Sr. Director, Information Security Officer
Company: Capital One
Location: Charlottesville
Posted on: November 12, 2024
Job Description:
Center 1 (19052), United States of America, McLean, VirginiaSr.
Director, Information Security OfficerCybersecurity is essential to
what we do at Capital One, from protecting our customers to our
associates. As part of the Information Security Office, you are
passionate about security and risk management. You see security as
an enabler and differentiator to enable the business through
innovation, not a step in the compliance process. You are pragmatic
and practical in your understanding of risk and security, but also
willing to know when to pull in experts and escalate. You
collaborate and innovate with other teams within Capital One to
push the envelope. As Senior Director, Information Security
Officer, you will work with the business and technology partners to
achieve goals and objectives in a secure manner with a heavy
forward lean on modern software and technology architectures. At
Capital One, you will help advise on strategic initiatives,
programs, and projects to create business value in a risk-based and
agile manner. - You will lead a team of talented and experienced
Information Security professionals delivering product security
advisory services to a line of business portfolio. - You are
pragmatic and practical in your understanding of security and
associated risks, but also willing to know when to collaborate with
experts and escalate as required. - You believe in making the
secure way easy and see yourself as an advocate in the value of
data driven business decisions and products. - You are comfortable
with modern software, big data ecosystems, and cloud based
technologies as well as associated protective
methods.Responsibilities:
- Be a leader at a premiere technology and financial services
company
- Lead a team of Product Security advisory professionals,
responsible for Divisional cyber strategy integration and
execution, identification and management of risk for top business
initiatives and technology platforms, threat and vulnerability
management, incident management, supply chain cyber risk
management, cyber risk oversight and reporting.
- Deliver Cyber agenda and integration of Information Security
within business objectives for line of business area
- Serve as the central point of contact for your line of business
technology executives into Capital One's Cyber risk management
priorities
- Educate and influence executive leadership and associates to
effectively leverage security capabilities and solutions to
mitigate risks and emerging threats
- Provide security expertise on prioritizing and managing
information security risks and initiatives
- Escalate and manage cyber security risk
- Provide regular updates to executive leadership with your line
of business on the overall information security health and risk
environment
- Work with business leadership to anticipate their objectives
and needs to better serve them
- Be an advocate for security and an advocate for the business
and digital innovation. - Instills a culture that works toward the
highest standards in cyber (safeguard the business) while ensuring
that business requirements are understood and adhered to (enabling
the business).
- Plays a key leadership role within Cyber's community of
leaders, drives innovation activity as an outcome; partner
extensively with other Cyber and Technology organizations to derive
solutions enabling industry leading products
- Build relationships and influence with risk management
functions across lines of defense
- Become knowledgeable and advise on Capital One's Cyber's
services, policies, procedures and standards
- Staying current on the changing regulatory environment and
understanding the impacts to the organization
- Recruits, develops, and retains top talent, and uses excellent
people leadership skills. -
- Build your team to provide top-notch information security and
risk management expertise and guidanceAbout You:
- You are a demonstrated leader with team-oriented interpersonal
skills and the ability to interface effectively with a broad range
of people and roles, including business executives, technology
leaders, and enterprise suppliers
- You are a focused individual who thrives in a fast-paced,
dynamic, and collaborative team environment.
- You have a deep passion for securing forward leaning, modern
computing platforms
- You are comfortable with technologies and innovation including,
Generative AI, Data Lakes, Cloud Services, Containers,
Microservices, Serverless, APIs, DevOps, Encryption and Zero
Trust
- You have a strong desire to continually learn about new
technologies
- You enjoy leveraging your engineering experience to problem
solve and continually learn new technology concepts to solve
issues. -
- You display strong judgment, data/risk based decisioning,
leadership, integrity, and communication skills. -
- You are able to tailor communications and analysis to the
intended audience. -
- You have a passion and expertise in cybersecurity, with an
ability to be confident, respectful, and articulate when
registering dissenting or unpopular opinions.
- You maintain calmness and clarity of thought under pressure and
ability to maintain confidentiality
- You are able to work well under minimal supervision
- You have a deep understanding of strategic business objectives
and the ability to drive results toward those objectives
- You have the ability to describe the risks of a security
exposure or vulnerability in business-impact termsBasic
Qualifications:
- Bachelor's degree
- At least 9 years of experience in Information Security
- At least 7 years of experience in people management
- At least 5 years of experience with cyber policies, standards,
and procedures
- At least 5 years of experience in securing public cloud
environments and services (AWS, GCP, Azure)Preferred
Qualifications:
- Masters degree or PhD in Computer Science, Information Systems,
or Engineering
- 10+ years experience in technology and cybersecurity risk
- 8+ years experience in leading applications security,
vulnerability management and incident response -
- 8+ years experience performing security risk assessments
- 5+ years experience working with industry frameworks and
compliance requirements (NIST CSF, FFIEC CAT, CIS RAM, FAIR, PCI
DSS)
- 3+ years experience with information technology audit or
compliance management
- 2+ years experience utilizing agile methodologies within DevOps
environments
- Industry-recognized professional certifications such as
Certified Information Systems Security Professional (CISSP),
Certified Cloud Security Professional (CCSP), AWS Certified
Solutions Architect, Certified Information Security Manager
(CISM)
- 4+ years experience in a regulated environment
- 2+ years experience in financial services industryAt this time,
Capital One will not sponsor a new applicant for employment
authorization for this position. -Capital One offers a
comprehensive, competitive, and inclusive set of health, financial
and other benefits that support your total well-being. Learn more
at the -. Eligibility varies based on full or part-time status,
exempt or non-exempt status, and management level.This role is
expected to accept applications for a minimum of 5 business days.No
agencies please. Capital One is an equal opportunity employer
committed to diversity and inclusion in the workplace. All
qualified applicants will receive consideration for employment
without regard to sex (including pregnancy, childbirth or related
medical conditions), race, color, age, national origin, religion,
disability, genetic information, marital status, sexual
orientation, gender identity, gender reassignment, citizenship,
immigration status, protected veteran status, or any other basis
prohibited under applicable federal, state or local law. Capital
One promotes a drug-free workplace. Capital One will consider for
employment qualified applicants with a criminal history in a manner
consistent with the requirements of applicable laws regarding
criminal background inquiries, including, to the extent applicable,
Article 23-A of the New York Correction Law; San Francisco,
California Police Code Article 49, Sections 4901-4920; New York
City's Fair Chance Act; Philadelphia's Fair Criminal Records
Screening Act; and other applicable federal, state, and local laws
and regulations regarding criminal background inquiries.If you have
visited our website in search of information on employment
opportunities or to apply for a position, and you require an
accommodation, please contact Capital One Recruiting at
1-800-304-9102 or via email at . All information you provide will
be kept confidential and will be used only to the extent required
to provide needed reasonable accommodations.For technical support
or questions about Capital One's recruiting process, please send an
email to Capital One does not provide, endorse nor guarantee and is
not liable for third-party products, services, educational tools or
other information available through this site.Capital One Financial
is made up of several different entities. Please note that any
position posted in Canada is for Capital One Canada, any position
posted in the United Kingdom is for Capital One Europe and any
position posted in the Philippines is for Capital One Philippines
Service Corp. (COPSSC).
Keywords: Capital One, Washington DC , Sr. Director, Information Security Officer, Executive , Charlottesville, DC
Didn't find what you're looking for? Search again!
Loading more jobs...