Who We Are: Cybersecurity Operations' mission is to secure the enterprise by evaluating, implementing, and operating a full suite of tools and services. We are responsible for configuring, engineering, administering, and supporting network and endpoint security systems. Operations include firewalls, intrusion prevention and incident response as well as security orchestration and automation. As part of the Cybersecurity team, the candidate will be part of the technology assessment and implementation process as well as operations and response, candidates will engage in the full security system lifecycle. Objectives of this Role: Provide cybersecurity analysis and support in an Enterprise environment. Deploy, configure, and maintain security applications. Maintain and provide continuous security configurations of cybersecurity infrastructure. Research, recommend, evaluate, and deploy new cybersecurity technologies and capabilities. Daily and Monthly Responsibilities: Participate in daily review of alerts and incident response (IR) activities. Effectively document system configurations, findings, and results of IR activities. Monitoring and maintaining Endpoint Protection and Response (EDR) and Security Orchestration, Automation and Response (SOAR) systems, Enterprise Vulnerability Management and Penetration Testing programs. Monitoring and maintaining Next Generation firewall systems and policies and L3/L7 Load-balancing and Web Application Firewall (WAF). Support and management of Privileged Access Management (PAM) solution. Participate in the support and management of the Enterprise Security Information Event Management (SIEM) solution to include advanced reporting, data analysis and correlation. Participate in the support and configuration of the security for Microsoft O365 Entra ID cloud services. Requirements: Requires a Bachelors degree in Cybersecurity, IT Operations, or related degree with relevant experience. In lieu of a Bachelors degree 5 years of Cybersecurity and/or IT administration experience. a high school education or equivalent and related certifications is required. 3 years: Relevant Cybersecurity and/or IT administration experience with a Bachelors degree. 3-7 years: Experience working with incident response and/or network security platforms such as Endpoint Protection, Threat Intelligence, Security Orchestration Automation and Response. 3-7 years: Experience with administration of modern operating systems (e.g.- Windows Server, Windows Desktop and Linux). Experience with network fundamentals (TCP/IP, Vlans and network subnetting) as well as scripting, development, and utilizing application programing interfaces (API). A valid/clear driver's license is required.
04/01/2026
Full time
Who We Are: Cybersecurity Operations' mission is to secure the enterprise by evaluating, implementing, and operating a full suite of tools and services. We are responsible for configuring, engineering, administering, and supporting network and endpoint security systems. Operations include firewalls, intrusion prevention and incident response as well as security orchestration and automation. As part of the Cybersecurity team, the candidate will be part of the technology assessment and implementation process as well as operations and response, candidates will engage in the full security system lifecycle. Objectives of this Role: Provide cybersecurity analysis and support in an Enterprise environment. Deploy, configure, and maintain security applications. Maintain and provide continuous security configurations of cybersecurity infrastructure. Research, recommend, evaluate, and deploy new cybersecurity technologies and capabilities. Daily and Monthly Responsibilities: Participate in daily review of alerts and incident response (IR) activities. Effectively document system configurations, findings, and results of IR activities. Monitoring and maintaining Endpoint Protection and Response (EDR) and Security Orchestration, Automation and Response (SOAR) systems, Enterprise Vulnerability Management and Penetration Testing programs. Monitoring and maintaining Next Generation firewall systems and policies and L3/L7 Load-balancing and Web Application Firewall (WAF). Support and management of Privileged Access Management (PAM) solution. Participate in the support and management of the Enterprise Security Information Event Management (SIEM) solution to include advanced reporting, data analysis and correlation. Participate in the support and configuration of the security for Microsoft O365 Entra ID cloud services. Requirements: Requires a Bachelors degree in Cybersecurity, IT Operations, or related degree with relevant experience. In lieu of a Bachelors degree 5 years of Cybersecurity and/or IT administration experience. a high school education or equivalent and related certifications is required. 3 years: Relevant Cybersecurity and/or IT administration experience with a Bachelors degree. 3-7 years: Experience working with incident response and/or network security platforms such as Endpoint Protection, Threat Intelligence, Security Orchestration Automation and Response. 3-7 years: Experience with administration of modern operating systems (e.g.- Windows Server, Windows Desktop and Linux). Experience with network fundamentals (TCP/IP, Vlans and network subnetting) as well as scripting, development, and utilizing application programing interfaces (API). A valid/clear driver's license is required.
Immediate contract opportunity for SAP Systems Engineering Specialist with direct client in New York, NY. This position will serve to reinforce the ERP Project's capacity in respect of Systems Engineering, specifically concerning the ongoing design, build, deployment, maintenance and optimization of the organization's SAP ERP system covering both the various SAP systems and applications part of the On-Premise landscape as well as the integration of select SAP Cloud applications and solutions. Reporting to ERPSD Basis staff, the SAP Engineering specialist will support the following major work areas: • Provide technical expertise and support work in respect of the ERP's on-premise SAP landscape, such as, but not limited to, SAP ECC, SRM, HANA, BW, SLT, PI, TM/EM, CRM, BPC, IBP, Fiori, Portal. • Provide architecture and design assessment for the implementation of SAP Cloud-based solutions in integration with On-premise SAP systems, following SaaS/Paas models and relevant industry best practices. • Assists across the spectrum of the ERP's production support work, including upgrades, system/component installation, installation of patches and Support pack stacks, landscape maintenance, HANA administration & security and transport management. • Supports the effective optimization of SAP NetWeaver security standards to ensure secure communication between distributed systems, with SAP data storage and network security, inter alia. Specific task areas: SAP System Engineering, Basis administration and Production support operations: • Support SAP Basis workstream activities including, but not limited to, performing transports, landscape and instance maintenance, client copies, system refreshes, system installation, support pack stack upgrades, software release management, problem determination, resolution and incident management • Lead and execute SAP HANA upgrades in complex MCOS and high-availability landscapes, working experience with HPE ServiceGuard is a plus. • Demonstrate in-depth expertise in SAP IDM and SRM/MDM platform administration, including installation, configuration, upgrades, repository management, and integration with enterprise identity services. • Manage SAP MDM 7.02 components and ensure seamless integration with SAP NetWeaver Portal, SRM, and PI systems. • Possess in-depth knowledge of SAP Solution Manager in order to support ChaRM setup, retrofit processes, Focused Run configuration, system monitoring, and job monitoring capabilities. • Assist with Redwood RunMyJob for SAP ABAP systems, including installation, upgrades, job scheduling, queue setup for system maintenance, queue monitoring, and advanced troubleshooting. • Engage with the ERP's functional team to drive system performance monitoring, testing and tuning as required, including with respect to SAP cloud integration with On-premise. Technical Architecture of SAP Cloud with SAP On-premise Landscapes and Applications: • Support and maintain infrastructure platform, network, security and storage components in a cloud environment working with VMWare, Storage subsystem, Network components such as Load Balancer, Secure Socket Layer communication, VPN etc. • Design and support of High Availability/DR Solutions and Backup and Recovery solutions for enterprise applications and database in a public, private or hybrid cloud environments. • Assess the architecture and best practices for the integration of SAP Cloud solutions with the SAP On-premise Umoja solution. • Support the actual engineering and integration of On-premise SAP solution with cloud-based solutions provided by 3rd party vendors like Azure, AWS and Google Cloud Platform. • Lead the planning of possible migrations of On-premise systems into