Database Administrator 2 Business Affairs: University IT (UIT), Redwood City, California, United States New Information Technology Services 1 day ago Post Date 108019 Requisition # Employer: The Leland Stanford Jr University Position Title: Database Administrator 2 Position Description : Design, implement, and support hybrid and cloud-based middleware and database infrastructure for secure, scalable, and highly available enterprise applications. Manage on-premises and cloud environments (AWS/Oracle Cloud), focusing on middleware platforms such as WebLogic, Apache/Tomcat, Oracle Fusion Middleware, and SOA Suite. Lead modernization of legacy applications by migrating to AWS EC2/ECS environments using containerization technologies like Docker and Kubernetes. Support the transition to cloud-native platforms, enhancing system agility and maintainability. Administer and optimize relational and NoSQL databases (Oracle, PostgreSQL, MongoDB), covering performance tuning, schema design, backup/recovery, and security hardening. Ensure compliance with institutional data governance and security requirements. Develop and maintain CI/CD pipelines using tools such as Jenkins and GitLab. Automate application deployment, monitoring, and patch management workflows using scripting languages like Python and Shell to improve reliability and reduce manual effort. Provide 24/7 production support for mission-critical systems, including troubleshooting JVM and OS-level issues, root cause analysis, and maintaining SLAs for uptime and performance. Design and enforce disaster recovery strategies and failover mechanisms. Collaborate with cross-functional teams (developers, researchers, DevOps engineers) to implement scalable, secure solutions aligned with academic and operational goals. Hybrid - two days a week in office. May telecommute within area of intended employment at employer's discretion. Requirements : Bachelor's degree in Computer Science Engineering or related field and 8 years of experience as application administrator, database administrator or related occupation in application & database administration, or Masters degree in Computer Science Engineering or related field and 6 years of experience. Must possess eight years' experience with a Bachelor's or six years' experience with a Master's in each of the following: Deploy and support middleware stacks (WebLogic, Apache, Oracle SOA Suite) in AWS and Oracle Cloud environments with a focus on availability, security, and scalability. Migrate legacy systems to cloud-native containers using Docker, Kubernetes, and modern orchestration tools. Design and maintain AWS, Terraform, and CI/CD pipelines (Jenkins, GitLab) to streamline deployments, monitoring, and patching processes. Manage Oracle, PostgreSQL, and MongoDB databases with experience in tuning, backups, schema changes, and security hardening. Build Python and Shell scripts to automate routine operations, deployment tasks, and system monitoring. Analyze system and application performance; implement fixes to reduce latency and improve throughput. Remediate vulnerabilities and enforce secure configurations across applications, middleware, and databases. Must possess experience providing 24/7 support for mission-critical apps, diagnose infrastructure issues, and maintaining high availability and performance SLAs. The expected pay for this position is $140,600-$174,923 per annum. Stanford University provides pay ranges representing its good faith estimate of the salary or hourly wage the university reasonably expects to pay for a position upon hire. The pay offered to a selected candidate will be determined based on factors such as (but not limited to) the scope and responsibilities of the position, the qualifications of the selected candidate, departmental budget availability, internal equity, geographic location and external market pay for comparable jobs. At Stanford University, base pay represents only one aspect of the comprehensive rewards package. The Cardinal at Work website ( ) provides detailed information on Stanford's extensive range of benefits and rewards offered to employees. Specifics about the rewards package for this position may be discussed during the hiring process. Location of Position: 505 Broadway, Redwood City, CA 94063. Hybrid- two days a week in office. May telecommute within area of intended employment at employer's discretion. Send CV to . Use reference job code Req Additional Information Schedule: Full-time Job Code: 4762 Employee Status: Regular Grade: K Requisition ID: 108019 Work Arrangement : Hybrid Eligible
01/15/2026
Full time
Database Administrator 2 Business Affairs: University IT (UIT), Redwood City, California, United States New Information Technology Services 1 day ago Post Date 108019 Requisition # Employer: The Leland Stanford Jr University Position Title: Database Administrator 2 Position Description : Design, implement, and support hybrid and cloud-based middleware and database infrastructure for secure, scalable, and highly available enterprise applications. Manage on-premises and cloud environments (AWS/Oracle Cloud), focusing on middleware platforms such as WebLogic, Apache/Tomcat, Oracle Fusion Middleware, and SOA Suite. Lead modernization of legacy applications by migrating to AWS EC2/ECS environments using containerization technologies like Docker and Kubernetes. Support the transition to cloud-native platforms, enhancing system agility and maintainability. Administer and optimize relational and NoSQL databases (Oracle, PostgreSQL, MongoDB), covering performance tuning, schema design, backup/recovery, and security hardening. Ensure compliance with institutional data governance and security requirements. Develop and maintain CI/CD pipelines using tools such as Jenkins and GitLab. Automate application deployment, monitoring, and patch management workflows using scripting languages like Python and Shell to improve reliability and reduce manual effort. Provide 24/7 production support for mission-critical systems, including troubleshooting JVM and OS-level issues, root cause analysis, and maintaining SLAs for uptime and performance. Design and enforce disaster recovery strategies and failover mechanisms. Collaborate with cross-functional teams (developers, researchers, DevOps engineers) to implement scalable, secure solutions aligned with academic and operational goals. Hybrid - two days a week in office. May telecommute within area of intended employment at employer's discretion. Requirements : Bachelor's degree in Computer Science Engineering or related field and 8 years of experience as application administrator, database administrator or related occupation in application & database administration, or Masters degree in Computer Science Engineering or related field and 6 years of experience. Must possess eight years' experience with a Bachelor's or six years' experience with a Master's in each of the following: Deploy and support middleware stacks (WebLogic, Apache, Oracle SOA Suite) in AWS and Oracle Cloud environments with a focus on availability, security, and scalability. Migrate legacy systems to cloud-native containers using Docker, Kubernetes, and modern orchestration tools. Design and maintain AWS, Terraform, and CI/CD pipelines (Jenkins, GitLab) to streamline deployments, monitoring, and patching processes. Manage Oracle, PostgreSQL, and MongoDB databases with experience in tuning, backups, schema changes, and security hardening. Build Python and Shell scripts to automate routine operations, deployment tasks, and system monitoring. Analyze system and application performance; implement fixes to reduce latency and improve throughput. Remediate vulnerabilities and enforce secure configurations across applications, middleware, and databases. Must possess experience providing 24/7 support for mission-critical apps, diagnose infrastructure issues, and maintaining high availability and performance SLAs. The expected pay for this position is $140,600-$174,923 per annum. Stanford University provides pay ranges representing its good faith estimate of the salary or hourly wage the university reasonably expects to pay for a position upon hire. The pay offered to a selected candidate will be determined based on factors such as (but not limited to) the scope and responsibilities of the position, the qualifications of the selected candidate, departmental budget availability, internal equity, geographic location and external market pay for comparable jobs. At Stanford University, base pay represents only one aspect of the comprehensive rewards package. The Cardinal at Work website ( ) provides detailed information on Stanford's extensive range of benefits and rewards offered to employees. Specifics about the rewards package for this position may be discussed during the hiring process. Location of Position: 505 Broadway, Redwood City, CA 94063. Hybrid- two days a week in office. May telecommute within area of intended employment at employer's discretion. Send CV to . Use reference job code Req Additional Information Schedule: Full-time Job Code: 4762 Employee Status: Regular Grade: K Requisition ID: 108019 Work Arrangement : Hybrid Eligible
Professional Technology Integration, Inc.
