100 professionals in TRM are trusted experts who oversee ~14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk.

• Strategic thinker who is intellectually curious, thrives in a data-driven environment, effective influencer, demonstrates good judgment, excellent problem solver, and is a team player.
• Clear communicator with excellent verbal and written communication skills across levels of leadership
• Passion and expertise in cybersecurity, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions
• Ability to manage multiple projects while maintaining superior results
• Ability to work cross-functionally, individually, and to lead work among a team
• Execution oriented and a self-motivator

• Coordinate and oversee TRM's quarterly Board memo to the Board of Directors
• Partner with TRM associates and subject matter experts across the lines of defense to develop presentations and other written materials for executive leadership, senior management, the Board of Directors, and external audiences
• Contribute to the development of TRM's internal strategy and annual objectives and key results
• Stay current on emerging cyber threats and potential implications to the firm
• Collaborate effectively with colleagues, stakeholders, and leaders across multiple organizations to achieve strategic objectives
• Coordinate program-related activities and deliverables to ensure effective collaboration within the team and across stakeholder groups
• Excellent verbal and written communication skills across levels of leadership
• Passion and expertise in cybersecurity, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions
• Ability to manage multiple projects while maintaining superior results

• Bachelor's degree or military experience
• At least 3 years of experience coordinating projects involving multiple stakeholders
• At least 4 years of experience developing presentation and decision-making materials for senior level audiences
• At least 2 years of experience managing, consulting, auditing, or working in the fields of information security, technology, or risk management
• At least 2 years of experience developing, evaluating, or implementing cybersecurity or technology strategy or governance structures

• 1+ years of experience with cybersecurity, technology policies and with the policy making processes
• Experience with analyzing emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers
• Professional security management certifications, such as a Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) or Certified in Risk and Information Systems Controls (CRISC)