SAP's Cloud infrastructure and assist in the implementation. • Lead technical aspects of SAP Cloud-based solutions regarding data protection, SSO solution for external applications SAP Business Technology Platform • Design and architect end-to-end solutions for SAP BTP including application setup and integration with cloud and on-premises application. • Assist with producing technical specifications and architecture diagrams. • Configure identify authentication and provision services using SAP IAS/IPS. Implement OAuth2, JWT, SSO (principal propagation) • Configure and administer SAP BTP subaccounts, Cloud Connector integrations, hybrid connectivity setups, and associated authorization frameworks. Security SAP NetWeaver System, Network, Applications, Data • Enable SAP applications for internet facing solutions by designing and implementation of SAP network security standards between SAP systems using Secure Network Communication (SNC) and SSL (Secure Socket Layer) technologies. • Design solution to protect data, filesystem and backup using encryption. • Analyze and apply SAP Security Hot News and Patches Qualifications and experience: • A minimum of 12 years of specific experience with SAP Basis and SAP Systems engineering technical work, including architectural roadmaps and end-to-end execution of upgrades, migrations, performance optimization and technical integration such as, but not limited to, SAP ECC, SRM, HANA, BW, SLT, BOBJ, PI, TM/EM, CRM, BPC, IBP, Fiori, Portal. • Experience shall include at least 5+ years of HANA administration HA and DR . • Experience shall include system sizing and performance optimization as well as the connecting points of the same with hardware and Infrastructure-related components. • Working experience of BTP Integration Suite, SAP Build Apps/Process Automation, Cloud connector • Working experience with VMWare and Linux. • At least one full life cycle S/4HANA implementation/migration experience of SAP Cloud solutions (PaaS/SaaS) including technical evaluation, roadmap planning (readiness/simplification remediation), architecture integration design, migration and deployment of SAP solutions to Cloud environment (AWS, GCP or Azure) • Security experience shall include hands on experience to architect authorization in Application and HANA DB layers along with managing audit requirements. End to End full SAP HANA life cycle security implementations experience would be a plus. TRIGYN IS AN EQUAL OPPORTUNITY EMPLOYER About Trigyn: Trigyn is an IT Services Company that has been in business for 30 years with more than 1,500 resources deployed today. Trigyn is ISO 9001:2015, ISO 27001:2013 (ISMS) and CMMI Level 5 Certified. Trigyn is an E-Verify Employer.
04/01/2026
Full time
Immediate contract opportunity for SAP Systems Engineering Specialist with direct client in New York, NY. This position will serve to reinforce the ERP Project's capacity in respect of Systems Engineering, specifically concerning the ongoing design, build, deployment, maintenance and optimization of the organization's SAP ERP system covering both the various SAP systems and applications part of the On-Premise landscape as well as the integration of select SAP Cloud applications and solutions. Reporting to ERPSD Basis staff, the SAP Engineering specialist will support the following major work areas: • Provide technical expertise and support work in respect of the ERP's on-premise SAP landscape, such as, but not limited to, SAP ECC, SRM, HANA, BW, SLT, PI, TM/EM, CRM, BPC, IBP, Fiori, Portal. • Provide architecture and design assessment for the implementation of SAP Cloud-based solutions in integration with On-premise SAP systems, following SaaS/Paas models and relevant industry best practices. • Assists across the spectrum of the ERP's production support work, including upgrades, system/component installation, installation of patches and Support pack stacks, landscape maintenance, HANA administration & security and transport management. • Supports the effective optimization of SAP NetWeaver security standards to ensure secure communication between distributed systems, with SAP data storage and network security, inter alia. Specific task areas: SAP System Engineering, Basis administration and Production support operations: • Support SAP Basis workstream activities including, but not limited to, performing transports, landscape and instance maintenance, client copies, system refreshes, system installation, support pack stack upgrades, software release management, problem determination, resolution and incident management • Lead and execute SAP HANA upgrades in complex MCOS and high-availability landscapes, working experience with HPE ServiceGuard is a plus. • Demonstrate in-depth expertise in SAP IDM and SRM/MDM platform administration, including installation, configuration, upgrades, repository management, and integration with enterprise identity services. • Manage SAP MDM 7.02 components and ensure seamless integration with SAP NetWeaver Portal, SRM, and PI systems. • Possess in-depth knowledge of SAP Solution Manager in order to support ChaRM setup, retrofit processes, Focused Run configuration, system monitoring, and job monitoring capabilities. • Assist with Redwood RunMyJob for SAP ABAP systems, including installation, upgrades, job scheduling, queue setup for system maintenance, queue monitoring, and advanced troubleshooting. • Engage with the ERP's functional team to drive system performance monitoring, testing and tuning as required, including with respect to SAP cloud integration with On-premise. Technical Architecture of SAP Cloud with SAP On-premise Landscapes and Applications: • Support and maintain infrastructure platform, network, security and storage components in a cloud environment working with VMWare, Storage subsystem, Network components such as Load Balancer, Secure Socket Layer communication, VPN etc. • Design and support of High Availability/DR Solutions and Backup and Recovery solutions for enterprise applications and database in a public, private or hybrid cloud environments. • Assess the architecture and best practices for the integration of SAP Cloud solutions with the SAP On-premise Umoja solution. • Support the actual engineering and integration of On-premise SAP solution with cloud-based solutions provided by 3rd party vendors like Azure, AWS and Google Cloud Platform. • Lead the planning of possible migrations of On-premise systems into SAP's Cloud infrastructure and assist in the implementation. • Lead technical aspects of SAP Cloud-based solutions regarding data protection, SSO solution for external applications SAP Business Technology Platform • Design and architect end-to-end solutions for SAP BTP including application setup and integration with cloud and on-premises application. • Assist with producing technical specifications and architecture diagrams. • Configure identify authentication and provision services using SAP IAS/IPS. Implement OAuth2, JWT, SSO (principal propagation) • Configure and administer SAP BTP subaccounts, Cloud Connector integrations, hybrid connectivity setups, and associated authorization frameworks. Security SAP NetWeaver System, Network, Applications, Data • Enable SAP applications for internet facing solutions by designing and implementation of SAP network security standards between SAP systems using Secure Network Communication (SNC) and SSL (Secure Socket Layer) technologies. • Design solution to protect data, filesystem and backup using encryption. • Analyze and apply SAP Security Hot News and Patches Qualifications and experience: • A minimum of 12 years of specific experience with SAP Basis and SAP Systems engineering technical work, including architectural roadmaps and end-to-end execution of upgrades, migrations, performance optimization and technical integration such as, but not limited to, SAP ECC, SRM, HANA, BW, SLT, BOBJ, PI, TM/EM, CRM, BPC, IBP, Fiori, Portal. • Experience shall include at least 5+ years of HANA administration HA and DR . • Experience shall include system sizing and performance optimization as well as the connecting points of the same with hardware and Infrastructure-related components. • Working experience of BTP Integration Suite, SAP Build Apps/Process Automation, Cloud connector • Working experience with VMWare and Linux. • At least one full life cycle S/4HANA implementation/migration experience of SAP Cloud solutions (PaaS/SaaS) including technical evaluation, roadmap planning (readiness/simplification remediation), architecture integration design, migration and deployment of SAP solutions to Cloud environment (AWS, GCP or Azure) • Security experience shall include hands on experience to architect authorization in Application and HANA DB layers along with managing audit requirements. End to End full SAP HANA life cycle security implementations experience would be a plus. TRIGYN IS AN EQUAL OPPORTUNITY EMPLOYER About Trigyn: Trigyn is an IT Services Company that has been in business for 30 years with more than 1,500 resources deployed today. Trigyn is ISO 9001:2015, ISO 27001:2013 (ISMS) and CMMI Level 5 Certified. Trigyn is an E-Verify Employer.
