Senior Manager, Global Trade Compliance (ES Risk)

Capital One is one of today's fastest growing organizations in the world. As a Senior Manager for Global Trade Compliance (GTC) in Enterprise Services (ES) Risk, you will play a pivotal role developing and driving our international risk management agenda—from day one. Teamwork is at the heart of our innovation, and we empower each other to think big. We welcome diverse perspectives and experiences as we reshape the financial industry.

The Senior Manager for GTC will support the ES Risk office in Capital One's first line of defense and implement high-priority, enterprise-level, technology and cybersecurity risk management initiatives related to international operations. Successful candidates will demonstrate ingenuity, a proven track record of project and program management, policy and regulatory acumen, change resiliency, and strong communication skills to influence and partner with stakeholders across the Tech community.

In this position, you will help lead international risk management functions for ES. This includes mastering a dynamic regulatory environment, implementing and enhancing appropriate risk management processes across Capital One, driving project and program delivery, and influencing outcomes that support our company's international risk strategy. You will collaborate closely with associates and senior leaders across all lines of defense, lines of business, and other risk management teams to support this work.

This role requires an expert with a proven ability to work both independently and collaboratively in a fast-paced environment and who can begin contributing immediately. This role will be responsible for partnering with teams to develop and manage best-in-class industry risk solutions in a manner that supports innovation and protects our customers, shareholders and associates.

Responsibilities:

• Provide expert advice and thought leadership at the nexus of technology, cybersecurity, risk management, and international operations, particularly in the areas of technology development, production, and transfer related to affiliates and third parties abroad.
• Drive collaboration across first-line-of-defense Technology and Cyber teams, Compliance, Legal, second-line risk organizations, and other lines of business to design, cultivate, and implement effective processes in furtherance of US export control activities and other trade compliance requirements as defined by applicable laws and regulations.
• Lead the integration, refinement, and management of procedures incorporating export control governance through technology development, supplier management, and other enterprise operations that streamline international business opportunities at launch.
• Conduct program- and process-level risk assessments to identify international risks and mitigation plans based on industry standards and best practices in alignment with Capital One's strategic risk direction.
• Drive program delivery, including project and data management; risk reporting; engagement with leadership; the drafting of material for presentation to senior management; and records keeping.
• Build successful relationships with Tech and other team members to understand the impact of technology risk on critical international business processes.
• Monitor and provide expert advice in areas of information security, emerging technology, associated regulations, and potential implications to the company.
• Draft, coordinate, and deliver written products that contribute to the development of strong policies, standards, procedures, guidelines, tools, templates, and job aides in furtherance of global trade compliance activities and risk methodology.
• Support direction, manage expectations, advance continuous process improvement, and lead cross-functional teams and risk forums through various initiatives, including oversight of third-party resources.
• Support interactions with internal audit and regulatory agencies related to our work, as applicable.
• Support the ES Risk organization by implementing new and innovative ideas, and support special projects for the team, as needed.

Basic Qualifications:

• Bachelor's Degree or military experience.
• At least 5 years experience in cyber risk management, information technology, tech risk management, or technology audit—or a combination of these.
• At least 5 years of national security, technology industry, or financial services industry experience.
• At least 5 years experience planning and leading risk assessments and audits.
• At least 5 years experience in project, risk program, or process management.
• At least 3 years experience consulting with executives or in enterprise strategy and policy development.

Preferred Qualifications:

• 6+ years experience performing information security or technology risk identification, assessments, and controls governance for digital products and services.
• 5+ years experience performing data analysis in support of internal risk assessments, control design, and operating effectiveness associated with new or change-driven initiatives.
• 5+ years experience in setting direction, managing, and leading cross-functional programs and projects.
• 3+ years experience performing data analysis in support of cybersecurity assessments and control design in a cloud environment (preferably Amazon Web Services (AWS))
• Familiarity with regulatory practices and direct work experience in cryptography and the application of encryption-related technologies.
• Excellent verbal presentation and written communication skills to confidently interact at all levels of the organization (e.g., technology/cyber organizations, enterprise business stakeholders, and senior leadership).
• Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), AWS Security certification, or other Industry Risk Professional Certification.
• Project Management (PMP) or Program Management (PgMP) certification.
• Certifications in AWS, Google Cloud Platform (GCP), and Azure
• Strong proficiency with Google Workspace is a plus.
• Background with a 'Big 4' consulting firm or with the Federal Government.