Hartford, Connecticut
Position: Full Stack .NET Developer (Ref: 18040) Location: Hartford, CT United States, 06103 Salary: DOE Duration: 1 Years 5 Months 15 Days - Contract Openings: 2 Deadline: 01/23/2026 Description: Local Candidates Hybrid onsite 2 days/eek We are seeking a .NET Developer who will implement and maintain server side and UI components as part of a legacy-to-modernization effort. The project targets .NET Framework 4.8 and uses Visual Studio 2022 for development. This role focuses on full stack application development (server and UI), database integration, ETL/SSIS collaboration, performance and security hardening, and CI/CD support within an Agile Scrum team. Integrations are implemented via direct database access, SSIS/ETL, file interfaces, and scheduled jobs. Key Deliverables Implemented user stories with server and UI components. Technical design documents, UI mapping, and runbooks for operational support. Database schema updates, stored procedures, and performance tuning changes. SSIS/ETL coordination artifacts and integration test results. Unit/integration test artifacts and CI pipeline results in Azure DevOps. Deployment artifacts, pipeline definitions, and rollback/runbook documentation. Status reports, defect logs, and knowledge transfer materials. Requirements Analysis & Documentation Collaborate with product owners, business stakeholders, and architects to elicit, analyze, and document technical and functional requirements. Translate business requirements into developer tasks, acceptance criteria, and Azure DevOps work items. Produce and maintain technical design notes, screen/interface mappings, and operational runbooks. Application Development & Implementation Design, implement, and refactor serverside components using C# and ASP.NET MVC targeting .NET Framework 4.8. Build and maintain Razor views and client behaviors using HTML5, CSS3, JavaScript, jQuery, and Bootstrap. Implement business logic, background jobs, scheduled tasks (Windows services / Task Scheduler), and server-side processing without introducing API layers. Use Entity Framework or (link removed) and stored procedures for direct database access and transactional logic. Participate in code reviews and enforce coding standards, security, and maintainability best practices. Database, Integration & ETL Collaboration Work with Azure SQL / SQL Server schema, stored procedures, indexing and performance tuning. Collaborate with data engineers on SSIS packages, ETL processes, and file-based interfaces; validate integration points and data flows. Implement data access patterns that support migration validation and referential integrity checks. Quality, Performance & Security Profile and resolve performance issues; implement caching, batching, and asynchronous processing where appropriate. Apply secure coding practices; implement authentication/authorization used by the project (Windows auth, Forms auth, or Azure AD as applicable). Assist with operational support: logging, monitoring, diagnostics and incident response runbooks. DevOps & Release Management Contribute to CI/CD pipeline definitions and maintenance in Azure DevOps (builds, tests, packaging, deployments). Produce deployment artifacts and support automated deployments to test, staging, and production environments. Maintain deployment documentation and rollback plans. Agile/Scrum Collaboration Participate in all Scrum ceremonies (daily standups, sprint planning, reviews, retrospectives). Collaborate closely with QA, data migration specialists, and business SMEs to deliver sprint goals. Technical Skills & Qualifications Strong professional experience with C# and .NET Framework 4.8 (ASP.NET MVC, Razor views). Experience with Entity Framework and/or (link removed), T-SQL, stored procedures, and query performance tuning on SQL Server / Azure SQL. Proficiency with front-end technologies used by the project: HTML5, CSS3, JavaScript, jQuery, Bootstrap. Practical experience with Azure DevOps: Git source control, build/release pipelines, work item and test management. Familiarity with Visual Studio 2022 for day-to-day development and debugging. Strong troubleshooting skills and experience resolving production defects and performance issues. Experience with unit and integration testing frameworks and test automation. Handson experience with SSIS or similar ETL tooling and coordinating application-side integration with ETL processes. Prior experience modernizing legacy .NET Framework applications in public-sector or enterprise contexts. Familiarity with Windows services, scheduled tasks, or job schedulers used to run background processing. Experience with application logging/telemetry and operational runbooks. Knowledge of security/access controls for enterprise applications and data handling best practices. Exposure to accessibility (WCAG) and cross-browser compatibility testing. Required / Desired Skills AGILE - Agile Development Methodology Required - 4 Years Microsoft .NET Framework Required - 4 Years HTML Required - 4 Years JavaScript Required - 4 Years SQL Required - 4 Years
01/15/2026
Position: Full Stack .NET Developer (Ref: 18040) Location: Hartford, CT United States, 06103 Salary: DOE Duration: 1 Years 5 Months 15 Days - Contract Openings: 2 Deadline: 01/23/2026 Description: Local Candidates Hybrid onsite 2 days/eek We are seeking a .NET Developer who will implement and maintain server side and UI components as part of a legacy-to-modernization effort. The project targets .NET Framework 4.8 and uses Visual Studio 2022 for development. This role focuses on full stack application development (server and UI), database integration, ETL/SSIS collaboration, performance and security hardening, and CI/CD support within an Agile Scrum team. Integrations are implemented via direct database access, SSIS/ETL, file interfaces, and scheduled jobs. Key Deliverables Implemented user stories with server and UI components. Technical design documents, UI mapping, and runbooks for operational support. Database schema updates, stored procedures, and performance tuning changes. SSIS/ETL coordination artifacts and integration test results. Unit/integration test artifacts and CI pipeline results in Azure DevOps. Deployment artifacts, pipeline definitions, and rollback/runbook documentation. Status reports, defect logs, and knowledge transfer materials. Requirements Analysis & Documentation Collaborate with product owners, business stakeholders, and architects to elicit, analyze, and document technical and functional requirements. Translate business requirements into developer tasks, acceptance criteria, and Azure DevOps work items. Produce and maintain technical design notes, screen/interface mappings, and operational runbooks. Application Development & Implementation Design, implement, and refactor serverside components using C# and ASP.NET MVC targeting .NET Framework 4.8. Build and maintain Razor views and client behaviors using HTML5, CSS3, JavaScript, jQuery, and Bootstrap. Implement business logic, background jobs, scheduled tasks (Windows services / Task Scheduler), and server-side processing without introducing API layers. Use Entity Framework or (link removed) and stored procedures for direct database access and transactional logic. Participate in code reviews and enforce coding standards, security, and maintainability best practices. Database, Integration & ETL