Manager, Data Protection Risk
Company: Capital One
Location: Waynesboro
Posted on: August 6, 2022
Job Description:
Center 2 (19050), United States of America, McLean,
VirginiaManager, Data Protection RiskThis position represents a
unique opportunity for those with hands-on cybersecurity technical
and operational experience who have a desire to leverage and
enhance that expertise in a risk management organization. This
individual will have the ability to use technical skills and cyber
subject matter expertise to provide effective oversight, credible
challenge, and expert advice to help manage and control risk
associated with data protection. This position will play a key and
influential role in assessing and challenging cybersecurity
capabilities and operational effectiveness to drive action against
areas of risk and concern. -As the Manager, Data Protection Risk
you will play a key role in the review, risk identification, risk
assessment, reporting, and effective challenge of cybersecurity
controls, operational capabilities, and associated processes. -
This individual will provide subject matter expertise and oversight
and effective challenge of key cybersecurity domains such as Data
Loss Prevention (DLP) and tokenization. -Technology Risk Management
(TRM) is a growing organization focused on providing expert advice,
credible challenge, and effective oversight of information security
and technology risk activities. - The Associates that make up the
TRM team are highly-skilled information security, cyber,
technology, and risk management professionals who bring a wealth of
experience to bear to deliver high-impact analysis and
recommendations that are rooted in direct knowledge of security and
technology. - -As part of the second line of defense, this position
will also collaborate closely with associates in first line Cyber,
Technology, the Lines of Business, as well as other second line of
defense risk management offices to perform and support evaluations
of the effectiveness of the firm's controls infrastructure and
offer independent advice and recommendations regarding ways to
further mature the firm's cyber risk management capabilities.
-Finally, as a member of a growing organization, you will have the
opportunity to shape and further refine your portfolio commensurate
with the priorities of the organization and the firm. - The
position affords opportunities for substantial growth. The demands
and high-visibility nature of this position require an expert with
a proven ability to work independently in a fast-paced environment
and who can begin contributing immediately. -
-Responsibilities:
- Play a lead role in identifying areas of cyber risk to provide
oversight, analysis, effective challenge, and risk-informed
recommendations for enhancement.
- Provide technical assessments of cybersecurity and controls
design and effectiveness.
- Draft assessments for senior management and other stakeholders,
to include regulatory agencies and the Board of Directors, as
needed.
- Review and provide effective challenge to first line data
protection processes
- Stay current on emerging cyber threats and potential
implications to the firm.
- Collaborate effectively with colleagues, stakeholders, and
leaders across multiple organizations to achieve objectives.
- Coordinate program-related activities and deliverables to
ensure effective collaboration within the team and across
stakeholder groups. -Basic Qualifications:
- High School Diploma or equivalent or military experience
- At least 2 years of hands-on cybersecurity operations
experience with enterprise-grade tools and processes
- At least 2 years of experience working with cybersecurity
technologies related to areas including Data Loss Prevention (DLP),
tokenization and/or encryption
- At least 1 year of experience with public cloud infrastructure
and security principles
- At least 4 years of experience managing, consulting, auditing,
or working in the fields of information security, technology, or
risk management -Preferred Qualifications:
- Experience with analysis of emerging threats and reports that
describe the implications of threat(s) and opportunities to
executives or senior decision-makers.
- Ability to communicate clearly and to interact effectively at
all levels of the organization, and to influence as warranted and
appropriate.
- Familiarity NIST Cybersecurity Framework controls, NIST 800-53,
ISO 27000-1, etc.
- At least 1 or more professional security management
certifications, such as a Certified Information Systems Security
Professional (CISSP), Certified Information Security Manager
(CISM), or Certified in Risk and Information Systems Control
(CRISC)
- Excellent written and verbal communication skills. - This role
requires the ability to articulate complex technical concepts in
clear, concise, actionable manner through both written products and
verbal communications.
- Passion and expertise in cybersecurity, with an ability to be
confident, respectful, and articulate when registering dissenting
or unpopular opinions.
- Ability to manage multiple projects while maintaining superior
results.
- Ability to work cross-functionally, individually, and to lead
work among a team.
- Execution oriented and a self-motivator. -At this time, Capital
One will not sponsor a new applicant for employment authorization
for this position.No agencies please. Capital One is an Equal
Opportunity Employer committed to diversity and inclusion in the
workplace. All qualified applicants will receive consideration for
employment without regard to sex, race, color, age, national
origin, religion, physical and mental disability, genetic
information, marital status, sexual orientation, gender
identity/assignment, citizenship, pregnancy or maternity, protected
veteran status, or any other status prohibited by applicable
national, federal, state or local law. Capital One promotes a
drug-free workplace. Capital One will consider for employment
qualified applicants with a criminal history in a manner consistent
with the requirements of applicable laws regarding criminal
background inquiries, including, to the extent applicable, Article
23-A of the New York Correction Law; San Francisco, California
Police Code Article 49, Sections 4901-4920; New York City's Fair
Chance Act; Philadelphia's Fair Criminal Records Screening Act; and
other applicable federal, state, and local laws and regulations
regarding criminal background inquiries.If you have visited our
website in search of information on employment opportunities or to
apply for a position, and you require an accommodation, please
contact Capital One Recruiting at 1-800-304-9102 or via email at .
All information you provide will be kept confidential and will be
used only to the extent required to provide needed reasonable
accommodations.For technical support or questions about Capital
One's recruiting process, please send an email to Capital One does
not provide, endorse nor guarantee and is not liable for
third-party products, services, educational tools or other
information available through this site.Capital One Financial is
made up of several different entities. Please note that any
position posted in Canada is for Capital One Canada, any position
posted in the United Kingdom is for Capital One Europe and any
position posted in the Philippines is for Capital One Philippines
Service Corp. (COPSSC).
Keywords: Capital One, Roanoke , Manager, Data Protection Risk, Executive , Waynesboro, Virginia
Didn't find what you're looking for? Search again!
Loading more jobs...