Director, Advisory & Oversight Identity and Access Management, Technology Risk Management
Company: Capital One
Location: Charlottesville
Posted on: May 11, 2022
Job Description:
Center 1 (19052), United States of America, McLean,
VirginiaDirector, Advisory & Oversight Identity and Access
Management, Technology Risk ManagementCapital One is one of the
fastest growing organizations in the world today. The growth of the
business is being accelerated by leveraging innovative and emerging
technologies. We are serious about technology, we dream big, and we
execute: Capital One moved our entire enterprise to the public
cloud over the course of five years, fully exiting our data
centers. Just as we prioritize driving innovation through
technology, we equally prioritize cybersecurity and managing
technology risk. Technology Risk Management (TRM) is a small
organization that packs a big punch. The roughly seventy
professionals in TRM are trusted expert advisers who shape
decisions, challenge activities to ensure they meet our standards,
and generally oversee technology and information security risk
across the business and the central technology organization. TRM is
a second line organization, which means it is independent and sits
within the Risk Management organization.TRM plays a critical role
in ensuring that the company's risk-taking entities are aware of
the risks inherent in their activities and decisions, the impact of
their actions on the company at an enterprise level, and
opportunities to reduce, mitigate or avoid the risks altogether.
Associates within TRM are highly-skilled information security,
cybersecurity, site reliability engineering, technology, and risk
management professionals who have a wealth of experience and a
demonstrated ability to provide value added recommendations and
deliver high-impact results in their areas of
expertise.Cybersecurity and technology risk management are a
strategic priority at Capital One, with heavy engagement from the
Board, the Chief Executive Officer, and the executive committee. By
joining TRM, you will be providing these executives with the
trusted, independent voice they need to ensure our company's
technology risks are appropriately managed.The Role, Director -
Advisory & Oversight Identity and Access Management:We are
currently seeking a dynamic leader with significant experience in
engaging with business and technology leaders to identify and
mitigate cyber security risk. This individual will challenge our
business divisions to analyze, monitor, and manage cybersecurity
risk. The ideal candidate for this role will have a deep
understanding of cyber security risk, both from a technical and
risk management perspective. The associate in this role will lead a
team and a program to develop relationships and influence risk
taking across the organization, providing oversight and effective
challenge.Responsibilities:
- Play a lead role in identifying areas of cyber risk to provide
oversight, analysis, effective challenge, and risk-informed
recommendations.
- Provide and manage the production of technical assessments of
the effectiveness and design of cybersecurity controls
- Conduct assessments and draft assessment for senior management
and other stakeholders, to include regulatory agencies and the
Board of Directors, as needed.
- Manage a team of cybersecurity professionals. Set vision and
direction, manage performance and career development of
associates.
- Stay current on emerging cyber threats and risk management
approaches.
- Collaborate effectively with stakeholders and leaders across
multiple organizations to achieve objectives.
- Coordinate program-related activities and deliverables to
ensure effective collaboration within the team and across
stakeholder groups.Basic Qualifications:
- A Bachelor's degree or military experience
- At least 7 years of hands-on cybersecurity operations
experience
- At least 5 years of experience with cybersecurity, Identity &
Access management, Identity and Authorization, Active Directory,
Single Sign On and Privileged Access Management or a
combination
- At least 5 years of experience managing personnel
- At least 2 years of experience with public cloud infrastructure
and security principles
- At least 1 professional security management certification in
Certified Information Systems Security Professional (CISSP),
Certified Information Security Manager (CISM), Certified in Risk
and Information Systems Control (CRISC) or Security+ -
CompTIAPreferred Qualifications:
- Excellent written and verbal communication skills
- The ability to articulate complex technical concepts in clear,
concise, actionable manner through both written products and verbal
communications
- At least 2 years of experience managing, consulting, auditing,
or working in the fields of information security, technology, or
risk management
- Experience with analysis of emerging threats and reports that
describe the implications of threats and opportunities to
executives or senior decision-makers
- Ability to communicate clearly and to interact effectively at
all levels of the organization, and to influence as warranted and
appropriate
- Familiarity with financial sector regulatory practices and
second line of defense effective challenge
- Experience with performing risk
- Passion and expertise in cybersecurity, with an ability to be
confident, respectful, and articulate when registering dissenting
or unpopular opinions
- Ability to manage multiple projects while maintaining superior
results
- Ability to work cross-functionally, individually, and to lead
work among a team
- Execution oriented and a self-motivator
- Familiarity NIST Cybersecurity Framework controls, NIST 800-53,
ISO 27000-1No agencies please. Capital One is an Equal Opportunity
Employer committed to diversity and inclusion in the workplace. All
qualified applicants will receive consideration for employment
without regard to sex, race, color, age, national origin, religion,
physical and mental disability, genetic information, marital
status, sexual orientation, gender identity/assignment,
citizenship, pregnancy or maternity, protected veteran status, or
any other status prohibited by applicable national, federal, state
or local law. Capital One promotes a drug-free workplace. Capital
One will consider for employment qualified applicants with a
criminal history in a manner consistent with the requirements of
applicable laws regarding criminal background inquiries, including,
to the extent applicable, Article 23-A of the New York Correction
Law; San Francisco, California Police Code Article 49, Sections
4901-4920; New York City's Fair Chance Act; Philadelphia's Fair
Criminal Records Screening Act; and other applicable federal,
state, and local laws and regulations regarding criminal background
inquiries.If you have visited our website in search of information
on employment opportunities or to apply for a position, and you
require an accommodation, please contact Capital One Recruiting at
1-800-304-9102 or via email at
RecruitingAccommodation@capitalone.com. All information you provide
will be kept confidential and will be used only to the extent
required to provide needed reasonable accommodations.For technical
support or questions about Capital One's recruiting process, please
send an email to Careers@capitalone.comCapital One does not
provide, endorse nor guarantee and is not liable for third-party
products, services, educational tools or other information
available through this site.Capital One Financial is made up of
several different entities. Please note that any position posted in
Canada is for Capital One Canada, any position posted in the United
Kingdom is for Capital One Europe and any position posted in the
Philippines is for Capital One Philippines Service Corp.
(COPSSC).
Keywords: Capital One, Charlottesville , Director, Advisory & Oversight Identity and Access Management, Technology Risk Management, Executive , Charlottesville, Virginia
Didn't find what you're looking for? Search again!
Loading more jobs...