Global Payments Network Risk Program Manager

Global Payments Network Risk Program Manager Capital One is one of the fastest growing organizations in the world today. The growth of the business is accelerated by leveraging innovative and emerging technologies. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years, fully exiting our data centers. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity and managing technology risk. Technology and Data Risk Management (TDRM) are trusted expert advisers who shape decisions, challenge activities to ensure they meet our standards, and generally oversee technology, data and information security risk across the business and the central technology organization. TDRM is a second line organization, which means it is independent and reports up through the Chief Enterprise Risk Officer. TDRM plays a critical role in ensuring that the company’s risk-taking entities are aware of the risks inherent in their activities and decisions, the impact of their actions on the company at an enterprise level, and opportunities to reduce, mitigate or avoid the risks altogether. As a Manager, Risk Program Management on TDRM’s GPN advisory and oversight team, you will coordinate execution and create visibility for the team’s work drive execution, governance, and transparency across a complex portfolio of technology and cyber risk initiatives. Responsibilities include enabling actionable status reporting and tracking, driving capacity planning, and championing better agile use across the team establishing scalable program structures that enable effective oversight of risk assessments, remediation tracking, and portfolio health reporting This role will be responsible for developing tools/templates to help the team be more efficient in projecting and tracking their work, designing and maintaining portfolio governance tools, metrics, and operating mechanisms that strengthen risk visibility and forecasting accuracy, and leading the team to further levels of agile maturity within a second-line risk environment. As a member of a growing organization, you are expected to shape and further refine the GPN risk oversight team, and will have the opportunity to operate with both autonomy and empowerment from senior leadership. The demands and high-visibility nature of this position require an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Desired Outcomes: Building relationships, collaborating, and communicating directly with practice leads and senior leaders to manage the intake, prioritization and strategic alignment of technology and data risk initiatives Designing, developing, and managing risk portfolio governance processes, including capacity & demand views within a complex and dynamic environment to improve coverage transparency, dependency management, and risk prioritization Partnering with agile teams to integrate risk oversight, assessment timing, and remediation tracking into sprint planning and quarterly delivery cycles Partnering cross-functionally with team members and stakeholders to understand pain points and implement tailored process improvement solutions that address those pain points Implementing, maintaining and providing key metrics that further inform the health of the portfolio and leadership decision making, including as the team’s champion for OKRs (Objectives and Key Results) Streamline reporting against team objectives and KPIs (Key Performance Indicators) in monthly reports to senior leadership Build and champion well-managed agile delivery practices that enable seamless flow of second-line risk advisory and assessment activities aligned to first-line technology delivery timelines Partner with team members to ensure appropriate escalation when things are past due or there are obstacles, providing an early warning when things are off track Establish a mechanism for operational continuous improvement (e.g., lessons learned) Execute annual risk coverage planning aligned to enterprise risk priorities, regulatory expectations, and emerging technology risk themes Lead a quarterly review of changes in risk factors that will drive prioritization decisions for the team A successful candidate will have: Deep focus on execution, follow-through, accountability, and measurable risk outcomes Strong communication to stakeholders at all levels across the company to enable transparency and timely information sharing Proven critical thinking skills, including and the ability to express a point of view supported by data Comfort raising concerns early and knows when to escalate, including the ability to raise issues and facilitate constructive problem solving at all levels of the organization Ability to collaborate effectively with colleagues, stakeholders, and leaders across multiple organizations to get consensus, socialize strategy, and achieve objectives Personal resilience - the ability to stay optimistic and keep people focused during times of change Willingness to learn and an intellectual curiosity to better understand technology risk management processes to identify areas for improvement Experience designing governance structures and operating models that tailor agile delivery methodologies to risk oversight and second-line advisory environments Adept at providing structure and organization in a complex environment