Director, Governance And Risk

The Director for Cyber Technical serves as an experienced technology leader in Capital One's Cyber organization as part of the Governance & Risk team. This is a visible, strategic, and high-impact leadership role as an advocate for continuous cyber program and process maturation. This individual is a cyber expert with a capacity to lead experts and also possesses the qualities of a skilled cyber governance Subject Matter Expert (SME). This individual brings operational depth and breadth across a broad range of cyber functions. We are seeking a dedicated and disciplined governance and risk professional, who excels in a team environment, displays strong leadership skills, and motivates others. They must be proficient in managing and directing their own work independently, while influencing partners across the company and across multiple levels of the organization. This person will have excellent communication skills, attention to detail, strong analytical skills, quickly adapts to change, and is self motivated.

Responsibilities include:

• Plays a key leadership role within Cyber's community of leaders, developing, communicating, and driving a risk-based and data-driven strategy and outcome-driven roadmaps in collaboration with peers across Technology, Lines of Business, and horizontal functions.
• Analyze and select alternatives based on threat, risk, desirability, feasibility, and viability.
• Keep abreast of advances in industry to address the threat landscape.
• Instills a culture that works toward the highest standards in cyber (safeguard the business) while ensuring that business requirements are understood and adhered to (enabling the business).
• With an innovative mindset, employs new cyber assurance approaches to mitigate risk around current and anticipated risks and/or breaches.
• Advances the company's overall mission to assess, improve and monitor cyber across the enterprise.
• Builds relationships, influences and collaborates with second-line Cyber Risk Management partners, as well as executives across both technology and the business.
• Guides the acquisition of professional services and tools for effective cyber governance.
• Establishes credibility throughout the organization by earning the reputation for being a dedicated leader and change agent.
• Facilitate build vs. buy decisions to identify optimal strategies for addressing business and technology risks.
• Develop and lead RFI/RFPs to assess the market and/or procure effective cyber solutions.
• Manage product level budgets, roadmaps, and strategies to lead service area direction out 18+ months.
• Maintain technical and risk credibility with your own team and with partners across the enterprise.
• Maintain close ties to various stakeholders, developers, and engineers across the company, ensuring the services we create meet their needs as products evolve.
• Iterate quickly and see the products through to production and scale.
• Establish product value propositions, metrics, and key indicators.

Basic Qualifications:

• Bachelor's Degree
• At least 7 years experience in cybersecurity or technology
• At least 5 years experience in product management
• At least 5 years experience in Governance and risk management
• At least 5 years experience in people management

Preferred Qualifications:

• 9+ years of project management experience
• 8+ years of experience in change management in a technical environment
• 5+ years of experience working with industry frameworks such as NIST CSF, FFIEC CAT, CIS RAM, FAIR and PCI DSS
• 5+ years of experience developing, implementing, and managing Governance, Risk, & Compliance (GRC) frameworks and programs.
• Experience in a regulated environment
• Financial services industry experience

Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.

This role is expected to accept applications for a minimum of 5 business days. No agencies please.