Global Payments Network Risk Program Manager

Capital One•McLean, VA

About The Position

Global Payments Network Risk Program Manager Capital One is one of the fastest growing organizations in the world today. The growth of the business is accelerated by leveraging innovative and emerging technologies. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years, fully exiting our data centers. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity and managing technology risk. Technology and Data Risk Management (TDRM) are trusted expert advisers who shape decisions, challenge activities to ensure they meet our standards, and generally oversee technology, data and information security risk across the business and the central technology organization. TDRM is a second line organization, which means it is independent and reports up through the Chief Enterprise Risk Officer. TDRM plays a critical role in ensuring that the company’s risk-taking entities are aware of the risks inherent in their activities and decisions, the impact of their actions on the company at an enterprise level, and opportunities to reduce, mitigate or avoid the risks altogether. As a Manager, Risk Program Management on TDRM’s GPN advisory and oversight team, you will coordinate execution and create visibility for the team’s work drive execution, governance, and transparency across a complex portfolio of technology and cyber risk initiatives. Responsibilities include enabling actionable status reporting and tracking, driving capacity planning, and championing better agile use across the team establishing scalable program structures that enable effective oversight of risk assessments, remediation tracking, and portfolio health reporting This role will be responsible for developing tools/templates to help the team be more efficient in projecting and tracking their work, designing and maintaining portfolio governance tools, metrics, and operating mechanisms that strengthen risk visibility and forecasting accuracy, and leading the team to further levels of agile maturity within a second-line risk environment. As a member of a growing organization, you are expected to shape and further refine the GPN risk oversight team, and will have the opportunity to operate with both autonomy and empowerment from senior leadership. The demands and high-visibility nature of this position require an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately.

Requirements

Deep focus on execution, follow-through, accountability, and measurable risk outcomes
Strong communication to stakeholders at all levels across the company to enable transparency and timely information sharing
Proven critical thinking skills, including and the ability to express a point of view supported by data
Comfort raising concerns early and knows when to escalate, including the ability to raise issues and facilitate constructive problem solving at all levels of the organization
Ability to collaborate effectively with colleagues, stakeholders, and leaders across multiple organizations to get consensus, socialize strategy, and achieve objectives
Personal resilience - the ability to stay optimistic and keep people focused during times of change
Willingness to learn and an intellectual curiosity to better understand technology risk management processes to identify areas for improvement
Experience designing governance structures and operating models that tailor agile delivery methodologies to risk oversight and second-line advisory environments
Adept at providing structure and organization in a complex environment
A Bachelor’s degree or military experience
At least 5 years of experience managing technical programs or consulting engagements

Nice To Haves

5+ years of experience with Agile delivery
4+ years years experience delivering large and complex projects or managing operations
Experience in a technology or cybersecurity oversight function
Experience in enterprise risk frameworks and regulatory expectations in financial services
Experience building reporting dashboards and portfolio metrics within governance, risk, and compliance (GRC) platforms
Experience supporting or advising agile technology teams (Scrum, SAFe, Kanban)
Project Management Professional (PMP) certification, or Lean 6 Sigma certification

Responsibilities

Building relationships, collaborating, and communicating directly with practice leads and senior leaders to manage the intake, prioritization and strategic alignment of technology and data risk initiatives
Designing, developing, and managing risk portfolio governance processes, including capacity & demand views within a complex and dynamic environment to improve coverage transparency, dependency management, and risk prioritization
Partnering with agile teams to integrate risk oversight, assessment timing, and remediation tracking into sprint planning and quarterly delivery cycles
Partnering cross-functionally with team members and stakeholders to understand pain points and implement tailored process improvement solutions that address those pain points
Implementing, maintaining and providing key metrics that further inform the health of the portfolio and leadership decision making, including as the team’s champion for OKRs (Objectives and Key Results)
Streamline reporting against team objectives and KPIs (Key Performance Indicators) in monthly reports to senior leadership
Build and champion well-managed agile delivery practices that enable seamless flow of second-line risk advisory and assessment activities aligned to first-line technology delivery timelines
Partner with team members to ensure appropriate escalation when things are past due or there are obstacles, providing an early warning when things are off track
Establish a mechanism for operational continuous improvement (e.g., lessons learned)
Execute annual risk coverage planning aligned to enterprise risk priorities, regulatory expectations, and emerging technology risk themes
Lead a quarterly review of changes in risk factors that will drive prioritization decisions for the team