Job Title: Senior Network Engineer Location: Tallahassee, FL Regular/Temporary: Regular Full/Part Time: Full-Time Job ID: 61818 Department This position is within FSU's Department of Information Technology Services (ITS) Department This position plays a key role in the ITS NCT Engineering Networking Group, focusing on the installation, maintenance, operation, and repair of the University's network infrastructure and related systems. Key responsibilities include configuring and managing network hardware (PaloAlto, Juniper (Mist), Rukus, Aruba (Clearpass/Central/AOS 8), Bluecat, Azure, AWS, Cisco) to ensure optimal performance and security. Troubleshooting connectivity issues and resolving network-related incidents efficiently. Optimizing network performance through proactive monitoring and maintenance. Ensuring the reliability and security of the University's networking environment. Supporting the integration of new technologies to enhance network functionality. Collaborating with other ITS teams to develop and implement network solutions. Assisting in the planning and execution of network upgrades and expansions. This role requires strong technical expertise, problem-solving skills, and a commitment to maintaining a robust and secure network infrastructure that supports the University's operational and academic needs. The Network Specialist is responsible for troubleshooting and resolving network- related issues to include wired and wireless, to minimize downtime. This role requires proficiency in networking diagnostic tools to analyze, monitor, and optimize network performance. The Specialist facilitates cases and AiM work orders, ensuring efficient management of network-related service requests. Additionally, they continuously monitor network connectivity, proactively identifying and addressing issues. Support is provided across all FSU-ITS supported networks, including cloud environments, international sites, the Panama City campus, remote offices, and the main campus network. Responsible for configuring network infrastructure to ensure optimal performance and reliability. This includes performing code upgrades, managing certificates, and planning routine maintenance to minimize disruptions. The role also involves overseeing physical and logistical network configurations, ensuring seamless integration and operation. Additionally, the Network Specialist provides support and configuration for all ITS-managed networks, including cloud environments, international sites, the Panama City campus, remote offices, and the main campus network. General knowledge of scripting automation to enhance operational efficiencies. Responsible for designing network infrastructure to meet the evolving needs of ITS- managed environments. This role requires ongoing research and staying up to date with emerging tools, threats, and technologies to ensure network integrity and efficiency. The specialist provides estimates for network-related projects and is involved in both wired and wireless planning to optimize connectivity and performance. Additionally, they oversee logistical and physical planning across all ITS networks, including cloud environments, international sites, the Panama City campus, remote offices, and the main campus network. Responsible for policy development, enforcement, and compliance to ensure the security and efficiency of ITS-managed networks. This role requires an understanding of HIPAA, NIST, and PCI standards to maintain regulatory compliance. The specialist follows NCT and ITS standards and policies while also providing insights for improvements when necessary. Additionally, they are expected to provide feedback for the development, enforcement, and compliance of network policies across all ITS-managed environments, including cloud infrastructure, international sites, the Panama City campus, remote offices, and the main campus network. Responsible for project participation, ensuring the successful planning and execution of network-related initiatives. Serving as a contact for NCT, this role facilitates communication and coordination across ITS teams. Additionally, the specialist plays a lead role and collaborates on internal NCT projects and initiatives, driving improvements and innovation within the network infrastructure. Responsible for additional duties as assigned, including participation in an on-call rotation to provide after-hours support. This role also requires travel across various site premises using a state vehicle, golf cart, utility vehicle, or all-terrain vehicle. Qualifications Bachelor's degree in Computer Science, MIS, or other appropriate degree and two years' experience or a high school diploma or equivalent and six years of experience. (Note: or a combination of appropriate post high school education and experience equal to six years.) A valid Florida or Georgia driver's license or the ability to obtain one. Preferred Qualifications Strong working knowledge of TCP/IP, VLANs, routing, switching, and DNS/DHCP. Experience configuring and troubleshooting Layer 2 and Layer 3 networks. Proficiency with network monitoring and troubleshooting tools (packet capture, SNMP, NetFlow, syslog). Experience supporting wireless networks (Wi-Fi 5/6), including APs, controllers, and RF fundamentals. Familiarity with network security concepts (NAC, RADIUS/TACACS, firewalls, ACLs). Ability to diagnose complex network issues and clearly communicate findings and resolutions. Experience working in ticketing systems and documenting network configurations and procedures. Experience with enterprise networking vendors (e.g., Aruba, Cisco, Juniper). Experience with ClearPass or NAC solutions. Familiarity with cloud-managed networking platforms (Aruba Central, Mist, VPNs, Azure (VNETs), AWS (VPCs), Panaroma, etc.). Knowledge of high-availability, redundancy, and failover designs. Experience in campus or large-scale network environments. Scripting or automation experience (Python, Ansible, REST APIs). Understanding of VoIP, multicast, and QoS concepts. Experience supporting network upgrades, refresh projects, and lifecycle management. Knowledge of and experience with CompTIA Network+, CCNA / CCNP/CWNA, Aruba ACMA / ACMP / ACSP, and Juniper JNCIA / JNCIS. University Information One of the nation's elite research universities, Florida State University preserves, expands, and disseminates knowledge in the sciences, technology, arts, humanities, and professions, while embracing a philosophy of learning strongly rooted in the traditions of the liberal arts and critical thinking. Founded in 1851, Florida State University is the oldest continuous site of higher education in Florida. FSU is a community steeped in tradition that fosters research and encourages creativity. At FSU, there's the excitement of being part of a vibrant academic and professional community, surrounded by people whose ideas are shaping tomorrow's news! Learn more about our university and campuses. FSU Total Rewards FSU offers a robust Total Rewards package. Visit our website to learn more about our Compensation, Benefits, Wellness, Recognition, and Employee Development programs. Use our interactive tool to calculate Total Compensation options based on potential salary, benefits and retirement contributions, earned leave, and other employment-related perks. How To Apply If qualified and interested in a specific job opening as advertised, apply to Florida State University at . If you are a current FSU employee, apply via myFSU > Self Service. Applicants are required to complete the online application with all applicable information. Applications must include all work history up to ten years, and education details even if attaching a resume. Considerations This is an A&P position. This position requires successful completion of a criminal history background check . Participation in an on-call rotation to provide after-hours support This position is open until filled. Equal Employment Opportunity FSU is an Equal Employment Opportunity Employer.