Collaboration Work with Azure SQL / SQL Server schema, stored procedures, indexing and performance tuning. Collaborate with data engineers on SSIS packages, ETL processes, and file-based interfaces; validate integration points and data flows. Implement data access patterns that support migration validation and referential integrity checks. Quality, Performance & Security Profile and resolve performance issues; implement caching, batching, and asynchronous processing where appropriate. Apply secure coding practices; implement authentication/authorization used by the project (Windows auth, Forms auth, or Azure AD as applicable). Assist with operational support: logging, monitoring, diagnostics and incident response runbooks. DevOps & Release Management Contribute to CI/CD pipeline definitions and maintenance in Azure DevOps (builds, tests, packaging, deployments). Produce deployment artifacts and support automated deployments to test, staging, and production environments. Maintain deployment documentation and rollback plans. Agile/Scrum Collaboration Participate in all Scrum ceremonies (daily standups, sprint planning, reviews, retrospectives). Collaborate closely with QA, data migration specialists, and business SMEs to deliver sprint goals. Technical Skills & Qualifications Strong professional experience with C# and .NET Framework 4.8 (ASP.NET MVC, Razor views). Experience with Entity Framework and/or (link removed), T-SQL, stored procedures, and query performance tuning on SQL Server / Azure SQL. Proficiency with front-end technologies used by the project: HTML5, CSS3, JavaScript, jQuery, Bootstrap. Practical experience with Azure DevOps: Git source control, build/release pipelines, work item and test management. Familiarity with Visual Studio 2022 for day-to-day development and debugging. Strong troubleshooting skills and experience resolving production defects and performance issues. Experience with unit and integration testing frameworks and test automation. Handson experience with SSIS or similar ETL tooling and coordinating application-side integration with ETL processes. Prior experience modernizing legacy .NET Framework applications in public-sector or enterprise contexts. Familiarity with Windows services, scheduled tasks, or job schedulers used to run background processing. Experience with application logging/telemetry and operational runbooks. Knowledge of security/access controls for enterprise applications and data handling best practices. Exposure to accessibility (WCAG) and cross-browser compatibility testing. Required / Desired Skills AGILE - Agile Development Methodology Required - 4 Years Microsoft .NET Framework Required - 4 Years HTML Required - 4 Years JavaScript Required - 4 Years SQL Required - 4 Years
SENIOR AI DEVOPS SPECIALIST, IS&T Applications Job Description SENIOR AI DEVOPS SPECIALIST, IS&T Applications Category Charles River Campus > Professional Job Location BOSTON, United States Tracking Code Posted Date 7/1/2025 Salary Grade Grade 52 Expected Hiring Range Minimum $130,000.00 Expected Hiring Range Maximum $145,000.00 The salary of the finalist selected for this role will be set based on a variety of factors, including but not limited to departmental budgets, qualifications, experience, education, licenses, specialty, training and internal pay comparison. The above hiring range represents the University's good faith and reasonable estimate of the range of possible compensation at the time of posting. Position Type Full-Time/Regular At Boston University, we are assembling a world-class AI Engineering team to transform operations, drive innovation, and deliver innovative AI applications and agents. This is your chance to work on cutting-edge technologies Agentic AI frameworks, LLMs, RAG, MCP, scalable AI architectures and develop solutions at the forefront of modern artificial intelligence. You will join as the Senior AI DevOps Specialist where you will ensure the scalable deployment, monitoring, and support of AI applications, agents and models, while also contributing to development efforts in collaboration with other full-stack developers. You will focus on managing infrastructure across on-premises, cloud, and hybrid environments, integrating containerization technologies, and supporting advanced AI workflows. This position is primarily remote with periodic in-person meetings on campus as a member of the AI Engineering team, you will handle some of the university's highest priority initiatives. You'll bring your expertise to a vibrant environment that values ingenuity and impact, where your ideas can make a difference on a global scale. Together, we'll deliver AI solutions that not only revolutionize university operations but also become models of innovation for institutions worldwide. Join us to make history, develop transformative technology, and work alongside some of the greatest minds in academia and technology. Be part of the team that will define what's possible in AI for academia and beyond. This position is primarily remote with periodic in-person meetings on campus. You Will: Deployment of AI Applications, Agents & Related Infrastructure Collaborative Development Support AI Model Management & Fine-Tuning Infrastructure Monitoring & Optimization Security, Compliance, & Continuous Improvement Required Skills You Will Have: 8+ years of applicable experience. Degree in Computer Science, Software Engineering, Systems Engineering, or related field. Expertise in containerization (Docker, Kubernetes, AWS ECS) and multi-environment deployment (on-premise, cloud, hybrid). Experience with hosting and fine-tuning LLM/SLM models. Development experience in modern programming languages (e.g., Python, JavaScript, or similar) with familiarity in AI technologies and frameworks (e.g., prompt engineering, RAG, embeddings along with more recent innovations like MCP and A2A). Experience with DevOps practices, scalable architectures, and modern security standards. Boston University offers an excellent benefits package including: Time Off: In addition to PTO and leave policy, BU employees have a paid intersession break and 13 paid holidays. Retirement: University-funded retirement plan with full vesting after 2 years of eligible service. Tuition Assistance Program: Competitive tuition assistance program for yourself and family members. Check out and for more information! Boston University IS&T invests in our staff and their personal and professional growth. We promote staff learning including lunch and learn sessions, an extensive library of online courses, Fun Advisory Board (FAB) arranges a number of events throughout the year and opportunities to engage with peers at NERCOMP and EDUCAUSE events. If you require a reasonable accommodation in order to complete the employment application process, please contact the Equal Opportunity Office at . We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We, at IS&T, appreciate each individual's knowledge, experiences and insights which enhance who we are, and as our DEIA knowledge and practice grows, we will ensure that our Mission, Vision, & Practices remain equitable and welcoming to all. We are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, natural or protective hairstyle, religion, sex, age, national origin, physical or mental disability, sexual orientation, gender identity, genetic information, military service, pregnancy or pregnancy-related condition, or because of marital, parental, or veteran status. We are a VEVRAA Federal Contractor. Required Skills Job Location: BOSTON Position Type: Full-Time/Regular Salary Grade: $130,000.00-$145,000.00 To apply, visit Copyright 2025 Inc. All rights reserved. Posted by the FREE value-added recruitment advertising agency jeid-ac4d2f5846f6d0428f
