Please login/register to apply for this job.
6 May 2022

Full-Time R136869 Senior Manager, Technology Risk Controls Program

Capital One – Posted by Dutton New York, New York, United States

Job Description

As a Senior Manager in the Technology Risk Controls Program in Capital One’s Enterprise Services Risk team you will be responsible for working with technology, cyber, and other teams in both the first and second lines of defense to identify and consult on potential risks to Capital One, applying your risk or process management and analytical skills to help Enterprise Services continue to drive well-managed risk activities. If you are curious and eager to learn new things, love problem solving, have a deep reverence for risk and process management and love to have fun at work, this may be the role for you!

Risk Management Senior Managers at Capital One are highly motivated risk and process management professionals with excellent analytical, organizational, and communication skills. These skills allow the Senior Manager to gain insights, and act as a change agent to influence their business partners. As Capital One evolves to meet the ever-changing technology landscape, so do our risk managers. A successful risk and process manager operates from a foundation of knowledge about the Line of Business with whom they are working, laws, regulations, processes and associated controls, and good risk management practices. They are forward thinking, quick to adapt, and technologically adept.

Senior Managers have a high level of exposure across lines of business and have the opportunity to work with executives to create and implement innovative solutions to appropriately manage risks within Enterprise Services.

The ideal candidate will be a highly-motivated risk or process management professional with excellent process improvement and communication skills. The candidate will be detail-oriented and results focused, and will have a proven record of problem solving and collaborating with others, including direct and indirect leadership positions.



  • Support a blended team of internal and external risk professionals as they perform IT General Controls testing across a broad range of technology functions, including:

    • Software Development Life Cycle (SDLC)

    • IT Asset Management

    • Network & Perimeter Security

    • Cloud & Infrastructure Security

    • Vulnerability Management

    • Cyber & Information Security

  • Testing responsibilities may include: developing test strategies and test plans, identifying and documenting control findings/issues, recommending enhancements to controls, and consistently and proactively updating senior leadership on testing impediments

  • Analyze control testing results identified by testing teams, ensuring testing documentation is sufficient to support control conclusions, meets enterprise testing standards, and is recorded properly in the team’s testing repository.

  • Evaluate control deficiencies by performing root cause analysis, develop short- and long-term remediation plans, and provide guidance to control owners on best practices to ensure remediation implementation mitigates the risks identified in testing.

  • Participate in Technology Control test planning exercises, in order to align testing commitments with staffing availability, team skills, development opportunities, and in line with regulatory commitments on timing and quality.

  • Respond to inquiries from 2nd Line of Defense and Internal Audit on methodology, approach, and conclusions reached during testing in a manner that is defensible, credible, and consistent with industry standards and regulatory expectations.

  • Helps to enhance technology and cybersecurity risk identification and assessment processes across Capital One by providing thought leadership, oversight, and coordination with other risk management activities across the company.

  • Supports development of content in response to Internal Audit and Regulatory agencies related to controls testing results, trends, and thematic analysis.

  • Analyzes testing information to proactively identify risks, trends, and process improvements; supports reporting on risk topics to management

  • Assists and drives project and program delivery, including project and process management, reporting, facilitation of senior leadership meetings, drafting and reviewing materials for senior management and the Board of directors, and other governance activities.

Basic Qualifications:

  • Bachelor’s Degree or Military experience

  • At least 7 years of risk management, compliance, regulatory, audit, or legal experience

  • At least 5 years of process or project management experience

  • At least 5 years of information technology or cybersecurity experience

  • At least 5 years of experience in controls development, controls management, and reporting activities

  • Related professional certifications including Certified in Risk & Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP)

Preferred Qualifications:

  • 7 + years or more of experience information technology or cybersecurity

  • 5 + years or more of experience in responding to and interacting with internal audit and/or regulatory agencies

  • 2 + years or more of People leadership experience


At this time, Capital One will not sponsor a new applicant for employment authorization for this position.

How to Apply

Please apply using this link!

Job Categories: LGBT. Job Types: Full-Time. Job Tags: #risk; #enterpriserisk; #capitalone; #NY; #Richmond; #Mclean. Salaries: Not Disclosed.

Job expires in 27 days.

32 total views, 1 today

Apply for this Job