01/14/2026
Full time
Job Title: Senior Network Engineer Location: Tallahassee, FL Regular/Temporary: Regular Full/Part Time: Full-Time Job ID: 61818 Department This position is within FSU's Department of Information Technology Services (ITS) Department This position plays a key role in the ITS NCT Engineering Networking Group, focusing on the installation, maintenance, operation, and repair of the University's network infrastructure and related systems. Key responsibilities include configuring and managing network hardware (PaloAlto, Juniper (Mist), Rukus, Aruba (Clearpass/Central/AOS 8), Bluecat, Azure, AWS, Cisco) to ensure optimal performance and security. Troubleshooting connectivity issues and resolving network-related incidents efficiently. Optimizing network performance through proactive monitoring and maintenance. Ensuring the reliability and security of the University's networking environment. Supporting the integration of new technologies to enhance network functionality. Collaborating with other ITS teams to develop and implement network solutions. Assisting in the planning and execution of network upgrades and expansions. This role requires strong technical expertise, problem-solving skills, and a commitment to maintaining a robust and secure network infrastructure that supports the University's operational and academic needs. The Network Specialist is responsible for troubleshooting and resolving network- related issues to include wired and wireless, to minimize downtime. This role requires proficiency in networking diagnostic tools to analyze, monitor, and optimize network performance. The Specialist facilitates cases and AiM work orders, ensuring efficient management of network-related service requests. Additionally, they continuously monitor network connectivity, proactively identifying and addressing issues. Support is provided across all FSU-ITS supported networks, including cloud environments, international sites, the Panama City campus, remote offices, and the main campus network. Responsible for configuring network infrastructure to ensure optimal performance and reliability. This includes performing code upgrades, managing certificates, and planning routine maintenance to minimize disruptions. The role also involves overseeing physical and logistical network configurations, ensuring seamless integration and operation. Additionally, the Network Specialist provides support and configuration for all ITS-managed networks, including cloud environments, international sites, the Panama City campus, remote offices, and the main campus network. General knowledge of scripting automation to enhance operational efficiencies. Responsible for designing network infrastructure to meet the evolving needs of ITS- managed environments. This role requires ongoing research and staying up to date with emerging tools, threats, and technologies to ensure network integrity and efficiency. The specialist provides estimates for network-related projects and is involved in both wired and wireless planning to optimize connectivity and performance. Additionally, they oversee logistical and physical planning across all ITS networks, including cloud environments, international sites, the Panama City campus, remote offices, and the main campus network. Responsible for policy development, enforcement, and compliance to ensure the security and efficiency of ITS-managed networks. This role requires an understanding of HIPAA, NIST, and PCI standards to maintain regulatory compliance. The specialist follows NCT and ITS standards and policies while also providing insights for improvements when necessary. Additionally, they are expected to provide feedback for the development, enforcement, and compliance of network policies across all ITS-managed environments, including cloud infrastructure, international sites, the Panama City campus, remote offices, and the main campus network. Responsible for project participation, ensuring the successful planning and execution of network-related initiatives. Serving as a contact for NCT, this role facilitates communication and coordination across ITS teams. Additionally, the specialist plays a lead role and collaborates on internal NCT projects and initiatives, driving improvements and innovation within the network infrastructure. Responsible for additional duties as assigned, including participation in an on-call rotation to provide after-hours support. This role also requires travel across various site premises using a state vehicle, golf cart, utility vehicle, or all-terrain vehicle. Qualifications Bachelor's degree in Computer Science, MIS, or other appropriate degree and two years' experience or a high school diploma or equivalent and six years of experience. (Note: or a combination of appropriate post high school education and experience equal to six years.) A valid Florida or Georgia driver's license or the ability to obtain one. Preferred Qualifications Strong working knowledge of TCP/IP, VLANs, routing, switching, and DNS/DHCP. Experience configuring and troubleshooting Layer 2 and Layer 3 networks. Proficiency with network monitoring and troubleshooting tools (packet capture, SNMP, NetFlow, syslog). Experience supporting wireless networks (Wi-Fi 5/6), including APs, controllers, and RF fundamentals. Familiarity with network security concepts (NAC, RADIUS/TACACS, firewalls, ACLs). Ability to diagnose complex network issues and clearly communicate findings and resolutions. Experience working in ticketing systems and documenting network configurations and procedures. Experience with enterprise networking vendors (e.g., Aruba, Cisco, Juniper). Experience with ClearPass or NAC solutions. Familiarity with cloud-managed networking platforms (Aruba Central, Mist, VPNs, Azure (VNETs), AWS (VPCs), Panaroma, etc.). Knowledge of high-availability, redundancy, and failover designs. Experience in campus or large-scale network environments. Scripting or automation experience (Python, Ansible, REST APIs). Understanding of VoIP, multicast, and QoS concepts. Experience supporting network upgrades, refresh projects, and lifecycle management. Knowledge of and experience with CompTIA Network+, CCNA / CCNP/CWNA, Aruba ACMA / ACMP / ACSP, and Juniper JNCIA / JNCIS. University Information One of the nation's elite research universities, Florida State University preserves, expands, and disseminates knowledge in the sciences, technology, arts, humanities, and professions, while embracing a philosophy of learning strongly rooted in the traditions of the liberal arts and critical thinking. Founded in 1851, Florida State University is the oldest continuous site of higher education in Florida. FSU is a community steeped in tradition that fosters research and encourages creativity. At FSU, there's the excitement of being part of a vibrant academic and professional community, surrounded by people whose ideas are shaping tomorrow's news! Learn more about our university and campuses. FSU Total Rewards FSU offers a robust Total Rewards package. Visit our website to learn more about our Compensation, Benefits, Wellness, Recognition, and Employee Development programs. Use our interactive tool to calculate Total Compensation options based on potential salary, benefits and retirement contributions, earned leave, and other employment-related perks. How To Apply If qualified and interested in a specific job opening as advertised, apply to Florida State University at . If you are a current FSU employee, apply via myFSU > Self Service. Applicants are required to complete the online application with all applicable information. Applications must include all work history up to ten years, and education details even if attaching a resume. Considerations This is an A&P position. This position requires successful completion of a criminal history background check . Participation in an on-call rotation to provide after-hours support This position is open until filled. Equal Employment Opportunity FSU is an Equal Employment Opportunity Employer.
