Manager - Operational Risk Challenge & Advisory, Cyber Risk & Analysis
1 month ago
Manager - Operational Risk Challenge & Advisory, Cyber Risk & Analysis
Risk Advisors at Capital One are highly motivated Risk and process management professionals with excellent analytical, organizational, risk management, project management, and communication skills. These skills allow us to gain insights, and act as a change agent to influence our business partners. As Capital One evolves to meet the ever-changing technology landscape, so do our risk managers. A successful Risk Advisor operates from a foundation of knowledge about the Line of Business with whom they are working, including processes, risks and associated controls, and good risk management practices. They are forward thinking, quick to adapt, and technologically adept with a background that includes technical skill sets. Risk Advisor have a broad level of exposure across the lines of business and have the opportunity to work with the business to create and implement solutions to appropriately manage risks within Enterprise Services. The demands and high-visibility nature of this position require an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately to work focused on performing technical assessments across technology and cybersecurity domains.
The Operational Risk, Challenge and Analytics group provides second line oversight for operational risk and is responsible for ensuring current and emerging risks are appropriately identified and managed through Enterprise Risk governance policies and procedures. Operational Risk Advisors are the liaisons between Operational Risk Management (ORM) and first line business partners serving as both an effective challenger and a trusted advisor. Our teams are integrated into multiple dimensions of first line risk identification and mitigation activities.
This position - Operational RIsk Advisor supporting Enterprise Services on the Operational Risk, Challenge and Advisory team - will play a key role in the organization's second line of defense risk identification program by providing expertise in assessing both tech and non-tech operational risk areas. This role will focus on enhancing the organization's cybersecurity and technology risk posture and supporting the identification and assessment of enterprise-level technology and cybersecurity risks. As part of the second line of defense, you will collaborate closely with associates in cybersecurity, technology, the lines of business, and other risk management offices in the various lines of business, to perform and support evaluations of the firm's risk posture and offer independent advice and value-add recommendations regarding ways to reduce risks. Having the ability to understand and translate data-driven analysis, business drivers, initiatives and priorities into technology and cybersecurity risks is critical to ensure proper advising to business stakeholders. While a strong foundation of technology, cybersecurity, and risk management expertise is required to support core assessment responsibilities, being able to engage as a trusted business risk advisor to deliver high-impact results in their area(s) of expertise is a core expectation for the role.
A strong candidate is passionate and proficient in technology, cyber risk, industry, and regulatory trends, who is intellectually curious and stays current on emerging cyber threats, technologies, and potential implications for the company. This candidate has a team-first attitude and is comfortable building relationships and collaborating with the team and other partners and stakeholders to get the work done. This candidate is execution oriented, a self-motivator in an ambiguous environment, can manage multiple projects while maintaining superior results, can successfully work in a fast-paced environment, and is able to quickly come up to speed with the business and technology environments with which they will be working. This candidate also will have excellent verbal and written communication skills (tailored to the audience) and can concisely and logically explain complex/technical topics.
Responsibilities:
- Core Assessment Responsibilities
- Perform the review and effective challenge of technology and cybersecurity risks through first-line assessment activities (i.e., Division and Business Unit risk and control self assessment activities, Process Level Assessments), to include providing expertise and advice on risk themes and mitigating activities
- Perform the review and effective challenge of technology and cybersecurity risks through first-line change-drive assessment activities (i.e., new, expanded, or modified products and services)
- Perform review and effective challenge of the completeness of the first-line annual critical business process (CBP) inventory
- Monitor, report, and escalate first-line's cybersecurity and technology metric performance, identify changes or trends in the risk profile, draft relevant commentary, and brief senior management
- Develop reports to support assessment results and present these results to the team, business executives, and other stakeholders
- Advisory/Team Responsibilities
- Be a trusted advisor and guide/drive effective and relevant Tech and Cyber risk conversations with Line of Business leadership and their teams (e.g., aligning to or providing insights in support of strategic priorities or objectives for the business, increasing risk accountability, etc.)
- Support and contribute in discussions to enable the identification, assessment, management, and reporting of key technology and security risks and control related issues
- Communicate in a compelling manner, with a strong point of view, to any audience, including internal and external stakeholders
- Navigate regulatory and compliance requirements as an approachable and effective partner to develop solutions in response to Line of Business focus areas
- Collaborate effectively and build trusted relationships with colleagues, stakeholders, and leaders across multiple organizations to achieve objectives.
- Coordinate project-related activities and deliverables to ensure effective collaboration, teamwork, and influence with and beyond the immediate team and across stakeholder groups.
- Operate a continuous improvement approach by reviewing and challenging the design and operation of processes
- Support assessments for senior management and other stakeholders, to include regulatory agencies and the Board of Directors, as needed.
