Senior Manager, Risk Management - Policy Analyst

Senior Manager, Risk Management - Policy Analyst Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, software quality, and data management. Technology & Data Risk Management (TDRM) is a small organization that packs a big punch. The ~200 professionals in TDRM are trusted experts who oversee ~14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk, and data management risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. For years, the cybersecurity community has debated whether the CISO should report to the CIO or not. In regulated financial services, the answer is: both. The first-line CISO has operational responsibilities and reports to the CIO. The second-line Chief Tech Risk Officer (CTRO) and the Tech & Data Risk Management (TDRM) organization have broader responsibilities for cybersecurity but also reliability, software quality, resilience, and the risk of failing to manage our data. The CTRO is independent and oversees the work of the CISO, the CIO/CTO, and the Chief Data Officer. The CTRO reports to the Chief Risk Officer, who reports directly to the CEO. Our business leaders must make technology decisions constantly. TDRM makes sure they have the tech and data risk information they need to make good decisions. Associates within TDRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, data analyst, data scientist, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. The Senior Manager for data policy will play a critical role in shaping and managing the organization’s data risk management policies. The lead will engage stakeholders across the organization to ensure our policies align to best practices, have measurable and achievable requirements, and reflect how the organization manages data risk. The senior manager will apply their knowledge of data risk and policy governance to manage policies and provide guidance on adherence. The senior manager will partner closely with associates and executives within the first and second lines of defense such as the Technology and Cyber organizations, Enterprise Data, Divisional Data Risk Officers, Operational Risk Management, and others. The ideal candidate: Has a strong foundation in data risk management and policy development Demonstrates keen judgment along with strategic and tactical leadership skills Is an excellent communicator, particularly written communication (memos & slide decks) Brings extreme attention to detail, sense of accountability, and ability to follow through on time-sensitive deliverables to own their full portfolio of work Is adept at managing stakeholder engagements and building relationships across all levels of the organization and across lines of defense Sets direction, manages expectations, and indirectly leads cross-functional teams.