Job no: 493133 Work type: Full-Time Staff Location: Arnold/Main Campus Categories: Full-Time Staff Title: Senior Engineer - Infrastructure Department: Info Security & Infrastructure Campus Location: Arnold/Main Campus Salary Range: $110,590-$138,237 Work Mode: This position requires regular in-person presence on campus and at alternative locations, depending on class schedule and other assigned duties. Hours Per Week: 40 Work Schedule: Position Type: Full-Time Staff, Exempt Position Summary This position provides technical solutions in the design, implementation, management, administration and troubleshooting of the Enterprise-wide data network infrastructure/Hybrid Cloud environments. It requires the ability to analyze the needs of user departments and establish priorities for network design accordingly. This position is responsible for network design, hardware recommendation and implementation for all data infrastructure hardware and related software applications. The successful candidate will possess a high degree of experience and skill in managing the installation, testing, monitoring and maintenance of the data communications, wireless, and IP based services environment to include voice communications and security cameras. Information and Instructional Technology team members must be dedicated to fostering a culture of excellence. Successful candidates will help IIT build our culture by enabling frictionless service, valuing feedback, and embracing continuous improvement and learning. To support this foundation, IIT has established five pillars. These pillars create a collaborative, supportive, and inclusive professional culture. Successful candidates will be skilled technologists who value AACC's community and people. They will also be empathetic to the challenges faced by our students, faculty, and staff. Our Characteristics of Excellence are the guiding principles of our Division, empowering our teams to deliver exceptional results and drive success. Successful candidates will treat people with respect, dignity, and fairness, consistently delivering quality results and following through on commitments and responsibilities. They will cultivate teamwork and collaboration, embrace opportunities for improvement and innovation, and maintain open and honest communication with integrity. Additionally, they will appreciate the value of simple, efficient solutions, recognize the importance of building positive relationships, and respect others' time. Job Duties and Responsibilities Lead efforts to develop and implement comprehensive network infrastructure system designs that meet business requirements by utilizing technology in a cost effective and scalable manner. Provide design, configuration, implementation, monitoring, and support for enterprise/Hybrid network infrastructure (routers and switches) wireless, and video systems. Responsible for hands-on engineering activities to ensure the successful operation of a mission critical Hybrid network architecture spanning multiple data centers and sites. Leads efforts to define and execute ongoing network security, health maintenance plans, processes, procedures, documentation, and operations for the enterprise infrastructure system in accordance with industry standards and guidelines. Provide guidance and assistance to the IIT team in the implementation and administration of system monitoring tools. Monitor performance and tuning of key technology components for the college's network infrastructure; recommend changes or enhancements to resolve stability and performance issues based on findings. Maintain statistics on system performance and availability. Practice effective project management skills, including the ability to adequately manage assigned projects and report project progress and status. Lead projects to upgrade and/or expand the network including design, planning, testing, and implementation. Develop and maintain document repositories and architectural diagrams related to the installation, administration, maintenance, and use of systems. Strives to ensure solutions, systems, and content are secure, accessible, inclusive, and compliant with WCAG and other relevant standards. Continuously improves technical skills and knowledge. Documents and tracks service disruptions and requests in the appropriate systems and provides their supervisor with timely updates on project progress, status, and issues. Develop and maintain document repositories and architectural diagrams related to the installation, administration, maintenance, and use of systems. Plan and execute changes which impact the hybrid network infrastructure following established change management processes. Ensure planned testing activities are developed, documented, and executed. Troubleshoot incidents, identify root causes, fix and document problems, and implement preventive measures. Works to ensure availability of applications and services by monitoring systems and services used at all AACC locations. Assist the Director, Information Security & Infrastructure in the college-wide budget planning process to review and ensure new initiatives are properly vetted for technology needs. Support the development of SOW's, RFP's and RFQ's for Information and Instructional Technologies related technologies and maintenance while working very closely with the Purchasing department. Communicate with vendors, customers, management, and technology staff. Maintain expertise of current hybrid Cloud networking trends and provide guidance about direction of various hybrid Cloud networking technologies. Ensure that network infrastructure equipment is installed in dedicated spaces that are physically secure, provide stable temperature and humidity within equipment manufacturer's specified ranges, and have reliable Uninterruptible Power Supply (UPS) units capable of keeping equipment running during power outages of up to 30 minutes. Provides training and guidance to AACC staff and students to develop new technology skills. Required Qualifications: Bachelor's degree Minimum of five years of relevant experience Current industry standard Cloud related certification, i.e. Extreme ECNA, Aruba ACMA, ACMP or other industry recognized networking certification. Possess comprehensive knowledge of, and hands-on experience with Extreme Networks wired network infrastructure products and management software. Considerable experience with cloud (AWS, Azure) networking and/or security. Experience in designing, implementing, and maintaining complex Enterprise Wireless, Local Area Networks (LANs) & Wide Area Networks (WANs), Ethernet and Fiber Optic cabling infrastructures. Knowledge of dynamic routing protocols (RIP, BGP, EIGRP, OSPF, IGRP), IPSEC, wireless and TCP/IP protocols, switched Ethernet and VLAN technologies. Layer 2 and 3 LAN design and operation Preferred Qualifications: Certifications: Extreme Networks Associate, Specialist (ECS) or Professional (ECP) highly desired. However, other industry routing and switching certifications will be considered. Microsoft Azure Network Engineer Associate, or Microsoft Azure Solutions Architect Expert highly desired. However, other Cloud provider certifications will be considered. General Industry Experience: Extreme Networks Routers and Switches, Panduit Cable Management Systems, HPE/Aruba Wireless, FatPipe WAN Optimization and APC UPS experience highly desired. Anne Arundel Community College (AACC) is committed to enriching the educational experience it offers through the diversity of its faculty, administrators, and staff members. The college seeks to recruit and support a broadly diverse team who will contribute to the college's excellence, diversity of viewpoints and experiences, embrace concepts of equity and inclusiveness, and support the equal rights of all people by advancing the understanding and appreciation of differences including age, race, gender, ability, religious convictions, socio-economic status, ethnic heritage, or sexual orientation. While we appreciate your interest in employment with Anne Arundel Community College, applicants must be currently authorized to work in the U.S. on a full-time basis. Employment-based visa sponsorship (including H-1B sponsorship) is not available for any position. Pay dates occur on the 7th and 22nd of each month. If those dates fall on a weekend, the pay date occurs on the Friday prior to the 7th and 22nd. As an employee of the college, you are eligible for a comprehensive benefits package. In the best interest of the College, only individuals who are residents of Maryland or one of the following states will be eligible for employment at the college: Delaware, Pennsylvania, Virginia, West Virginia or the District of Columbia. The college will annually review this restriction and, if appropriate, expand the list of states of employment eligibility. Advertised: 03 Dec 2025 Eastern Standard Time Applications close: Whatsapp Facebook LinkedIn Email App if (typeof SocialShareKit != 'undefined') SocialShareKit.init( forceInit: true, reinitialize: true, selector: '.social-share-kit .ssk' );