Basic Qualifications:
- Bachelor's Degree or military experience
- At least 4 years of experience in information security or technology risk management
- At least 4 years of experience supporting, partnering, and interacting with internal business clients
- At least 4 years of experience with information security, technology policies, standards or procedures
- At least 3 years of experience developing, evaluating, or implementing information security programs
Preferred Qualifications:
- At least 5 years of experience in information security or technology risk management
- At least 5 years of project management experience leading cross functional projects and programs
- At least 4 years of experience with analysis of information security or technology threats and risks
- At least 4 years of experience in information security or technology risk identifications and assessments associated with new or changed initiatives
- Background in the financial services industry
- Certified Information Systems Security Professional (CISSP), or Certified Information Security Manager (CISM)
- Ability to set direction, manage expectations, and lead cross-functional teams
- Ability to communicate and influence clearly and to interact effectively at all levels of the organization
At this time, Capital One will not sponsor a new applicant for employment authorization for this position.
Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.
This role is expected to accept applications for a minimum of 5 business days.
No agencies please. Capital One is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex (including pregnancy, childbirth or related medical conditions), race, color, age, national origin, religion, disability, genetic information, marital status, sexual orientation, gender identity, gender reassignment, citizenship, immigration status, protected veteran status, or any other basis prohibited under applicable federal, state or local law. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries.
If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.
For technical support or questions about Capital One's recruiting process, please send an email to
Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site.
Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).
-
Principal Associate
1 month ago
Richmond, United States Capital One Full timeWest Creek 3 (12073), United States of America, Richmond, VirginiaPrincipal Associate - Operational Risk Challenge & Advisory, Cyber Risk & AnalysisRisk Advisors at Capital One are highly motivated Risk and process management professionals with excellent analytical, organizational, risk management, project management, and communication skills. These skills...
-
Principal Risk Specialist
2 months ago
Richmond, United States Capital One Financial Corp Full timeWest Creek 3 (12073), United States of America, Richmond, Virginia Principal Risk Specialist - Operational Risk Challenge and Advisory (Commercial) Can you build relationships as well as develop and implement innovative solutions? As a Principal Risk Specialist at Capital One you'll be responsible for working with business partners to identify and mitigate...
-
Sr. Director, Cyber Risk
1 month ago
Richmond, United States Capital One Full timeCenter 2 (19050), United States of America, McLean, VirginiaSr. Director, Cyber Risk & Analysis | Retail BankSummary:Capital One, a Fortune 500 company and one of the nation's top 10 banks, offers a broad spectrum of financial products and services to consumers, small businesses and commercial clients. Our mission is to create one of the nation's great...
-
Healthcare Risk Advisor
3 weeks ago
Richmond, United States Unison Risk Advisors Full timeWorking at RCM&D and SISCO is ideal for those seeking a challenging, rewarding and upwardly mobile career in risk management, insurance and employee benefits. Dedicated to fostering their continued success and growth, we are deeply invested in our employees. Job Summary: RCM&D is currently searching for an Insurance Advisor in our Healthcare Practice Group....
-
Manager, Cyber Risk
4 weeks ago
Richmond, United States Capital One Full timeCenter 1 (19052), United States of America, McLean, VirginiaManager, Cyber Risk & Analysis - Technology Audit (Hybrid)Capital One's Audit function is a dedicated group of professionals focused on delivering top-quality assurance services to the organization's Audit Committee. Audit professionals are experienced, well-trained and credentialed, and operate...
-
Principal Risk Specialist
4 weeks ago
Richmond, United States Capital One Financial Corp Full timeProvide 2nd line effective challenge and advice to the Commercial 1st line on their execution of various risk assessment processes, including Risk and Control Self Assessments (RCSA), Process Level Assessments (PLA), Product Risk Assessment (PRA), La Risk, Commercial, Advisor, Internal Auditor, Specialist, Operation, Accounting
-
Cybersecurity and Operational Risk Advisor
5 days ago
Richmond, Virginia, United States Capital One Full timeAbout the RoleCapital One is seeking a highly motivated and experienced Operational Risk Manager to join our Cybersecurity and Advisory team. As a key member of our team, you will play a critical role in identifying, assessing, and mitigating operational risks associated with technology and cybersecurity.Key ResponsibilitiesPerform reviews and effective...
-
Manager, Cyber Risk
1 month ago
Richmond, United States Capital One Full timeCenter 3 (19075), United States of America, McLean, VirginiaManager, Cyber Risk & Analysis (Machine Learning)The Enterprise Services Business Risk Office provides risk management support to several lines of business including: Tech, Digital, Brand, Enterprise Supplier Management, Capital One Ventures, External Affairs, Capital One Software (COS) and...
