Risk Manager - Enterprise Risk Management - Insider Threat Program

Capital One
  • Location
    McLean, Virginia
  • Sector
  • Experience
    Early Career
  • Posted
    Oct 18

Position description

At Capital One, we’re building a leading information-based technology company. Still founder-led by Chairman and Chief Executive Officer Richard Fairbank, Capital One is on a mission to help our customers succeed by bringing ingenuity, simplicity, and humanity to banking. We measure our efforts by the success our customers enjoy and the advocacy they exhibit. We are succeeding because they are succeeding.                                               

Guided by our shared values, we thrive in an environment where collaboration and openness are valued. We believe that innovation is powered by perspective and that teamwork and respect for each other lead to superior results. We elevate each other and obsess about doing the right thing. Our associates serve with humility and a deep respect for their responsibility in helping our customers achieve their goals and realize their dreams. Together, we are on a quest to change banking for good.

Role Description

Capital One’s Enterprise Risk Management (ERM) team plays a key and strategic role in the organization. This team is responsible for providing frameworks, tools, and methods to identify and manage risk; monitoring adherence with the Enterprise Risk Management Policy; analyzing, aggregating, and recommending risks for top risk designation for the Chief Risk Officer; managing processes and providing tools and policies for identification, aggregation, and mitigation of risks across all eight risk categories (Operational, Reputation, Strategic, Legal, Market, Liquidity, Compliance, Credit); and managing risk related to ERM owned horizontal functions on behalf of the enterprise.
ERM is currently leading several wide-ranging, cross-functional transformation initiatives.

ERM is looking for a Manager who will help identify and mitigate potential risks to Capital One by working to assist to develop and implement our Enterprise Insider Threat Program in partnership with key stakeholders across the company.

As a Manager within ERM, the ideal candidate will be highly motivated with excellent organizational and communication skills and serve as an interdepartmental liaison –collaborating effectively with stakeholders from across the organization, including Operational Risk Management, Compliance, Legal, Internal Audit, Regulatory Relations, Cyber, Tech, Human Resources, and the lines of business to achieve Capital One’s objectives.


- Assist Insider Threat management in creating, tracking, and reporting on Insider Threat
- Provide advice to Insider Threat Program components, as it relates to Insider Threat risk management; and communicate key Insider Threat trends and insights from the
enterprise level
- Provide credible challenge to the program components; independently monitor Insider
Threat Program elements; and, independently escalate Insider Threat risk management
gaps and issues to Insider Threat senior management
- Drive enhancements to the Enterprise Insider Threat Program through synthesizing
data, including open source and public records to create and present Insider Threat
briefings and reports
- Provide support to Insider Threat incident response and remediation activities, as
- Contribute to the development of materials for internal audits and regulatory exams

Capital One Confidential
- Contribute to, edit, and deliver presentations that aid in the design, development,
refinement, and execution of the Insider Threat Risk Management Program
- Perform initial analysis or potentially evaluate data to provide stakeholders with the
necessary information to assess risk
- Engage with stakeholders across all line of business and functional areas, to create
effective Insider Threat risk mitigation solutions
- Build and maintain relationships within industry of insider risk and risk management
- Coordinate and collaborate with the lines of business, Cyber, and other relevant
stakeholders to oversee remediation of identified risks and vulnerabilities


The Ideal Candidate will:
- Ability to conduct research and write analytical reports
- Ability to synthesize data, including open source and public records, to create and
present Insider Threat briefings and reports
- Ability to create, track, and report periodically on Insider Threat program metrics
- Be an analytical thinker and process oriented
- Be a highly motivated professional with excellent decision-making and communication
- Have experience in working with and handling sensitive materials
- Have a strong bias for action and a drive to get things done
- Be an effective storyteller
- Ability to collaborate across the enterprise, building relationships with key stakeholders
- Have experience working in the field of insider threat, internal fraud,
counterintelligence, national security, foreign policy, cyber security, or equivalent roles
- Demonstrate strong written and verbal communication skills

Basic Qualifications:
- Bachelor’s Degree or Military experience
- At least 1 year of risk management, insider threat, counterintelligence, cyber
security, law enforcement in the banking or financial services industry, or public sector consulting experience
- At least 1 year of experience working to detect and prevent insider threats or
experience supporting groups tasked with detecting and preventing insider threats
- At least 1 year of experience working with multiple departments or stakeholders within a large organization

Preferred Qualifications:
- At least 3 years of risk management, insider threat, counterintelligence, cyber, or similar experience in the Federal Government or consulting industry
- Demonstrated knowledge in security issues, vulnerabilities, regulatory and legal
changes, and security standards that may impact insider risks
- Demonstrated understanding of Insider Threat program management

Application instructions

Please be sure to indicate that you saw this position on Globaljobs.org

follow us on Twitter