01/14/2026
Full time
Job no: 493133 Work type: Full-Time Staff Location: Arnold/Main Campus Categories: Full-Time Staff Title: Senior Engineer - Infrastructure Department: Info Security & Infrastructure Campus Location: Arnold/Main Campus Salary Range: $110,590-$138,237 Work Mode: This position requires regular in-person presence on campus and at alternative locations, depending on class schedule and other assigned duties. Hours Per Week: 40 Work Schedule: Position Type: Full-Time Staff, Exempt Position Summary This position provides technical solutions in the design, implementation, management, administration and troubleshooting of the Enterprise-wide data network infrastructure/Hybrid Cloud environments. It requires the ability to analyze the needs of user departments and establish priorities for network design accordingly. This position is responsible for network design, hardware recommendation and implementation for all data infrastructure hardware and related software applications. The successful candidate will possess a high degree of experience and skill in managing the installation, testing, monitoring and maintenance of the data communications, wireless, and IP based services environment to include voice communications and security cameras. Information and Instructional Technology team members must be dedicated to fostering a culture of excellence. Successful candidates will help IIT build our culture by enabling frictionless service, valuing feedback, and embracing continuous improvement and learning. To support this foundation, IIT has established five pillars. These pillars create a collaborative, supportive, and inclusive professional culture. Successful candidates will be skilled technologists who value AACC's community and people. They will also be empathetic to the challenges faced by our students, faculty, and staff. Our Characteristics of Excellence are the guiding principles of our Division, empowering our teams to deliver exceptional results and drive success. Successful candidates will treat people with respect, dignity, and fairness, consistently delivering quality results and following through on commitments and responsibilities. They will cultivate teamwork and collaboration, embrace opportunities for improvement and innovation, and maintain open and honest communication with integrity. Additionally, they will appreciate the value of simple, efficient solutions, recognize the importance of building positive relationships, and respect others' time. Job Duties and Responsibilities Lead efforts to develop and implement comprehensive network infrastructure system designs that meet business requirements by utilizing technology in a cost effective and scalable manner. Provide design, configuration, implementation, monitoring, and support for enterprise/Hybrid network infrastructure (routers and switches) wireless, and video systems. Responsible for hands-on engineering activities to ensure the successful operation of a mission critical Hybrid network architecture spanning multiple data centers and sites. Leads efforts to define and execute ongoing network security, health maintenance plans, processes, procedures, documentation, and operations for the enterprise infrastructure system in accordance with industry standards and guidelines. Provide guidance and assistance to the IIT team in the implementation and administration of system monitoring tools. Monitor performance and tuning of key technology components for the college's network infrastructure; recommend changes or enhancements to resolve stability and performance issues based on findings. Maintain statistics on system performance and availability. Practice effective project management skills, including the ability to adequately manage assigned projects and report project progress and status. Lead projects to upgrade and/or expand the network including design, planning, testing, and implementation. Develop and maintain document repositories and architectural diagrams related to the installation, administration, maintenance, and use of systems. Strives to ensure solutions, systems, and content are secure, accessible, inclusive, and compliant with WCAG and other relevant standards. Continuously improves technical skills and knowledge. Documents and tracks service disruptions and requests in the appropriate systems and provides their supervisor with timely updates on project progress, status, and issues. Develop and maintain document repositories and architectural diagrams related to the installation, administration, maintenance, and use of systems. Plan and execute changes which impact the hybrid network infrastructure following established change management processes. Ensure planned testing activities are developed, documented, and executed. Troubleshoot incidents, identify root causes, fix and document problems, and implement preventive measures. Works to ensure availability of applications and services by monitoring systems and services used at all AACC locations. Assist the Director, Information Security & Infrastructure in the college-wide budget planning process to review and ensure new initiatives are properly vetted for technology needs. Support the development of SOW's, RFP's and RFQ's for Information and Instructional Technologies related technologies and maintenance while working very closely with the Purchasing department. Communicate with vendors, customers, management, and technology staff. Maintain expertise of current hybrid Cloud networking trends and provide guidance about direction of various hybrid Cloud networking technologies. Ensure that network infrastructure equipment is installed in dedicated spaces that are physically secure, provide stable temperature and humidity within equipment manufacturer's specified ranges, and have reliable Uninterruptible Power Supply (UPS) units capable of keeping equipment running during power outages of up to 30 minutes. Provides training and guidance to AACC staff and students to develop new technology skills. Required Qualifications: Bachelor's degree Minimum of five years of relevant experience Current industry standard Cloud related certification, i.e. Extreme ECNA, Aruba ACMA, ACMP or other industry recognized networking certification. Possess comprehensive knowledge of, and hands-on experience with Extreme Networks wired network infrastructure products and management software. Considerable experience with cloud (AWS, Azure) networking and/or security. Experience in designing, implementing, and maintaining complex Enterprise Wireless, Local Area Networks (LANs) & Wide Area Networks (WANs), Ethernet and Fiber Optic cabling infrastructures. Knowledge of dynamic routing protocols (RIP, BGP, EIGRP, OSPF, IGRP), IPSEC, wireless and TCP/IP protocols, switched Ethernet and VLAN technologies. Layer 2 and 3 LAN design and operation Preferred Qualifications: Certifications: Extreme Networks Associate, Specialist (ECS) or Professional (ECP) highly desired. However, other industry routing and switching certifications will be considered. Microsoft Azure Network Engineer Associate, or Microsoft Azure Solutions Architect Expert highly desired. However, other Cloud provider certifications will be considered. General Industry Experience: Extreme Networks Routers and Switches, Panduit Cable Management Systems, HPE/Aruba Wireless, FatPipe WAN Optimization and APC UPS experience highly desired. Anne Arundel Community College (AACC) is committed to enriching the educational experience it offers through the diversity of its faculty, administrators, and staff members. The college seeks to recruit and support a broadly diverse team who will contribute to the college's excellence, diversity of viewpoints and experiences, embrace concepts of equity and inclusiveness, and support the equal rights of all people by advancing the understanding and appreciation of differences including age, race, gender, ability, religious convictions, socio-economic status, ethnic heritage, or sexual orientation. While we appreciate your interest in employment with Anne Arundel Community College, applicants must be currently authorized to work in the U.S. on a full-time basis. Employment-based visa sponsorship (including H-1B sponsorship) is not available for any position. Pay dates occur on the 7th and 22nd of each month. If those dates fall on a weekend, the pay date occurs on the Friday prior to the 7th and 22nd. As an employee of the college, you are eligible for a comprehensive benefits package. In the best interest of the College, only individuals who are residents of Maryland or one of the following states will be eligible for employment at the college: Delaware, Pennsylvania, Virginia, West Virginia or the District of Columbia. The college will annually review this restriction and, if appropriate, expand the list of states of employment eligibility. Advertised: 03 Dec 2025 Eastern Standard Time Applications close: Whatsapp Facebook LinkedIn Email App if (typeof SocialShareKit != 'undefined') SocialShareKit.init( forceInit: true, reinitialize: true, selector: '.social-share-kit .ssk' );
