Senior Manager, Risk Management - Regulatory Engagement Lead

Senior Manager, Risk Management - Regulatory Engagement Lead Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, software quality, and data management. Technology & Data Risk Management (TDRM) is a small organization that packs a big punch. The ~200 professionals in TDRM are trusted experts who oversee ~14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk, and data management risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. For years, the cybersecurity community has debated whether the CISO should report to the CIO or not. In regulated financial services, the answer is: both. The first-line CISO has operational responsibilities and reports to the CIO. The second-line Chief Tech Risk Officer (CTRO) and the Tech & Data Risk Management (TDRM) organization have broader responsibilities for cybersecurity but also reliability, software quality, resilience, and the risk of failing to manage our data. The CTRO is independent and oversees the work of the CISO, the CIO/CTO, and the Chief Data Officer. The CTRO reports to the Chief Risk Officer, who reports directly to the CEO. Our business leaders must make technology decisions constantly. TDRM makes sure they have the tech and data risk information they need to make good decisions. Associates within TDRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, data analyst, data scientist, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. The Regulatory Engagement Lead will play a critical role in supporting the organization throughout the lifecycle of audits and regulatory exams and engagements. The lead will oversee the internal execution of examination activities, including developing materials for, and responses to, all audit and regulatory engagements and monitoring corrective actions and ensuring they are on track for appropriate and timely mitigation. The lead will apply their knowledge of rules and regulations in the technology, information security, and data domains to identify potential areas of risk . The lead will partner closely with associates and executives within the first and second lines of defense such as the Technology and Cyber organizations, Regulatory Relations, Operational Risk Management, and others. The ideal candidate: Has a strong foundation in risk management and understands risk frameworks, particularly as it relates to financial services Demonstrates keen judgment along with strategic and tactical leadership skills Is an excellent communicator, particularly written communication (memos & slide decks) Brings extreme attention to detail, sense of accountability, and ability to follow through on time-sensitive deliverables to your full portfolio of work Is adept at managing stakeholder engagements and building relationships across all levels of the organization and across lines of defense Stays current on the changing domestic and international regulatory environment and understands the impacts to Tech and Data Risk Management; Analyzes information to proactively identify risks, trends, and process improvements; including reporting on risk topics to management; Sets direction, manages expectations, and indirectly leads cross-functional teams.