01/14/2026
Full time
SENIOR AI DEVOPS SPECIALIST, IS&T Applications Job Description SENIOR AI DEVOPS SPECIALIST, IS&T Applications Category Charles River Campus > Professional Job Location BOSTON, United States Tracking Code Posted Date 7/1/2025 Salary Grade Grade 52 Expected Hiring Range Minimum $130,000.00 Expected Hiring Range Maximum $145,000.00 The salary of the finalist selected for this role will be set based on a variety of factors, including but not limited to departmental budgets, qualifications, experience, education, licenses, specialty, training and internal pay comparison. The above hiring range represents the University's good faith and reasonable estimate of the range of possible compensation at the time of posting. Position Type Full-Time/Regular At Boston University, we are assembling a world-class AI Engineering team to transform operations, drive innovation, and deliver innovative AI applications and agents. This is your chance to work on cutting-edge technologies Agentic AI frameworks, LLMs, RAG, MCP, scalable AI architectures and develop solutions at the forefront of modern artificial intelligence. You will join as the Senior AI DevOps Specialist where you will ensure the scalable deployment, monitoring, and support of AI applications, agents and models, while also contributing to development efforts in collaboration with other full-stack developers. You will focus on managing infrastructure across on-premises, cloud, and hybrid environments, integrating containerization technologies, and supporting advanced AI workflows. This position is primarily remote with periodic in-person meetings on campus as a member of the AI Engineering team, you will handle some of the university's highest priority initiatives. You'll bring your expertise to a vibrant environment that values ingenuity and impact, where your ideas can make a difference on a global scale. Together, we'll deliver AI solutions that not only revolutionize university operations but also become models of innovation for institutions worldwide. Join us to make history, develop transformative technology, and work alongside some of the greatest minds in academia and technology. Be part of the team that will define what's possible in AI for academia and beyond. This position is primarily remote with periodic in-person meetings on campus. You Will: Deployment of AI Applications, Agents & Related Infrastructure Collaborative Development Support AI Model Management & Fine-Tuning Infrastructure Monitoring & Optimization Security, Compliance, & Continuous Improvement Required Skills You Will Have: 8+ years of applicable experience. Degree in Computer Science, Software Engineering, Systems Engineering, or related field. Expertise in containerization (Docker, Kubernetes, AWS ECS) and multi-environment deployment (on-premise, cloud, hybrid). Experience with hosting and fine-tuning LLM/SLM models. Development experience in modern programming languages (e.g., Python, JavaScript, or similar) with familiarity in AI technologies and frameworks (e.g., prompt engineering, RAG, embeddings along with more recent innovations like MCP and A2A). Experience with DevOps practices, scalable architectures, and modern security standards. Boston University offers an excellent benefits package including: Time Off: In addition to PTO and leave policy, BU employees have a paid intersession break and 13 paid holidays. Retirement: University-funded retirement plan with full vesting after 2 years of eligible service. Tuition Assistance Program: Competitive tuition assistance program for yourself and family members. Check out and for more information! Boston University IS&T invests in our staff and their personal and professional growth. We promote staff learning including lunch and learn sessions, an extensive library of online courses, Fun Advisory Board (FAB) arranges a number of events throughout the year and opportunities to engage with peers at NERCOMP and EDUCAUSE events. If you require a reasonable accommodation in order to complete the employment application process, please contact the Equal Opportunity Office at . We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We, at IS&T, appreciate each individual's knowledge, experiences and insights which enhance who we are, and as our DEIA knowledge and practice grows, we will ensure that our Mission, Vision, & Practices remain equitable and welcoming to all. We are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, natural or protective hairstyle, religion, sex, age, national origin, physical or mental disability, sexual orientation, gender identity, genetic information, military service, pregnancy or pregnancy-related condition, or because of marital, parental, or veteran status. We are a VEVRAA Federal Contractor. Required Skills Job Location: BOSTON Position Type: Full-Time/Regular Salary Grade: $130,000.00-$145,000.00 To apply, visit Copyright 2025 Inc. All rights reserved. Posted by the FREE value-added recruitment advertising agency jeid-ac4d2f5846f6d0428f
Posting date: 10/17/2025 Open Until Filled: Yes Position Number: Position Title: Software Engineer Hiring Range Minimum: $101,500 Hiring Range Maximum: $119,000 Union Type: Not a Union Position SEIU Level: Not an SEIU Position FLSA Status: Exempt Employment Category: Regular Full Time Scheduled Months per Year: 12 Scheduled Hours per Week: 40 Schedule: Join us at our convenient location at 41 Centerra Parkway in Lebanon, NH, where you'll find a perfect balance of on-site engagement and remote flexibility. This position is part of a team that primarily works remotely but values intentional onsite engagement. Depending upon projects, you could be in the office daily for a period, or it could be 1-2 days in a month. When onsite, you will typically work out of 41 Centerra Parkway in Lebanon, NH where nearly 80 of your colleagues in Advancement have office space. Periodically, meetings are held in Hanover or on the Dartmouth campus, which is 3 miles from the Centerra Parkway location. Living within commutable distance to Hanover, NH, is preferred, allowing you to integrate smoothly into our team and community. Location of Position: Lebanon, NH 03766 41 Centerra Parkway Remote Work Eligibility?: Hybrid Is this a term position?: No Is this a grant funded position?: No Position Purpose: The Software Engineer for Advancement is a full-stack developer who designs, develops, tests, and maintains software applications that advance the mission of Dartmouth's Advancement division. This role requires a strong combination of technical expertise across multiple platforms and programming languages, alongside a deep understanding of our business objectives. The successful candidate will apply both business acumen and technical skills to deliver high-quality, maintainable solutions within an agile team environment This role independently executes moderate to complex technical work and actively contributes to team-based architecture and implementation efforts. The Software Engineer collaborates