-
Senior Risk Management Advisor
2 weeks ago
Richmond Heights, Virginia, United States Capital One Financial Corp Full timeLocation: United States of AmericaPosition: Principal Risk Specialist - Operational Risk Challenge and Advisory (Commercial)Overview: Are you skilled at fostering relationships and crafting innovative strategies? As a Principal Risk Specialist at Capital One, you will collaborate with business partners to pinpoint and alleviate potential risks. Your role is...
-
Senior Risk Management Specialist
2 weeks ago
Richmond Heights, Virginia, United States Capital One Financial Corp Full timeLocation: United States of AmericaPosition: Principal Risk Specialist - Operational Risk Challenge and Advisory (Commercial)Are you skilled at fostering relationships and crafting innovative strategies? As a Principal Risk Specialist at Capital One, you will play a crucial role in collaborating with business partners to identify and alleviate potential risks...
-
Principal Associate Cyber Risk
3 weeks ago
Richmond, United States Capital One Full timeCenter 1 (19052), United States of America, McLean, VirginiaPrincipal Associate Cyber Risk & Analysis, Technology Audit (Hybrid)Capital One's Audit function is a dedicated group of professionals focused on delivering top-quality assurance services to the organization's Audit Committee. Audit professionals are experienced, well-trained and credentialed, and...
-
Senior Risk Management Specialist
2 weeks ago
Richmond, Virginia, United States Capital One Financial Corp Full timeRole OverviewThe Principal Risk Specialist plays a critical role in ensuring the integrity of risk management processes within Capital One Financial Corp. This position involves providing robust and effective challenge and guidance to the Commercial first line in their execution of various risk assessment methodologies.Key ResponsibilitiesDeliver expert...
-
Richmond, United States Capital One Full timeWest Creek 3 (12073), United States of America, Richmond, VirginiaSenior Manager, Methodologies and Practices, Technology Risk ManagementCapital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to...
-
Cyber Security Analyst
7 days ago
Richmond, Virginia, United States Capital One Full timeAbout the RoleWe are seeking a highly skilled Cyber Security Analyst to join our team at Capital One. As a key member of our Cyber Governance & Risk division, you will play a critical role in helping us reduce cyber risk and drive business growth.Key ResponsibilitiesDevelop and implement effective information security standards and procedures to ensure...
-
Senior Risk Manager
3 weeks ago
Richmond, United States Capital One Full timeWest Creek 3 (12073), United States of America, Richmond, VirginiaSenior Risk Manager Capital One is seeking an energetic, self-motivated Senior Manager to join the Third Party Risk Management (TPRM) Team within the Operational Risk Management second line of defense. The TPRM team is a dedicated group of professionals whose mission is to provide value-add,...
-
Senior Risk Management Specialist
19 hours ago
Richmond, Virginia, United States FedTec Full timeAbout the OpportunityThis critical role will support Enterprise Risk Management across all Virginia Housing programs and projects, assigned to initiatives with risk components.The Risk Management Specialist will assist in conducting risk assessments for departments, processes, and systems.The Risk Management Specialist is also responsible for assisting with...
-
Enterprise Risk Management Specialist
3 days ago
Richmond, Virginia, United States Fedtec Full timeJob DescriptionAbout the OpportunityFedtec is seeking a highly skilled Enterprise Risk Management Specialist to support the company's risk management efforts across all business areas and vendor engagements. The ideal candidate will have a strong background in risk management, governance, and compliance, with experience working with risk and security...
-
Senior Risk Manager
7 days ago
Richmond, Virginia, United States Capital One Full timeAbout the RoleWe are seeking a highly skilled and experienced Senior Risk Manager to join our Third Party Risk Management (TPRM) Team within the Operational Risk Management second line of defense at Capital One.Key ResponsibilitiesLead the Risk Advice and Challenge function to the first line of defense, providing guidance and oversight to ensure effective...
-
Senior Manager-Technology Risk Manager
2 months ago
Richmond, United States Capital One Financial Corp Full timeWest Creek 4 (12074), United States of America, Richmond, Virginia Senior Manager-Technology Risk Manager Senior Risk Managers at Capital One are highly motivated Risk Management professionals with excellent project management, analytical and communication skills. They have a high level of exposure across lines of business and the opportunity to work with...
-
Richmond, Virginia, United States Recruiters Full timeLocation: United StatesPosition Overview:We are seeking a dynamic and proactive Senior Risk Management Associate to become a vital part of our Operational Risk Control Assessment team. This specialized group is dedicated to executing oversight responsibilities within the second line of defense for our organization.The Risk Associates will engage in...
