Cybersecurity Analyst – Governance, Risk and Compliance
Coca-Cola Canada Bottling Limited
Cyber Security
Senior Manager, Risk Advisor – Technology and Data Risk Management
Capital One
full-time
Posted on:
Location Type: Office
Location: McLean • Illinois, New York, Texas, Virginia • 🇺🇸 United States
Visit company websiteSalary
💰 $175,500 - $240,300 per year
Job Level
Senior
Tech Stack
Cyber Security
About the role
- Review and challenge first line periodic and change-driven risk assessments, including risk sizing, control suite adequacy and mitigation plan relevance
- Lead independent risk analysis workshops and scope/facilitate cross-functional risk workshops
- Apply quantitative and qualitative risk assessment methodologies and understand the stack of controls
- Systematically review, analyze, aggregate and compare outputs of different assessments to enable robust challenge across assessments
- Prepare executive reports summarizing TDRM’s point of view on technology risks
- Research industry trends and internal data to substantiate risk management decisions and make recommendations
- Influence 1st Line to drive definition and prioritization of high leverage risk reduction initiatives
- Provide expert guidance and mentorship across TRM and foster strong working relationships with 1st and 2nd Line groups
- Develop and implement plans to orchestrate the operational rollout of risk methodology changes
- Shape and further refine the risk program and operate with autonomy and empowerment from senior leadership
Requirements
- Bachelor’s degree or military experience
- At least 6 years of experience managing, consulting, or auditing in the fields of risk management, information security or technology
- At least 5 years of experience performing or challenging risk assessments leveraging qualitative and quantitative methodologies (COSO Framework, quantitative analysis, Factor Analysis Information Risk (FAIR), Process, Risk & Control (PRC) library, Risk and Control Self Assessment (RCSA), scenario analysis, new initiative risk assessments)
- Professional security management certification (Open FAIR, CISSP, CISM, CISA, or CRISC)
- At this time, Capital One will not sponsor a new applicant for employment authorization for this position
- Preferred: Master’s degree in Information Technology, Cybersecurity, or equivalent
- Preferred: 5+ years of experience communicating and presenting data to both technical and non-technical audiences
- Preferred: 5+ years of experience applying risk quantification methodologies and rolling out risk framework changes
- Preferred: 4+ years of experience interacting with different stakeholders and leaders across multiple organizations
- Preferred: 4+ years of experience in a second-line or oversight role at a financial institution or regulatory agency
- Strong communication, teaching, influencing, persuasion, and problem-solving skills
- Passion and expertise in technology and cybersecurity domains
Benefits
- This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI).
- Incentives could be discretionary or non discretionary depending on the plan.
- Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being.
- Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.
- Learn more at the Capital One Careers website.
ATS Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
risk assessmentquantitative analysisqualitative analysisCOSO FrameworkFactor Analysis Information Risk (FAIR)Process, Risk & Control (PRC) libraryRisk and Control Self Assessment (RCSA)scenario analysisrisk quantification methodologiesrisk framework changes
Soft skills
communicationteachinginfluencingpersuasionproblem-solvingmentorshiprelationship buildingleadershipautonomyempowerment
Certifications
Open FAIRCISSPCISMCISACRISC