with teammates, clients, vendors, and campus partners to develop custom applications, enhance vendor systems, and support integrations that connect Advancement systems to broader institutional platforms. This includes involvement in system design, database development, API creation and consumption, testing, and support for both on-premise and cloud-based solutions. The role also supports deployment automation, infrastructure maintenance, and DevOps practices in partnership with more senior team members. Strong analytical, problem-solving, and communication skills are essential for working effectively within a cross-functional team. The Software Engineer contributes to team growth through knowledge sharing, code review participation, and process improvement efforts. Description: Are you a full-stack developer passionate about purpose-driven technology? Dartmouth's Advancement Systems and Services team is looking for two Software Engineers to help design and build innovative solutions that support our institutional mission. We are looking to hire two talented individuals into this role. Make an impact. Grow your skills. Join a team that values innovation, collaboration, and team engagement. Required Qualifications - Education and Yrs Exp: Bachelor's degree Required Qualifications - Skills, Knowledge and Abilities: Bachelor's degree in Computer Science or a related field 5-8 years of professional software engineering experience Demonstrated experience in: Full-stack application development Oracle PL/SQL, SQL, APEX, with proven ability to develop and manage complex queries and manage data migrations, administer, navigate and manage multiple schemas, data replication, backup/recovery, troubleshooting, development, and performance tuning in complex, consolidated Oracle environment One or more programming languages (e.g., Python, JavaScript, Java, C#) Front-end development (HTML, CSS, JavaScript) RESTful APIs and system integration Version control (Git, SVN), release pipelines, and collaborative development workflows Working with and troubleshooting internet communication components, such as DNS, DNAME, SMTP with a solid understanding of security certificates (SSL/TLS) and other authentication methods and encryption that ensure compliance with privacy regulations Familiarity with DevOps principles and CI/CD tools Strong problem-solving, communication, and teamwork skills Ability to work independently on technical tasks and contribute to team solutions Preferred Qualifications: Experience with vendor system integration and support of ERP platforms (e.g., Advancement, SIS, Finance, HR) Familiarity with data governance, privacy, and compliance standards (e.g., FERPA, HIPAA, GDPR) Knowledge of cloud platforms (AWS, Azure, or GCP), containerization (Docker, Kubernetes) Exposure to Agile development methodologies and tools Understanding of institutional workflows in higher education Strong knowledge and practical experience in database administration tasks Proficiency in application upgrade, cloning, and installation procedures Department Contact for Recruitment Inquiries: Lesa Knapp Department Contact Phone Number: Department Contact for Cover Letter and Title: Lesa Knapp, Assistant Vice President for Advancement Administration Department Contact's Phone Number: Equal Opportunity Employer: Dartmouth College is an equal opportunity employer under federal law. We prohibit discrimination on the basis of race, color, religion, sex, age, national origin, sexual orientation, gender identity or expression, disability, veteran status, marital status, or any other legally protected status. Applications are welcome from all. Background Check: Employment in this position is contingent upon consent to and successful completion of a pre-employment background check, which may include a criminal background check, reference checks, verification of work history, conduct review, and verification of any required academic credentials, licenses, and/or certifications, with results acceptable to Dartmouth College. A criminal conviction will not automatically disqualify an applicant from employment. Background check information will be used in a confidential, non-discriminatory manner consistent with state and federal law. Is driving a vehicle (e.g. Dartmouth vehicle or off road vehicle, rental car, personal car) an essential function of this job?: Not an essential function Special Instructions to Applicants: Dartmouth College has a Tobacco-Free Policy. Smoking and the use of tobacco-based products (including smokeless tobacco) are prohibited in all facilities, grounds, vehicles or other areas owned, operated or occupied by Dartmouth College with no exceptions. For details, please see our policy. Additional Instructions: This position is not visa sponsorship eligible. Quick Link: Description: Software Development Designs, develops, tests, and maintains custom software solutions that meet user needs and align with institutional standards. Translates technical requirements into functional software components. Participates in solution design and architecture discussions, contributing to decisions on system structure, integration approaches, and performance optimization. Develops and consumes APIs and web services for system interoperability. Maintains and enhances database-driven applications using tools such as Oracle PL/SQL and APEX. Implements unit testing, automated testing frameworks, and follows version control and release management best practices. Participates in infrastructure and application support for both on-premises and cloud environments. Collaborates on deployments and contributes to automation and DevOps workflows. Collaborates on teams and leads team initiatives. Develops and enhances documentation supporting systems, integrations, and processes, contributing to a shared knowledge base that informs the work of Advancement Systems and Services. Percentage Of Time: 60 Description: Collaboration and Client Support Works closely with team members to complete tasks aligned to team goals and delivery timelines. Partners with stakeholders to understand business needs, clarify requirements, and deliver value through technical solutions. Supports vendor system implementations and integrations; engages with vendors on issue resolution. Maintains strong working relationships with functional teams, end users, and other IT professionals across the institution. Percentage Of Time: 20 Description: Team Engagement and Continuous Learning Participates in agile ceremonies, sprint planning, retrospectives, and team-based prioritization. Shares technical knowledge through documentation, code reviews, cross training, and informal mentoring of colleagues. Engages in continuous professional development to stay current with tools, languages, frameworks . click apply for full job details
01/14/2026
Full time