FP&A transformation Design, build forecasting, reporting working with Jupiter notebooks dealing with millions of records expert Python skills AI good to have Cloud experience really good communication skills prefer Des Moines, ok with Boston 4 days onsite Investments good to have Trying to automate management reporting calculations Complete and attach to resume subs: Current Location and ability to meet location requirements Work Authorization status Availability to Start / upcoming vacations Interview Method Used (video or in-person only) prefer over telephone interview Technical Vetting Summary (if applicable who conducted it, what was assessed) Relevant Experience Overview (brief explanation of why the candidate is a strong fit) Resume Gaps or Job-Hopping Explanation Note any employment gaps and provide explanation if available) Call out any short stints, indicating whether the roles were contract or full time Motivation & Interest / Why the candidate is looking for a new opportunity Senior Developer FP&A Forecasting & Reporting POSITION OVERVIEW The Senior Developer role partners with the FP&A team and IT data team to design, build, and optimize the FP&A Forecasting and Reporting processes. This position will be accountable for developing and maintaining high-performance components, ensuring the processes scale effectively with complex calculations and large data volumes. You will be a key member of the FP&A Transformation, helping to build a calculation and forecast modeling platform to support a growing, high pace firm. You will act as a technical leader, bringing deep engineering expertise while working closely with FP&A, Investment, Actuarial and data specialists to ensure the processes deliver robust, efficient, and production-grade solutions. KEY RESPONSIBILITIES Platform Development & Optimization Lead the design, development, and optimization of core code base using Python and Python-based compute environments (e.g., Jupyter, VS Code, Databricks). Collaborate with FP&A and data teams to integrate FP&A forecasting models, analytics, and data pipelines. Ensure computational performance, scalability, and reliability across FP&A workloads. Drive technical innovation, including use of compute grids, data vectors, and AI-based methods where relevant. Collaboration & Support Partner with FP&A and external consultants to deliver performant model execution and tooling. Provide technical guidance on backlog items and requirements for IT Data and supporting teams. Serve as a senior escalation point for critical incidents, providing Tier-3 expertise when needed. Governance & Best Practices Establish and champion engineering standards, testing practices, and performance monitoring. Contribute to platform documentation, run books, and knowledge-sharing initiatives. Mentor junior developers and data engineers, raising engineering maturity across the team. Ensure ongoing maintenance, upgrades, and optimizations are delivered with minimal disruption. EDUCATION An undergraduate or advanced degree in Computer Science, Engineering, or related field (or equivalent combination of education and experience). SKILLS Expert Python skills with proven experience in building high-performance, data-intensive systems. Strong understanding of Life & Annuity data, financial models, or large-scale computational engines. Deep knowledge of data management and integration in hybrid cloud ecosystems (AWS / Snowflake). Hands-on experience with compute parallelization and performance optimization techniques. Excellent interpersonal and communication skills; ability to interface effectively with FP&A and program leadership stakeholders. Strong leadership qualities: mentoring, influencing, and guiding technical direction across teams. EXPERIENCE 10+ years in professional software engineering, with significant hands-on Python development. Demonstrated success building or maintaining financial modeling or large-scale computational systems. Experience working with investment banks and/or within life and annuity insurance domains is highly desirable. Proven track record in data-driven platforms, large-scale computation, or advanced analytics. Experience with DevOps practices and ability to explain them to business users. Desirable: Cloud ecosystem expertise (AWS, Azure, Redshift) Familiarity with AI/ML integration in computational systems Experience in data visualization and reporting
01/06/2026
Full time
FP&A transformation Design, build forecasting, reporting working with Jupiter notebooks dealing with millions of records expert Python skills AI good to have Cloud experience really good communication skills prefer Des Moines, ok with Boston 4 days onsite Investments good to have Trying to automate management reporting calculations Complete and attach to resume subs: Current Location and ability to meet location requirements Work Authorization status Availability to Start / upcoming vacations Interview Method Used (video or in-person only) prefer over telephone interview Technical Vetting Summary (if applicable who conducted it, what was assessed) Relevant Experience Overview (brief explanation of why the candidate is a strong fit) Resume Gaps or Job-Hopping Explanation Note any employment gaps and provide explanation if available) Call out any short stints, indicating whether the roles were contract or full time Motivation & Interest / Why the candidate is looking for a new opportunity Senior Developer FP&A Forecasting & Reporting POSITION OVERVIEW The Senior Developer role partners with the FP&A team and IT data team to design, build, and optimize the FP&A Forecasting and Reporting processes. This position will be accountable for developing and maintaining high-performance components, ensuring the processes scale effectively with complex calculations and large data volumes. You will be a key member of the FP&A Transformation, helping to build a calculation and forecast modeling platform to support a growing, high pace firm. You will act as a technical leader, bringing deep engineering expertise while working closely with FP&A, Investment, Actuarial and data specialists to ensure the processes deliver robust, efficient, and production-grade solutions. KEY RESPONSIBILITIES Platform Development & Optimization Lead the design, development, and optimization of core code base using Python and Python-based compute environments (e.g., Jupyter, VS Code, Databricks). Collaborate with FP&A and data teams to integrate FP&A forecasting models, analytics, and data pipelines. Ensure computational performance, scalability, and reliability across FP&A workloads. Drive technical innovation, including use of compute grids, data vectors, and AI-based methods where relevant. Collaboration & Support Partner with FP&A and external consultants to deliver performant model execution and tooling. Provide technical guidance on backlog items and requirements for IT Data and supporting teams. Serve as a senior escalation point for critical incidents, providing Tier-3 expertise when needed. Governance & Best Practices Establish and champion engineering standards, testing practices, and performance monitoring. Contribute to platform documentation, run books, and knowledge-sharing initiatives. Mentor junior developers and data engineers, raising engineering maturity across the team. Ensure ongoing maintenance, upgrades, and