Sr. Manager, Info Sec Analysis (USA)
Company Name:
Capital One
Title: Sr. Manager, Info Sec Analysis (USA)
Location: United States-Virginia-Glen Allen-Richmond-North Shore I (12045)
Other Locations: United States-Virginia-Richmond
Job Number: 765249
Description Information Security and Risk Management is seeking an experienced, highly motivated risk and security manager. The ideal candidate will have strong strategic and integrative thinking skills as well as good organizational and communication skills to work with diverse business areas in the risk management and Information Security space. This role involves both managing various aspects of risk and compliance management as well as an understanding and application of Information Security requirements for LOB initiatives by identifying, developing, leading and implementing corrective actions where needed. This includes enhancing and implementing consistent frameworks, performing risk assessments and managing applications and customer expectations for delivery of products. It will be crucial for the candidate to apply business, technical and industry knowledge to assess business risk, identify key controls, and perform risk based testing of IT application controls. Position will be filled in Richmond supporting the Commercial Bank. -Information Security Consultant Responsibilities - Serve as key point of contact for department on matters involving Information Security Services/processes and work with business partners to improve understanding key Information Security processes - Ensure understanding of key department initiatives/projects and ensure Information Security requirements have been delivered/reviewed for the entire portfolio - Demonstrate ability to understand project technical requirements and provide mitigating controls to ensure adherence with Information Security policies and standards. - Ensure the appropriate Information Security resources are identified and aligned with department initiatives and ensure resources issues are escalated appropriately - Perform post validation of department projects and ensure that Information Security requirements have been met and gaps are identified and remediated Risk Management Responsibilities - SOX Control - ensure appropriate controls are in place, test steps are accurate and narrative documentation is current; during tests provide oversight with designees and accountable executives - Provide strategic insight towards developing and evolving the Risk and Controls function. Lead teams to enhance performance and achieve targets - Risk Management - Accountable for the day-to-day implementation of risk management activities to ensure the delivery of quality and cost-efficient services to customers; develop appropriate mitigation activities with SMEs; Manage updates/implementation; Recommend course of action to VP ; Annual risk review; Risk trending exercises - Control Management - support quarterly testing within the division, including updates to divisional controls and processes and Standard controls owned as direct result of policy ownership - Audit Management - Facilitate audits working with Corporate Audit Services and the Audittee Leadership teams - Audit Management - Prepare for, coordinate, and respond to internal and external audits including Quarterly OCC updates for division - Ensure that IT Division supported is compliant with all Enterprise Policies and Standards - Implement new compliance or risk initiatives sponsored at a corporate or division level - Create and disseminate reporting and metrics related to the risk environment. - Identify and resolve problems resulting in a regulatory violation, audit finding, ineffective controls
Qualifications: Basic Qualifications : - High School Diploma, GED or Equivalent Certification, or Military experience - At least 4 years experience in Risk Management - 3 years experience in SOX testing Preferred Qualifications : - College Degree in Information Technology - Working knowledge of IT operations (Network ops, Hosting, Storage, etc) - Hands on experience with at least one of the following aspects information Security - application security, network security, identity and access management, third party security, etc. or enterprise architecture experience - 3 years experience in SOX testing - Ability to present to senior leaders and influence individuals and project teams - 2 years experience in Audit support or management - CISSP, CRISC, CRCM, CAMS, CISA, or CIPP Risk Management Certification - Application Security or vulnerability management experience - 2 years experience in Project management
At this time, Capital One will not sponsor a new applicant for employment authorization for this position. No agencies please. Capital One is an equal opportunity employer committed to diversity in the workplace. Capital One promotes a drug-free workplace. All qualified applicants will receive consideration for employment without regard to sex, race, color, religion, national origin, protected veteran status, or disability status. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; Newark, New Jersey Ordinance 12-1630; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries.
Job: Information TechnologyEstimated Salary: $20 to $28 per hour based on qualifications.
Capital One
Title: Sr. Manager, Info Sec Analysis (USA)
Location: United States-Virginia-Glen Allen-Richmond-North Shore I (12045)
Other Locations: United States-Virginia-Richmond
Job Number: 765249
Description Information Security and Risk Management is seeking an experienced, highly motivated risk and security manager. The ideal candidate will have strong strategic and integrative thinking skills as well as good organizational and communication skills to work with diverse business areas in the risk management and Information Security space. This role involves both managing various aspects of risk and compliance management as well as an understanding and application of Information Security requirements for LOB initiatives by identifying, developing, leading and implementing corrective actions where needed. This includes enhancing and implementing consistent frameworks, performing risk assessments and managing applications and customer expectations for delivery of products. It will be crucial for the candidate to apply business, technical and industry knowledge to assess business risk, identify key controls, and perform risk based testing of IT application controls. Position will be filled in Richmond supporting the Commercial Bank. -Information Security Consultant Responsibilities - Serve as key point of contact for department on matters involving Information Security Services/processes and work with business partners to improve understanding key Information Security processes - Ensure understanding of key department initiatives/projects and ensure Information Security requirements have been delivered/reviewed for the entire portfolio - Demonstrate ability to understand project technical requirements and provide mitigating controls to ensure adherence with Information Security policies and standards. - Ensure the appropriate Information Security resources are identified and aligned with department initiatives and ensure resources issues are escalated appropriately - Perform post validation of department projects and ensure that Information Security requirements have been met and gaps are identified and remediated Risk Management Responsibilities - SOX Control - ensure appropriate controls are in place, test steps are accurate and narrative documentation is current; during tests provide oversight with designees and accountable executives - Provide strategic insight towards developing and evolving the Risk and Controls function. Lead teams to enhance performance and achieve targets - Risk Management - Accountable for the day-to-day implementation of risk management activities to ensure the delivery of quality and cost-efficient services to customers; develop appropriate mitigation activities with SMEs; Manage updates/implementation; Recommend course of action to VP ; Annual risk review; Risk trending exercises - Control Management - support quarterly testing within the division, including updates to divisional controls and processes and Standard controls owned as direct result of policy ownership - Audit Management - Facilitate audits working with Corporate Audit Services and the Audittee Leadership teams - Audit Management - Prepare for, coordinate, and respond to internal and external audits including Quarterly OCC updates for division - Ensure that IT Division supported is compliant with all Enterprise Policies and Standards - Implement new compliance or risk initiatives sponsored at a corporate or division level - Create and disseminate reporting and metrics related to the risk environment. - Identify and resolve problems resulting in a regulatory violation, audit finding, ineffective controls
Qualifications: Basic Qualifications : - High School Diploma, GED or Equivalent Certification, or Military experience - At least 4 years experience in Risk Management - 3 years experience in SOX testing Preferred Qualifications : - College Degree in Information Technology - Working knowledge of IT operations (Network ops, Hosting, Storage, etc) - Hands on experience with at least one of the following aspects information Security - application security, network security, identity and access management, third party security, etc. or enterprise architecture experience - 3 years experience in SOX testing - Ability to present to senior leaders and influence individuals and project teams - 2 years experience in Audit support or management - CISSP, CRISC, CRCM, CAMS, CISA, or CIPP Risk Management Certification - Application Security or vulnerability management experience - 2 years experience in Project management
At this time, Capital One will not sponsor a new applicant for employment authorization for this position. No agencies please. Capital One is an equal opportunity employer committed to diversity in the workplace. Capital One promotes a drug-free workplace. All qualified applicants will receive consideration for employment without regard to sex, race, color, religion, national origin, protected veteran status, or disability status. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; Newark, New Jersey Ordinance 12-1630; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries.
Job: Information TechnologyEstimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
