Get new jobs for this search by email

Senior Manager - TRM Script Governance Technology Risk Management (TRM) is a growing organization focused on providing expert advice, credible challenge, and effective oversight of information security and technology activities to identify, assess, control, and manage technology risk throughout the company. This organization plays a critical role in helping to ensure the company’s risk-taking entities are aware of the risks inherent in their activities and decisions, the impact of their actions at an enterprise level, and opportunities to reduce, mitigate, or avoid the risks altogether. Associates within TRM are highly-skilled information security, cyber, technology, and risk management professionals who have a wealth of experience and a demonstrated ability to provide value-added recommendations and deliver high-impact results in their area(s) of expertise. This position – Sr Manager, TRM Script Governance – will play a key role in the organization’s second line of defense independent controls review program by leading an enterprise-level governance program for registering and inventorying scripts, developing and implementing ongoing enterprise-level requirements on scripts, and helping to develop and implement adequate controls around scripts and providing training to the first line on how to appropriately govern its scripts. Additionally, this role may provide technical expertise in assessing the overall effectiveness of the company’s technology (including both cybersecurity and technology) controls environment. As a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Lead in the development of standard requirements for scripts across the enterprise and provide updates to executive leadership on the status of the project. Provide guidance and training to the first line on script governance implementation. Build a second line challenge program for script governance and collaborate with other independent risk organizations in developing this program. Lead the development of compliance monitoring and controls over script registration and ongoing governance. Lead the ongoing second line governance and assurance over the enterprise script governance program. Manage testing of independent controls review of cybersecurity and technology control environments. Perform detailed reviews of team’s assessments of first line control testing programs to determine sufficiency of processes and effectiveness of execution. Provide oversight of staff using scripting languages and/or advanced spreadsheet calculations to analyze the control inventory and perform scoping for control challenges. Provide challenge, expertise and advice on enhancing the design, effectiveness, and maturity of the company’s technology controls and capabilities. Stay current on emerging cyber threats, technologies, controls, and potential implications for the company. Coordinate program-related activities and deliverables to ensure effective collaboration within the team and across stakeholder groups. Collaborate effectively and build trusted relationships with colleagues, stakeholders, and leaders across multiple organizations to achieve objectives. Communicate in a compelling manner to any audience, including internal and external stakeholders. Basic Qualifications: Bachelor’s degree or military experience. At least 7 years of experience managing, consulting, auditing, or working in the fields of information security or information technology. At least 2 years of experience in project management. At least 3 years of experience in people management. Preferred Qualifications: Masters degree in Data Science, Cybersecurity or Information Technology. Experience working for internal audit or risk management in financial services or other highly-regulated sectors. Experience with Python, SQL, or advanced excel functions (Pivot tables, VLOOKUP). Professional security management certifications, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), Project Management Professional (PMP). Experience with data governance or data analytics. Experience working in Cloud environments. At this time, Capital One will not sponsor a new applicant for employment authorization for this position. The minimum and maximum full-time annual salaries for this role are listed below, by location: McLean, VA: $170,800 - $194,900 for Sr. Risk Manager. Richmond, VA: $155,300 - $177,200 for Sr. Risk Manager. Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate’s offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. This role is expected to accept applications for a minimum of 5 business days. No agencies please. Capital One is an equal opportunity employer committed to diversity and inclusion in the workplace.

#J-18808-Ljbffr