Sr. Manager, Technology Change Risk Oversight

$234,700 - $267,900/Yr

Capital One - McLean, VA

posted 10 days ago

Full-time - Senior
McLean, VA
51-100 employees
Credit Intermediation and Related Activities

About the position

The Senior Manager, Technology Change Risk Oversight at Capital One plays a crucial role in overseeing technology processes, controls, and capabilities, particularly focusing on high-risk technology changes. This position requires collaboration with various teams to ensure effective risk management and the implementation of best practices in technology and cybersecurity. The role demands a strong technical background and the ability to communicate complex technology solutions to diverse audiences, while also providing independent assessments and recommendations to enhance the firm's cyber risk management capabilities.

Responsibilities

  • Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions.
  • Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security.
  • Evaluate/assess complex technological and business environment migrations to the cloud.
  • Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders.
  • Keep up-to-date on cutting edge technology, standards, protocols and tools relevant to Capital One.
  • Demonstrate strong analytical, problem-solving, and decision-making skills.
  • Communicate and drive highly complex technology solutions to broad audiences.
  • Define, structure and plan work independently.
  • Perform independent risk assessment of the cloud environment.
  • Provide expertise and advice regarding the effectiveness of device configurations and IT architecture.
  • Consult with risk owners on the design and implementation of mitigating controls.
  • Draft and publish independent reports for risk owners and senior management.

Requirements

  • Bachelor's Degree or military experience
  • At least 5 years of experience managing, consulting, auditing, or working in information security or information technology
  • At least 3 years experience with Public Cloud implementations

Nice-to-haves

  • Master's Degree in Computer Science or Engineering
  • Professional certification (AWS Certified Solutions Architect, AWS Certified Security Specialty, AWS SysOps Administrator, or CISSP)
  • Experience with Information Security at the policy, architecture or implementation level
  • Ability to communicate clearly and interact effectively at all levels of the organization
  • Experience with identifying and communicating key risks related to cloud native implementations
  • Experience drafting reports or analytic assessments for senior management
  • Experience with analysis of emerging threats
  • Passion and expertise in cybersecurity and technology risk
  • Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK)
  • Familiarity with controls and control frameworks (NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT)
  • Prior experience working in financial services or other highly-regulated sectors

Benefits

  • Comprehensive health benefits
  • Financial benefits including performance-based incentives
  • Inclusive workplace culture
  • Opportunities for professional development

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service