Capital One - Richmond, VA
posted 4 months ago
As a Director of Cyber Risk and Analysis at Capital One, you will be part of the Identity & Access Management (IAM) organization, working closely within our cyber security team and with extended technical teams to manage and improve our risk posture. We are seeking a dedicated and disciplined process and risk professional who excels in a team environment, displays strong leadership skills, and motivates others. This role requires proficiency in managing and directing your own work independently while influencing partners across the company and across multiple levels of the organization. You will have excellent communication skills, attention to detail, strong analytical skills, and the ability to quickly adapt to change. Self-motivation is key as you will have the opportunity to work with cross-functional teams in a collaborative environment that values your insight, encourages you to take on new responsibilities, promotes strategic thinking, and supports continuous learning and growth. Your responsibilities will include being the risk management thought leader and advisor to the IAM leadership team, serving as the subject matter expert on our risk management approach, frameworks, and processes. You will advise and guide our team to engineer technology and processes that remove risk from the environment and improve our daily operations in alignment with our strategic direction. Additionally, you will oversee the program management of IAM risk management, leading and collaborating with various teams to drive the execution to improve, create, and validate requirements, processes, controls, and metrics to measure process efficiency and effectiveness. You will be responsible for driving projects end-to-end, which may include the creation and maintenance of formal process documents and supporting artifacts. As the point of contact for IAM Risk to the IAM leadership team and partners across the company, you will proficiently tailor verbal and written communications to the audience's needs and levels, articulating our program's strategy, processes, intent, inputs and outputs, related failure modes, and measurements when representing the department in projects, meetings, reports, and communications. Furthermore, you will manage the issue resolution process by proactively identifying and mitigating risk related to the delivery of the projects and program, resolving complex problems where expertise is required to interpret against policies, guidelines, requirements, or processes. You will prepare the program and team for annual cyber assessments by working with the risk office to understand the assessment process and criteria, analyzing the program and team's gaps, and creating an action plan to remediate deficiencies.