What you'd actually do

Lead Tech and Cyber risk advisor for a multi year technology transformation program

Partner with product and engineering teams to assess artifacts (customer journeys, Product Requirement Documents, architectures) and technology transformations to identify risks and build proactive mitigation plans.

Lead risk assessments for technology change initiatives, ensuring non-compliance areas are identified, documented, and remediated prior to deployment.

Cultivate robust partnerships with control owners and various stakeholders to drive agreement on strategies for risk mitigation and remediation.

Rationalize controls (tech, cyber, data) focusing on key risks and alignment with technology processes.

Manager, Cyber Risk & Analysis

As a Manager, you will apply your technical expertise, risk management acumen, and project management skills to drive Risk Management Strategy for a major technology modernization program within Capital One’s Retail Bank Division. This high-visibility role involves partnering closely with technology and product executives to identify and mitigate risks across technology, cyber, data, and resiliency domains. You will collaborate with passionate and intelligent teams with the shared goal of ensuring program risks are effectively addressed.

The ideal candidate will possess a solid understanding and hands-on experience of risk management frameworks (such as NIST 800-53, NIST CSF), technology functions, and organizational structures. Success in this role requires first-rate communication, strong analytical capabilities, strategic thinking, planning, and organizational skills.

This position reports to the Tech & Cyber Risk Director within the Retail Bank.

Responsibilities:

Lead Tech and Cyber risk advisor for a multi year technology transformation program
Partner with product and engineering teams to assess artifacts (customer journeys, Product Requirement Documents, architectures) and technology transformations to identify risks and build proactive mitigation plans.
Lead risk assessments for technology change initiatives, ensuring non-compliance areas are identified, documented, and remediated prior to deployment.
Cultivate robust partnerships with control owners and various stakeholders to drive agreement on strategies for risk mitigation and remediation.
Rationalize controls (tech, cyber, data) focusing on key risks and alignment with technology processes.
Leverage industry-standard risk frameworks (e.g., NIST, ISO, COBIT) to drive continuous program enhancements and proactively mitigate emerging threats to the business.
Influence updates to policies, standards, control description to enhance risk management activities.
Foster strong partnerships with line of business risk offices and team members to analyze how technology risk influences essential business processes.
Demonstrate high-level organizational agility and communication skills to influence outcomes and inform stakeholders across all levels of the organization.
Coordinate and prepare for internal and external audits, and assist with the response process.

Basic Qualifications:

At least 4 years experience in System Transformation, Cybersecurity, Technology, Consulting, Audit or Risk Management
At least 4 years of experience managing multiple projects or initiatives

Preferred Qualifications:

Experience in a Large Financial Services industry or Big4 consulting organization
Hands-on experience in Technology, Software Engineering or Risk Management
Experience in leading large system transformation initiatives as a Risk Manager
Cybersecurity and technology risk certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), Certified Information Security Manager (CISM) or related certifications

At this time, Capital One will not sponsor a new applicant for employment authorization for this position.

The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked.

McLean, VA: $164,800 - $188,100 for Manager, Cyber Risk & Analysis

Richmond, VA: $149,800 - $171,000 for Manager, Cyber Risk & Analysis

Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate’s offer letter.

This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan.

Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.

This role is expected to accept applications for a minimum of 5 business days.

No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City’s Fair Chance Act; Philadelphia’s Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries.

If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at RecruitingAccommodation@capitalone.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.

For technical support or questions about Capital One's recruiting process, please send an email to Careers@capitalone.com

Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site.

Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).

Manager, Cyber Risk & Analysis

This position reports to the Tech & Cyber Risk Director within the Retail Bank.

Responsibilities:

Lead Tech and Cyber risk advisor for a multi year technology transformation program
Partner with product and engineering teams to assess artifacts (customer journeys, Product Requirement Documents, architectures) and technology transformations to identify risks and build proactive mitigation plans.
Lead risk assessments for technology change initiatives, ensuring non-compliance areas are identified, documented, and remediated prior to deployment.
Cultivate robust partnerships with control owners and various stakeholders to drive agreement on strategies for risk mitigation and remediation.
Rationalize controls (tech, cyber, data) focusing on key risks and alignment with technology processes.
Leverage industry-standard risk frameworks (e.g., NIST, ISO, COBIT) to drive continuous program enhancements and proactively mitigate emerging threats to the business.
Influence updates to policies, standards, control description to enhance risk management activities.
Foster strong partnerships with line of business risk offices and team members to analyze how technology risk influences essential business processes.
Demonstrate high-level organizational agility and communication skills to influence outcomes and inform stakeholders across all levels of the organization.
Coordinate and prepare for internal and external audits, and assist with the response process.

Basic Qualifications:

At least 4 years experience in System Transformation, Cybersecurity, Technology, Consulting, Audit or Risk Management
At least 4 years of experience managing multiple projects or initiatives

Preferred Qualifications:

Experience in a Large Financial Services industry or Big4 consulting organization
Hands-on experience in Technology, Software Engineering or Risk Management
Experience in leading large system transformation initiatives as a Risk Manager
Cybersecurity and technology risk certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), Certified Information Security Manager (CISM) or related certifications

At this time, Capital One will not sponsor a new applicant for employment authorization for this position.

McLean, VA: $164,800 - $188,100 for Manager, Cyber Risk & Analysis

Richmond, VA: $149,800 - $171,000 for Manager, Cyber Risk & Analysis

This role is expected to accept applications for a minimum of 5 business days.

For technical support or questions about Capital One's recruiting process, please send an email to Careers@capitalone.com

Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site.

Manager, Cyber Risk & Analysis

What you'd actually do

Skills

Required

Nice to have

What the JD emphasized