Manager, DevOps Technology Risk Oversight
Company: Capital One
Location: Middletown
Posted on: May 14, 2022
|
|
Job Description:
West Creek 3 (12073), United States of America, Richmond,
Virginia
Manager, DevOps Technology Risk Oversight
Capital One is one of the fastest growing organizations in the
world today. The growth of the business is being accelerated by
leveraging innovative and emerging technologies. We are serious
about technology, we dream big, and we execute: Capital One moved
our entire enterprise to the public cloud over the course of five
years, fully exiting our data centers. Just as we prioritize
driving innovation through technology, we equally prioritize
cybersecurity and managing technology risk. Technology Risk
Management (TRM) is a small organization that packs a big punch.
The roughly seventy professionals in TRM are trusted expert
advisers who shape decisions, challenge activities to ensure they
meet our standards, and generally oversee technology and
information security risk across the business and the central
technology organization. TRM is a second line organization, which
means it is independent and does not sit within the technology
organization.
TRM plays a critical role in ensuring that the company's
risk-taking entities are aware of the risks inherent in their
activities and decisions, the impact of their actions on the
company at an enterprise level, and opportunities to reduce,
mitigate or avoid the risks altogether. Associates within TRM are
highly-skilled information security, cybersecurity, site
reliability engineering, technology, and risk management
professionals who have a wealth of experience and a demonstrated
ability to provide value added recommendations and deliver
high-impact results in their areas of expertise.
This position - Manager, DevOps Technology Risk Oversight - will
play a key role in the review, risk identification, risk
assessment, reporting, and effective challenge of processes,
controls, and capabilities in the software reliability and
resiliency Risk domain. This individual will provide subject matter
expertise, oversight, and effective challenge of key Technology
Risks as it relates to infrastructure as code, automation, As part
of the second line of defense, this position will also collaborate
closely with associates in first line Resiliency and Reliability
teams, Enterprise Architects, other Lines of Business, as well as
other second line of defense risk management offices to perform and
support evaluations of the effectiveness of the firm's controls
infrastructure and offer independent advice and recommendations
regarding ways to further mature the firm's technology risk
management capabilities.
As a member of a growing organization, you will have the
opportunity to shape and further refine your portfolio commensurate
with the priorities of the organization and the firm. The position
affords opportunities for substantial growth and development
opportunities. The demands and high-visibility nature of this
position require an expert with a proven ability to work
independently in a fast-paced environment and who can begin
contributing immediately.
Essential Functions (Responsibilities):
Play a lead role in identifying areas of DevOps technology risk to
provide oversight, analysis, effective challenge, and risk-informed
recommendations and expertise.
Provide technical assessments of DevOps, cloud cybersecurity and
technology capabilities.
Identify and develop new DevOps technology risk assessment
methodologies to enhance the assessment process.
Draft assessments for senior management and other stakeholders, to
include regulatory agencies and the Board of Directors, as
needed.
Stay current on emerging cyber threats and potential implications
to the firm.
Collaborate effectively with colleagues, stakeholders, and leaders
across multiple organizations to achieve objectives.
Coordinate program-related activities and deliverables to ensure
effective collaboration within the team and across stakeholder
groups.
Tracking and monitoring of risk mitigation plans.
Responsible for establishing strong working relationships with
first, second, and third line functions in the implementation,
monitoring, and reporting of risk remediation programs and
processes and to establish and/or improve engagement and
interaction models.
Actively identify emerging risks through technology self-assessment
testing, and BAU meetings/discussions. Escalate operational risk
events as appropriate.
Engage with application owners and management team to define
corrective action plans, and monitor progress to ensure issues and
initiatives are addressed timely.
Basic Qualifications:
A bachelor's degree or military experience
At least 4 years of experience as a software engineer or Site
Reliability Engineer or System administrator
At least 4 years of experience consulting, or auditing, or working
in the fields of information security or information technology
At least 2 years hands on experience with Continuous Integration
(CI) and Continuous Delivery (CD) tools such as Jenkins, or Bamboo,
or Terraform, or CloudFormation, or Grafana, or Prometheus
At least 1 year of experience drafting reports or analytic
assessments for senior management
Preferred Qualifications:
Professional certification: AWS Certified Cloud Practitioner, AWS
Certified Solutions Architect, AWS Certified Security Speciality,
AWS Certified Developer, or AWS SysOps Administrator
Experience with Configuration Management platforms such as Chef or
Puppet or Ansible
Experience with build automation and integration tools such as
Jenkins or Maven
Strong knowledge of software development methodologies and the
software development lifecycle
Strong understanding of Agile models and methodology
Strong knowledge of risk management methods, standards, processes,
governance models, and industry standard risk analysis
approach.
Ability to identify efficiencies and opportunities to automate how
our team provides effective oversight and challenge
Ability to work cross-functionally, individually, and to lead work
among a team
Ability to communicate clearly and to interact effectively at all
levels of the organization, and to influence as warranted and
appropriate to drive to consensus
Execution oriented and a self-motivator
Passion and expertise in cloud and modern technology trends with an
ability to be confident, respectful, and articulate when
registering dissenting or unpopular opinions
Ability to manage multiple high-visibility and high-impact projects
while maintaining superior result
Prior experience working in financial services or other
highly-regulated sectors
Excellent verbal and written communication skills
At this time, Capital One will not sponsor a new applicant for
employment authorization for this position.
No agencies please. Capital One is an Equal Opportunity Employer
committed to diversity and inclusion in the workplace. All
qualified applicants will receive consideration for employment
without regard to sex, race, color, age, national origin, religion,
physical and mental disability, genetic information, marital
status, sexual orientation, gender identity/assignment,
citizenship, pregnancy or maternity, protected veteran status, or
any other status prohibited by applicable national, federal, state
or local law. Capital One promotes a drug-free workplace. Capital
One will consider for employment qualified applicants with a
criminal history in a manner consistent with the requirements of
applicable laws regarding criminal background inquiries, including,
to the extent applicable, Article 23-A of the New York Correction
Law; San Francisco, California Police Code Article 49, Sections
4901-4920; New York City's Fair Chance Act; Philadelphia's Fair
Criminal Records Screening Act; and other applicable federal,
state, and local laws and regulations regarding criminal background
inquiries.
If you have visited our website in search of information on
employment opportunities or to apply for a position, and you
require an accommodation, please contact Capital One Recruiting at
1-800-304-9102 or via email at
RecruitingAccommodation@capitalone.com. All information you provide
will be kept confidential and will be used only to the extent
required to provide needed reasonable accommodations.
For technical support or questions about Capital Ones recruiting
process, please send an email to Careers@capitalone.com
Capital One does not provide, endorse nor guarantee and is not
liable for third-party products, services, educational tools or
other information available through this site.
Capital One Financial is made up of several different entities.
Please note that any position posted in Canada is for Capital One
Canada, any position posted in the United Kingdom is for Capital
One Europe and any position posted in the Philippines is for
Capital One Philippines Service Corp. (COPSSC).
Keywords: Capital One, Middletown , Manager, DevOps Technology Risk Oversight, IT / Software / Systems , Middletown, Connecticut
Click
here to apply!
|