Global Payments Network Tech Risk Advisor

About The Position

Requirements

• Bachelor’s degree or military experience
• At least 5 years of experience managing, consulting, or auditing
• At least 5 years of experience working in the fields of cybersecurity, technology, or risk management
• At least 5 years of experience with cybersecurity or technology risk assessments
• Professional Security Certification or Professional Risk Management Certification (Certified Information Systems Security Professional (CISSP), or Certified Information Systems Auditor (CISA), or Certified Information Security Manager (CISM), or Certified in Risk and Information Systems Control (CRISC), or Open FAIR Certified)

Nice To Haves

• Master’s degree
• Prior experience working directly within or extensively collaborating with the technology and/or operations teams of a major global payment network (e.g., Visa, Mastercard, American Express), understanding their unique operational models and resilience challenges.
• At least 5 years of experience in a second-line or oversight role at a financial institution or regulatory agency
• Knowledge of, or experience working with agile methodology and tools (Jira or Confluence)
• Knowledge of National Institute of Standards and Technology Cybersecurity Framework (NIST CSF)

Responsibilities

• Advisory/Team Responsibilities Be a trusted advisor and subject matter expert in your assigned Lines of Business Guide/drive effective and relevant risk conversations with Line of Business leadership and their teams to enable meaningful insights into key technology and cybersecurity risks (e.g., aligning to or providing insights in support of strategic priorities or objectives for the business, increasing risk accountability and visibility)
• Communicate in a compelling manner, with a strong point of view, to any audience, including internal and external stakeholders Strong knowledge and proficiency in risk management skills (i.e., risk analysis and assessment, risk management, risk communication, risk quantification, threat modeling, and technical writing)
• Navigate regulatory and compliance requirements as an approachable and effective partner to develop solutions in response to Line of Business focus areas Collaborate effectively and build trusted relationships with colleagues, stakeholders, and leaders across multiple organizations to achieve objectives.
• Coordinate project-related activities and deliverables to ensure effective collaboration, teamwork, and influence with and beyond the immediate team and across stakeholder groups.
• Operate a continuous improvement approach by reviewing and challenging the design and operation of processes Support assessments for senior management and other stakeholders, to include regulatory agencies and the Board of Directors, as needed.
• Core Risk Assessment Responsibilities Perform the review and effective challenge of technology and cybersecurity risks through business-driven assessment activities (e.g., risk and control self assessment (RCSA) activities, scenario analysis, new products and services, etc.), to include providing expertise and advice on risk themes and mitigation strategies
• Monitor, report, and escalate metric performance, identify changes or trends in the risk profile, and brief senior management Perform the review and effective challenge of Capital One’s enterprise cybersecurity capability maturity assessments through first-line assessment activities (i.e., NIST CSF assessments)
• Connect the dots across assessments to inform decision-making and strategic investments.

Benefits

• Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website.