Posting date: 10/17/2025 Open Until Filled: Yes Position Number: Position Title: Software Engineer Hiring Range Minimum: $101,500 Hiring Range Maximum: $119,000 Union Type: Not a Union Position SEIU Level: Not an SEIU Position FLSA Status: Exempt Employment Category: Regular Full Time Scheduled Months per Year: 12 Scheduled Hours per Week: 40 Schedule: Join us at our convenient location at 41 Centerra Parkway in Lebanon, NH, where you'll find a perfect balance of on-site engagement and remote flexibility. This position is part of a team that primarily works remotely but values intentional onsite engagement. Depending upon projects, you could be in the office daily for a period, or it could be 1-2 days in a month. When onsite, you will typically work out of 41 Centerra Parkway in Lebanon, NH where nearly 80 of your colleagues in Advancement have office space. Periodically, meetings are held in Hanover or on the Dartmouth campus, which is 3 miles from the Centerra Parkway location. Living within commutable distance to Hanover, NH, is preferred, allowing you to integrate smoothly into our team and community. Location of Position: Lebanon, NH 03766 41 Centerra Parkway Remote Work Eligibility?: Hybrid Is this a term position?: No Is this a grant funded position?: No Position Purpose: The Software Engineer for Advancement is a full-stack developer who designs, develops, tests, and maintains software applications that advance the mission of Dartmouth's Advancement division. This role requires a strong combination of technical expertise across multiple platforms and programming languages, alongside a deep understanding of our business objectives. The successful candidate will apply both business acumen and technical skills to deliver high-quality, maintainable solutions within an agile team environment This role independently executes moderate to complex technical work and actively contributes to team-based architecture and implementation efforts. The Software Engineer collaborates with teammates, clients, vendors, and campus partners to develop custom applications, enhance vendor systems, and support integrations that connect Advancement systems to broader institutional platforms. This includes involvement in system design, database development, API creation and consumption, testing, and support for both on-premise and cloud-based solutions. The role also supports deployment automation, infrastructure maintenance, and DevOps practices in partnership with more senior team members. Strong analytical, problem-solving, and communication skills are essential for working effectively within a cross-functional team. The Software Engineer contributes to team growth through knowledge sharing, code review participation, and process improvement efforts. Description: Are you a full-stack developer passionate about purpose-driven technology? Dartmouth's Advancement Systems and Services team is looking for two Software Engineers to help design and build innovative solutions that support our institutional mission. We are looking to hire two talented individuals into this role. Make an impact. Grow your skills. Join a team that values innovation, collaboration, and team engagement. Required Qualifications - Education and Yrs Exp: Bachelor's degree Required Qualifications - Skills, Knowledge and Abilities: Bachelor's degree in Computer Science or a related field 5-8 years of professional software engineering experience Demonstrated experience in: Full-stack application development Oracle PL/SQL, SQL, APEX, with proven ability to develop and manage complex queries and manage data migrations, administer, navigate and manage multiple schemas, data replication, backup/recovery, troubleshooting, development, and performance tuning in complex, consolidated Oracle environment One or more programming languages (e.g., Python, JavaScript, Java, C#) Front-end development (HTML, CSS, JavaScript) RESTful APIs and system integration Version control (Git, SVN), release pipelines, and collaborative development workflows Working with and troubleshooting internet communication components, such as DNS, DNAME, SMTP with a solid understanding of security certificates (SSL/TLS) and other authentication methods and encryption that ensure compliance with privacy regulations Familiarity with DevOps principles and CI/CD tools Strong problem-solving, communication, and teamwork skills Ability to work independently on technical tasks and contribute to team solutions Preferred Qualifications: Experience with vendor system integration and support of ERP platforms (e.g., Advancement, SIS, Finance, HR) Familiarity with data governance, privacy, and compliance standards (e.g., FERPA, HIPAA, GDPR) Knowledge of cloud platforms (AWS, Azure, or GCP), containerization (Docker, Kubernetes) Exposure to Agile development methodologies and tools Understanding of institutional workflows in higher education Strong knowledge and practical experience in database administration tasks Proficiency in application upgrade, cloning, and installation procedures Department Contact for Recruitment Inquiries: Lesa Knapp Department Contact Phone Number: Department Contact for Cover Letter and Title: Lesa Knapp, Assistant Vice President for Advancement Administration Department Contact's Phone Number: Equal Opportunity Employer: Dartmouth College is an equal opportunity employer under federal law. We prohibit discrimination on the basis of race, color, religion, sex, age, national origin, sexual orientation, gender identity or expression, disability, veteran status, marital status, or any other legally protected status. Applications are welcome from all. Background Check: Employment in this position is contingent upon consent to and successful completion of a pre-employment background check, which may include a criminal background check, reference checks, verification of work history, conduct review, and verification of any required academic credentials, licenses, and/or certifications, with results acceptable to Dartmouth College. A criminal conviction will not automatically disqualify an applicant from employment. Background check information will be used in a confidential, non-discriminatory manner consistent with state and federal law. Is driving a vehicle (e.g. Dartmouth vehicle or off road vehicle, rental car, personal car) an essential function of this job?: Not an essential function Special Instructions to Applicants: Dartmouth College has a Tobacco-Free Policy. Smoking and the use of tobacco-based products (including smokeless tobacco) are prohibited in all facilities, grounds, vehicles or other areas owned, operated or occupied by Dartmouth College with no exceptions. For details, please see our policy. Additional Instructions: This position is not visa sponsorship eligible. Quick Link: Description: Software Development Designs, develops, tests, and maintains custom software solutions that meet user needs and align with institutional standards. Translates technical requirements into functional software components. Participates in solution design and architecture discussions, contributing to decisions on system structure, integration approaches, and performance optimization. Develops and consumes APIs and web services for system interoperability. Maintains and enhances database-driven applications using tools such as Oracle PL/SQL and APEX. Implements unit testing, automated testing frameworks, and follows version control and release management best practices. Participates in infrastructure and application support for both on-premises and cloud environments. Collaborates on deployments and contributes to automation and DevOps workflows. Collaborates on teams and leads team initiatives. Develops and enhances documentation supporting systems, integrations, and processes, contributing to a shared knowledge base that informs the work of Advancement Systems and Services. Percentage Of Time: 60 Description: Collaboration and Client Support Works closely with team members to complete tasks aligned to team goals and delivery timelines. Partners with stakeholders to understand business needs, clarify requirements, and deliver value through technical solutions. Supports vendor system implementations and integrations; engages with vendors on issue resolution. Maintains strong working relationships with functional teams, end users, and other IT professionals across the institution. Percentage Of Time: 20 Description: Team Engagement and Continuous Learning Participates in agile ceremonies, sprint planning, retrospectives, and team-based prioritization. Shares technical knowledge through documentation, code reviews, cross training, and informal mentoring of colleagues. Engages in continuous professional development to stay current with tools, languages, frameworks . click apply for full job details
