Senior Director, Information Security Officer (Global Payment Networks)

About This Role

Lead and manage the Global Payment Networks Information Security Office at Capital One, integrating cyber strategy, identifying and managing risk for business initiatives and technology platforms, and providing security expertise to executive leadership.

Responsibilities

• Lead a team of Product Security advisory professionals responsible for Divisional cyber strategy integration and execution
• Identify and manage risk for top business initiatives and technology platforms, threat and vulnerability management, incident management, supply chain cyber risk management, cyber risk oversight and reporting
• Deliver Cyber agenda and integrate Information Security within business objectives for the line of business area
• Serve as the central point of contact for line of business technology executives into Capital One’s Cyber risk management priorities
• Educate and influence executive leadership and associates to effectively leverage security capabilities and solutions to mitigate risks and emerging threats
• Provide security expertise on prioritizing and managing information security risks and initiatives
• Escalate and manage cyber security risk
• Provide regular updates to executive leadership with the line of business on the overall information security health and risk environment
• Work with business leadership to anticipate their objectives and needs to better serve them
• Advocate for security and business/digital innovation, fostering a culture that prioritizes cyber safeguards and business requirements
• Play a key leadership role within Cyber’s community of leaders, driving innovation and partnering with other Cyber and Technology organizations
• Build relationships and influence risk management functions across lines of defense
• Become knowledgeable and advise on Capital One’s Cyber’s services, policies, procedures and standards
• Stay current on the changing regulatory environment and understand the impacts to the organization
• Recruit, develop, and retain top talent, utilizing excellent people leadership skills
• Build your team to provide top-notch information security and risk management expertise and guidance

Requirements

• 9+ years of experience in Information Security
• 7+ years of experience in people management
• 5+ years of experience with cyber policies, standards, and procedures
• 5+ years of experience in securing public cloud environments and services (AWS, GCP, Azure)

Qualifications

• Bachelor's degree
• At least 9 years of experience in Information Security

Nice to Have

• Master's degree or PhD in Computer Science, Information Systems, or Engineering
• 10+ years experience in technology and cybersecurity risk
• 8+ years experience in leading applications security, vulnerability management and incident response
• 8+ years experience performing security risk assessments
• 5+ years experience working with industry frameworks and compliance requirements (NIST CSF, FFIEC CAT, CIS RAM, FAIR, PCI DSS)
• 3+ years experience with information technology audit or compliance management
• 2+ years experience utilizing agile methodologies within DevOps environments
• 4+ years experience in a regulated environment
• 2+ years experience in financial services industry

Skills

* Required skills

Benefits

Certifications