Risk Manager, Endpoint Security
Capital One · Richmond, VA · 2 wk ago
Finance$197k–$225k/yrFull-time
Responsibilities
- Provide advisory, oversight, and effective challenge to the 1st Line of defense.
- Provide technical assessments of cybersecurity controls design and effectiveness.
- Draft assessments for senior management and other stakeholders, to include regulatory agencies and the Board of Directors, as needed.
- Stay current on emerging cyber threats and potential implications to the firm.
- Collaborate effectively with colleagues, stakeholders, and leaders across multiple organizations to achieve objectives.
- Coincordinate program-related activities and deliverables to ensure effective collaboration within the team and across stakeholder groups.
- Proven track record of leading, mentoring, and influencing others.
- Ability to communicate clearly in written and verbal form.
- Ability to manage multiple projects while maintaining superior results.
- Ability to work individually and cross-functionally.
- Execution oriented and a self-motivator.
- Bachelor’s degree or military experience
- At least 5 years of experience implementing endpoint detection and response (EDR) tools with anti-malware and anti-virus functionality
- At least 3 years of experience implementing application whitelisting technologies
- At least 3 years of experience implementing next-generation endpoint platforms such as virtual desktop infrastructure (VDI) or thin clients or thin platforms
- At least 3 years of experience implementing tools and processes that remove sensitive data off endpoints
- At least 3 years of experience with Mobile Device Management (MDM) or Mobile Application Management (MAM)
- At least 2 years of experience with Privileged Access Management (PAM) tools
- At least 2 years of consulting, audit, or risk management experience
- Familiarity with NIST Cybersecurity Framework controls, NIST 800-53, ISO 27000-1
- Cybersecurity certifications such as: Certified Information Systems Security Professional (CISSP); Certified Information Security Manager (CISM); or Certified in Risk and Information Systems Control (CRISC)
- Cloud certifications for Amazon Web Services (AWS) or Google Cloud Platform (GCP)