Center 1 (19052), United States of America, McLean, Virginia
Director, Product Security - Information Security Office
At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information Security and Risk Management. You are pragmatic and practical in your understanding of risk and security, but also willing to know when to pull in experts and escalate. You collaborate and innovate with other teams within Capital One to push the envelope. As part of the Information Security Office and Product Security team, you will lead the Integration capability team responsible for the governance, oversight and operational excellence functions, enabling the teams to effectively and consistently deliver ISO and Product Security services to their customers.
You understand the needs of the unique teams and ensure that they have the tools and structure needed to operate without roadblocks, support their customers, and meet regulatory reporting requirements. You collaborate and liaise on behalf of the Information Security Office with the Cyber Department to allow the Department and Capital One to innovate and push the envelope.
Responsibilities:
Act as a central point of contact for your capability to the rest of Capital One's Information Security and Risk Management.Lead the Integration team and coordinate proactive operational support to the Product Security capability teams, including Assurance, Advisory, Risk Operations.Influence Information Security Office and Product Security capability teams to leverage best practices and standards, ensure governance and oversight of ISO services.Lead Quality assurance of ISO services, proactively identify gaps and drive remediation to improve service quality and audit preparedness.Lead Product Security governance and leadership forums and drive meeting agendas and presentations.Be a champion for the adoption of Agile principles within Product Security.Provide ad hoc support on special Information Security Office/Product Security hot topics.Provide regular updates, draft ISO-wide and executive leadership level memos and communications on the overall Product Security health and risk environment.Work with divisional Information Security Office teams leadership to anticipate their objectives and needs to better serve Product Security services.Participate in functional communities of practice to ensure consistency across Information Security Office teams.Provide support on agenda and materials development and execution of Product Security PI planning, meetings and events.Be knowledgeable about Capital One's Information Security offerings, policies, procedures and standards.About You:
You have a desire to work in a very fast moving, forward leaning, and modern computing environment.You have a deep passion for Securing modern computing platforms.You have a strong desire to continually learn about new technologies.You possess strong conceptual thinking and communication skills.You are able to work well under minimal supervision.You are a demonstrated leader with team-oriented interpersonal skills and the ability to interface effectively with a broad range of people and roles, including upper management, IT leaders, and technology vendors.You maintain calmness and clarity of thought under pressure and ability to maintain confidentiality.You have a deep understanding of strategic business objectives and the ability to drive results toward those objectives.Basic Qualifications:
Bachelor's Degree.At least 7 years of experience in cybersecurity or information technology.At least 7 years of experience in security governance or risk management.At least 5 years of experience in people management.Preferred Qualifications:
Master's Degree in Computer Science, Information Systems, or Engineering.10+ years of experience in Cybersecurity or Technology risk strategy and governance.5+ years experience with public cloud (AWS, GCP, Azure).5+ years experience utilizing Agile methodologies.4+ years experience with knowledge management tools (Confluence, JIRA).3+ years of financial services industry experience.Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA).3+ years experience in a regulated environment.At this time, Capital One will not sponsor a new applicant for employment authorization for this position.
Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.
This role is expected to accept applications for a minimum of 5 business days. No agencies please. Capital One is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex (including pregnancy, childbirth or related medical conditions), race, color, age, national origin, religion, disability, genetic information, marital status, sexual orientation, gender identity, gender reassignment, citizenship, immigration status, protected veteran status, or any other basis prohibited under applicable federal, state or local law.
For technical support or questions about Capital One's recruiting process, please send an email to ...@capitalone.com.
#J-18808-Ljbffr