DevOps Engineer Business Affairs: University IT (UIT), Redwood City, California, United States Information Technology Services Nov 17, 2025 Post Date 107201 Requisition # JOB PURPOSE Enterprise Technologies is a central IT unit at Stanford University, responsible for delivering foundational computing and communication infrastructure that supports the University's academic, research, and administrative functions. We are seeking a Senior DevOps Engineer with proven expertise in API development, as well as administration and integration experience across Google Workspace, AWS, and Microsoft Azure. In this role, you will design and automate cloud infrastructure, optimize CI/CD pipelines, develop and maintain internal APIs, and manage cloud-based configurations, identity services, and security policies-leveraging scripting and API-driven automation across multi-cloud and enterprise collaboration platforms. RESPONSIBILITIES The DevOps Engineer will serve as a key member of the team, leading the design, development, planning, support, and security of Stanford's infrastructure with a focus on Google Cloud technologies. This role is critical in optimizing software delivery pipelines, enabling collaboration across teams, and ensuring the reliability, performance, and scalability of systems running in Google Cloud. The ideal candidate will have deep experience with infrastructure automation, cloud-native tooling, and API integrations within the Google ecosystem-including GCP and Google Workspace. Strong leadership, scripting, and communication skills are essential. Key responsibilities include: CORE DUTIES: Design, implement, and maintain scalable CI/CD pipelines (e.g., GitHub Actions, Jenkins, GitLab CI). Automate infrastructure provisioning using tools like Terraform, CloudFormation, or Pulumi. Build, deploy, and manage containerized applications using Docker and orchestration platforms (Kubernetes, ECS, etc.). Develop and maintain RESTful and/or GraphQL APIs using Python, Go, or Node.js. Manage and integrate Google Workspace with internal systems, including API access, identity provisioning (via Directory API), and service automation. Monitor system health and performance using observability tools (e.g., Prometheus, Grafana, ELK, Datadog). Implement security best practices, including IAM, secrets management, and compliance enforcement. Collaborate with engineering, security, and IT teams to maintain a secure and efficient development environment. Support incident response, root cause analysis, and disaster recovery procedures. Document infrastructure, processes, and API endpoints thoroughly. Participating in 24x7 on-call support rotation. MINIMUM REQUIREMENTS: Education & Experience Bachelor's degree and eight years of relevant experience, or a combination of education and relevant experience. Knowledge, Skills and Abilities: Bachelor's degree in Computer Science, Engineering, or equivalent work experience. 5+ years in DevOps, SRE, or Platform Engineering roles. Hands-on experience with public cloud platforms (AWS, Azure, or GCP-GCP preferred). Strong programming skills in one or more languages for API development (e.g., Python, Go, Node.js). Proficiency with CI/CD tools and IaC frameworks (e.g., Terraform, Ansible, CloudFormation). Experience with Docker and container orchestration tools such as Kubernetes or ECS. Demonstrated experience managing and integrating Google Workspace in enterprise environments, including APIs, security settings, and automation. Solid knowledge of Linux administration, networking, and cloud security principles. Strong troubleshooting and debugging skills across the stack. Excellent communication, documentation, and collaboration abilities. Should demonstrate a willingness to learn and adapt to new technologies and industry trends. Preferred Qualifications (Nice to Have): Experience building and maintaining internal developer platforms or shared infrastructure. Experience with API management platforms (e.g., Apigee, AWS API Gateway, Kong). Hands-on experience with Proofpoint administration, including email security configuration and policy management. Experience with Microsoft 365 administration, including Exchange Online, SharePoint, Teams, and security/compliance controls. Google Workspace Administrator or GCP-related certifications. Experience with Entra ID or other Identity Providers for SSO and federated authentication flows. The expected pay range for this position is $150,289 to $171,000 per annum. Stanford University provides pay ranges representing its good faith estimate of what the university reasonably expects to pay for a position. The pay offered to a selected candidate will be determined based on factors such as (but not limited to) the scope and responsibilities of the position, the qualifications of the selected candidate, departmental budget availability, internal equity, geographic location and external market pay for comparable jobs. At Stanford University, base pay represents only one aspect of the comprehensive rewards package. The Cardinal at Work website ( ) provides detailed information on Stanford's extensive range of benefits and rewards offered to employees. Specifics about the rewards package for this position may be discussed during the hiring process. The job duties listed are typical examples of work performed by positions in this job classification and are not designed to contain or be interpreted as a comprehensive inventory of all duties, tasks, and responsibilities. Specific duties and responsibilities may vary depending on department or program needs without changing the general nature and scope of the job or level of responsibility. Employees may also perform other duties as assigned. Consistent with its obligations under the law, the University will provide reasonable accommodations to applicants and employees with disabilities. Applicants requiring a reasonable accommodation for any part of the application or hiring process should contact Stanford University Human Resources by submitting a contact form . Stanford is an equal employment opportunity and affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other characteristic protected by law. Additional Information Schedule: Full-time Job Code: 4833 Employee Status: Regular Grade: K Requisition ID: 107201 Work Arrangement : Hybrid Eligible
01/14/2026
Full time