optimizations are delivered with minimal disruption. EDUCATION An undergraduate or advanced degree in Computer Science, Engineering, or related field (or equivalent combination of education and experience). SKILLS Expert Python skills with proven experience in building high-performance, data-intensive systems. Strong understanding of Life & Annuity data, financial models, or large-scale computational engines. Deep knowledge of data management and integration in hybrid cloud ecosystems (AWS / Snowflake). Hands-on experience with compute parallelization and performance optimization techniques. Excellent interpersonal and communication skills; ability to interface effectively with FP&A and program leadership stakeholders. Strong leadership qualities: mentoring, influencing, and guiding technical direction across teams. EXPERIENCE 10+ years in professional software engineering, with significant hands-on Python development. Demonstrated success building or maintaining financial modeling or large-scale computational systems. Experience working with investment banks and/or within life and annuity insurance domains is highly desirable. Proven track record in data-driven platforms, large-scale computation, or advanced analytics. Experience with DevOps practices and ability to explain them to business users. Desirable: Cloud ecosystem expertise (AWS, Azure, Redshift) Familiarity with AI/ML integration in computational systems Experience in data visualization and reporting
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
12/17/2025
Full time
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
12/17/2025
Full time
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
12/17/2025
Full time
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
12/17/2025
Full time
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
12/17/2025
Full time
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
12/17/2025
Full time
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
12/17/2025
Full time
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
12/17/2025
Full time
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
12/17/2025
Full time
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
12/17/2025
Full time
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
12/17/2025
Full time
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
12/17/2025
Full time
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
12/17/2025
Full time
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
12/17/2025
Full time
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details
12/17/2025
Full time
Senior Manager, Technology Change Risk Oversight Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity, reliability, and managing technology risk. Technology Risk Management (TRM) is a small organization that packs a big punch. The 100 professionals in TRM are trusted experts who oversee 14,000 developers at Capital One. We raise the bar for excellence in cybersecurity, reliability, and tech risk. We shape strategy and decisions, challenge activities to ensure they meet our standards, and perform independent tests of our security and technology risk. Our business leaders must make technology decisions constantly. TRM makes sure they have the tech risk information they need to make good decisions. Associates within TRM are highly-skilled information security, cybersecurity, site reliability engineering, technology, and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results. As the Senior Manager, Technology Change Risk Oversight you will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of technology processes, controls, and capabilities, including but not limited to material and high risk technology changes. You will provide subject matter expertise, oversight, and effective challenge of key Technology areas such as cloud services, enterprise architecture, cloud migrations, and overall technology deployments. As part of the second line of defense, this position will also collaborate closely with associates in first line Cyber, Technology, the Lines of Business, as well as other second line of defense risk management offices to perform and support evaluations of the effectiveness of the firm's controls infrastructure and offer independent advice and recommendations regarding ways to further mature the firm's cyber risk management capabilities. Finally, as a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately. Essential Functions (Responsibilities): Provide technical leadership in assessing the practices of designing, developing, testing and implementing cloud native solutions to crucial business problems through thoughtful use of industry best practices and Capital One policy. Evaluate proposed and approved cloud technical solutions for automation, resiliency, performance, scalability, and security including appropriate tradeoffs, risks and opportunities Evaluate/assess complex technological and business environment migrations to the cloud and integrated end-to-end solution options Build and maintain relationships with technical leaders, business owners, engineers and other stakeholders to understand and evaluate implementation plans, business priorities and technical solutions to ensure risk are well communicated and understood by the key stakeholders Keep up-to-date on cutting edge technology, standards, protocols and tools in areas relevant to the rapidly changing environment at Capital One, specifically cloud native architecture, serverless, and emerging AWS services Demonstrate strong analytical, problem-solving, and decision-making skills Communicate and drive highly complex technology solutions to broad audiences including executives, business leaders, product managers, legal experts, security specialists and software engineers Define, structure and plan work independently Perform independent risk assessment of our cloud environment focusing on architecture, engineering, networking, governance. Provide expertise and advice regarding the effectiveness of device configurations, IT architecture, or IT engineering solutions Consult with risk owners on the design and implementation or adjustment of mitigating controls associated with emerging technologies Draft and publish independent reports for risk owners, senior management, and other stakeholders regarding risks associated with new or emerging technologies Basic Qualifications: Bachelor's Degree or military experience At least 6 years of experience managing, consulting, auditing, or working in the fields of information security or information technology At least 3 years experience with Public Cloud implementations Preferred Qualifications: Master's Degree in Computer Science or in an Engineering discipline Professional certification (AWS Certified Solutions Architect, AWS Certified Security Speciality, AWS SysOps Administrator, or Certified Information Systems Security Professional (CISSP Experience with Information Security at the policy, architecture or implementation level Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate to drive to consensus Experience with identifying and communicating key risks related to cloud native implementations and architectures Experience drafting reports or analytic assessments for senior management Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers Passion and expertise in cybersecurity and technology risk, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions Ability to manage multiple high-visibility and high-impact projects while maintaining superior results Execution oriented and a self-motivator Experience with threat modeling frameworks (STRIDE, OWASP Top 10, MITRE ATT&CK) Familiarity with controls and control frameworks ( NIST Cybersecurity Framework, NIST 800-53, CIS Top 20, ISO, COBIT.) Ability to work independently and in a team, taking a lead role on projects when necessary Prior experience working in financial services or other highly-regulated sectors Experience working in a hybrid IT environment that includes both traditional on-premises data centers and public cloud infrastructure (e.g., AWS, Azure, Google Cloud) Experience with OpenStack At this time, Capital One will not sponsor a new applicant for employment authorization for this position. This role is Hybrid, with associates expected to consistently spend three days per week in the office. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Riverwoods, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . click apply for full job details