DevOps Engineer Business Affairs: University IT (UIT), Redwood City, California, United States Information Technology Services Nov 17, 2025 Post Date 107201 Requisition # JOB PURPOSE Enterprise Technologies is a central IT unit at Stanford University, responsible for delivering foundational computing and communication infrastructure that supports the University's academic, research, and administrative functions. We are seeking a Senior DevOps Engineer with proven expertise in API development, as well as administration and integration experience across Google Workspace, AWS, and Microsoft Azure. In this role, you will design and automate cloud infrastructure, optimize CI/CD pipelines, develop and maintain internal APIs, and manage cloud-based configurations, identity services, and security policies-leveraging scripting and API-driven automation across multi-cloud and enterprise collaboration platforms. RESPONSIBILITIES The DevOps Engineer will serve as a key member of the team, leading the design, development, planning, support, and security of Stanford's infrastructure with a focus on Google Cloud technologies. This role is critical in optimizing software delivery pipelines, enabling collaboration across teams, and ensuring the reliability, performance, and scalability of systems running in Google Cloud. The ideal candidate will have deep experience with infrastructure automation, cloud-native tooling, and API integrations within the Google ecosystem-including GCP and Google Workspace. Strong leadership, scripting, and communication skills are essential. Key responsibilities include: CORE DUTIES: Design, implement, and maintain scalable CI/CD pipelines (e.g., GitHub Actions, Jenkins, GitLab CI). Automate infrastructure provisioning using tools like Terraform, CloudFormation, or Pulumi. Build, deploy, and manage containerized applications using Docker and orchestration platforms (Kubernetes, ECS, etc.). Develop and maintain RESTful and/or GraphQL APIs using Python, Go, or Node.js. Manage and integrate Google Workspace with internal systems, including API access, identity provisioning (via Directory API), and service automation. Monitor system health and performance using observability tools (e.g., Prometheus, Grafana, ELK, Datadog). Implement security best practices, including IAM, secrets management, and compliance enforcement. Collaborate with engineering, security, and IT teams to maintain a secure and efficient development environment. Support incident response, root cause analysis, and disaster recovery procedures. Document infrastructure, processes, and API endpoints thoroughly. Participating in 24x7 on-call support rotation. MINIMUM REQUIREMENTS: Education & Experience Bachelor's degree and eight years of relevant experience, or a combination of education and relevant experience. Knowledge, Skills and Abilities: Bachelor's degree in Computer Science, Engineering, or equivalent work experience. 5+ years in DevOps, SRE, or Platform Engineering roles. Hands-on experience with public cloud platforms (AWS, Azure, or GCP-GCP preferred). Strong programming skills in one or more languages for API development (e.g., Python, Go, Node.js). Proficiency with CI/CD tools and IaC frameworks (e.g., Terraform, Ansible, CloudFormation). Experience with Docker and container orchestration tools such as Kubernetes or ECS. Demonstrated experience managing and integrating Google Workspace in enterprise environments, including APIs, security settings, and automation. Solid knowledge of Linux administration, networking, and cloud security principles. Strong troubleshooting and debugging skills across the stack. Excellent communication, documentation, and collaboration abilities. Should demonstrate a willingness to learn and adapt to new technologies and industry trends. Preferred Qualifications (Nice to Have): Experience building and maintaining internal developer platforms or shared infrastructure. Experience with API management platforms (e.g., Apigee, AWS API Gateway, Kong). Hands-on experience with Proofpoint administration, including email security configuration and policy management. Experience with Microsoft 365 administration, including Exchange Online, SharePoint, Teams, and security/compliance controls. Google Workspace Administrator or GCP-related certifications. Experience with Entra ID or other Identity Providers for SSO and federated authentication flows. The expected pay range for this position is $150,289 to $171,000 per annum. Stanford University provides pay ranges representing its good faith estimate of what the university reasonably expects to pay for a position. The pay offered to a selected candidate will be determined based on factors such as (but not limited to) the scope and responsibilities of the position, the qualifications of the selected candidate, departmental budget availability, internal equity, geographic location and external market pay for comparable jobs. At Stanford University, base pay represents only one aspect of the comprehensive rewards package. The Cardinal at Work website ( ) provides detailed information on Stanford's extensive range of benefits and rewards offered to employees. Specifics about the rewards package for this position may be discussed during the hiring process. The job duties listed are typical examples of work performed by positions in this job classification and are not designed to contain or be interpreted as a comprehensive inventory of all duties, tasks, and responsibilities. Specific duties and responsibilities may vary depending on department or program needs without changing the general nature and scope of the job or level of responsibility. Employees may also perform other duties as assigned. Consistent with its obligations under the law, the University will provide reasonable accommodations to applicants and employees with disabilities. Applicants requiring a reasonable accommodation for any part of the application or hiring process should contact Stanford University Human Resources by submitting a contact form . Stanford is an equal employment opportunity and affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other characteristic protected by law. Additional Information Schedule: Full-time Job Code: 4833 Employee Status: Regular Grade: K Requisition ID: 107201 Work Arrangement : Hybrid Eligible
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
12/17/2025
Full time
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
12/17/2025
Full time
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
12/17/2025
Full time
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
12/17/2025
Full time
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
12/17/2025
Full time
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
12/17/2025
Full time
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
12/17/2025
Full time
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
12/17/2025
Full time
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
12/17/2025
Full time
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
12/17/2025
Full time
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
12/17/2025
Full time
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
12/17/2025
Full time
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
12/17/2025
Full time
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
12/17/2025
Full time
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
12/17/2025
Full time
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details