CrawlJobs Logo

Manager, Cyber Technical (Audits and Assessments)

capitalone.com Logo

Capital One

Location Icon

Location:
United States , McLean

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

179400.00 - 245600.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information Security and Risk Management. You are pragmatic and practical in your understanding of risk and security, but also willing to know when to pull in experts and escalate. You collaborate and innovate with other teams within Capital One to push the envelope. You are comfortable with technologies like Cloud services, Containers, Docker, Microservices, Serverless, APIs, DevOps and micro-segmentation. Security is essential to what we do here, from protecting our customers to our associates.

Job Responsibility:

  • Act as a central point of contact for your line of business to the rest of Capital One’s Information Security and Risk Management
  • Coordinate and execute proactive Information Security consulting to the business and technology teams covering Infrastructure Security, Resiliency, Data Security, Network Architecture and Design, and User Access Management
  • Serve as an expert in Capital One’s Information Security capabilities, solutions, policies, procedures and standards
  • Influence customers to leverage security capabilities and solutions to shift and integrate security to the left in the development processes
  • Escalate and manage cyber security risk
  • Provide ad hoc support on special Information Security hot topics for the business
  • Provide regular updates to executive leadership with your line of business on the overall Information Security health and risk environment
  • Work with line of business leadership to anticipate their objectives and needs to better serve the line of business

Requirements:

  • High School Diploma, GED, or equivalent certification
  • At least 4 years of experience providing guidance and oversight of cybersecurity concepts
  • At least 3 years of experience performing security risk assessments and security architecture reviews
  • At least 3 years of experience with architecture design, software design, networking or Cloud infrastructure

Nice to have:

  • Bachelor’s Degree
  • 6+ years of experience with Architecture design, software design, networking or Cloud infrastructure
  • 4+ years of experience in securing a public cloud environment (AWS, GCP, or Azure)
  • 2+ years of experience utilizing Agile methodologies
  • 2+ years of experience in Enterprise Monitoring
  • 2+ years of experience with technologies supporting finance, fintech, banking, payment cards, or a related domain
  • 2+ years of experience with web and mobile application security, and solid understanding of the OWASP Top Ten
  • 2+ years of experience with security testing, such as penetration testing, red teaming, vulnerability scanning, SAST and DAST
  • 2+ years of scripting or programming experience (Python, SQL, PHP, PowerShell)
  • Professional certifications such as AWS Certified Solutions Architect or Certified Information Systems Security Professional (CISSP)
  • 2+ years of experience with international regulatory cyber audits and assessments
What we offer:
  • performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI)
  • comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being

Additional Information:

Job Posted:
January 25, 2026

Employment Type:
Fulltime
Work Type:
On-site work
Icon
Capital One - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Manager, Cyber Technical (Audits and Assessments)

Operational Technology (OT) Cyber Security Engineer

The OT Cyber Security Engineer will contribute to the delivery of high-quality t...
Location
Location
United Kingdom , Stockton-on-Tees
Salary
Salary:
Not provided
risktec.tuv.com Logo
Risktec Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A relevant technical degree or equivalent industry experience in OT cybersecurity is desirable
  • Good working understanding of industrial control systems (DCS, SCADA, PLCs, etc.)
  • Prior experience in technical delivery roles, including hands-on involvement in a project delivery or client-facing setting, is desirable but not essential
  • Evidence of delivering high-quality technical work under supervision
  • Foundational knowledge of OT cybersecurity practices, frameworks, and regulations, such as IEC 62443, CAF, OG86, and NIS
  • Awareness of OT cybersecurity techniques and tools for compliance with national/international standards, contributing to effective technical solutions
  • Developing competency in performing assignments in areas such as: Supporting risk assessments and vulnerability analysis of OT environments
  • Assisting in asset inventory preparation and management for industrial control systems (ICS)
  • Conducting physical and standards-based site audits, aligned with international standards
  • Contributing to network diagram creation to improve system visibility and security
Job Responsibility
Job Responsibility
  • Support risk assessments and create asset inventories for OT systems across client sites under supervision
  • Perform physical and standards-compliant site audits as directed by senior consultants or team leads
  • Assist in the creation, documentation, review, and validation of network diagrams and OT systems architecture
  • Support the review, development, and implementation of OT Cyber Security Management Systems (CSMS) in alignment with established frameworks and international standards
  • Collaborate with the OT Cyber Security team and other departments to deliver projects successfully, ensuring high-quality outputs
  • Prepare and deliver accurate and professional technical reports and documentation that meet client expectations and regulatory compliance
  • Stay informed of industry trends and emerging OT cybersecurity challenges, applying foundational knowledge to support team-directed initiatives
  • Interaction with customers to ensure TUV deliver a solution on time and to high quality
What we offer
What we offer
  • comprehensive training
  • flexible working
  • a great pay and benefits package
  • Fulltime
Read More
Arrow Right

Risk Analyst

The Risk Analyst role at NTT DATA involves assessing and managing risks to ensur...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3 - 6 years of experience
  • Experience in Cyber Governance, Risk & Compliance (GRC) and Security Operations (SecOps) Management
  • Deep understanding of GRC frameworks and SecOps activities
  • Exposure to working in a Managed Services environment
  • Solid understanding and experience of Cyber Security controls in terms of people, process and technology
  • Proven experience with Cyber control metrics management
  • Exceptional communication and written skills
  • Technical and non-technical stake holder engagement
  • Understanding of Cyber governance, Risk management, compliance frameworks such as NIST, ISO 27001, ISO 27035, SOC2
  • Strong and demonstrated experience in Information Security, with a focus on Cyber GRC and SecOps
Job Responsibility
Job Responsibility
  • Assessing and managing risks to ensure the security, integrity, and resilience of the organization's operations and services
  • Identifying potential threats, analyzing vulnerabilities, and providing recommendations to mitigate risks
  • Proactive risk assessment and collaboration with cross-functional teams
  • Audit Management: Against security standards such as ISO 27001, SOC2 Type II and Client contract obligations
  • BCP/DR testing
  • Client Cyber Risk management
  • Contribution to Cyber security awareness training
  • Metrics Management: Assist stakeholders with security metrics reporting
  • Security Incident Response
  • Supply Chain Risk and Audit management
  • Fulltime
Read More
Arrow Right
New

Principal Specialist: IT Internal Audit

The Principal Specialist: Cyber Security Auditor will be responsible for providi...
Location
Location
South Africa , Johannesburg
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
March 19, 2026
Flip Icon
Requirements
Requirements
  • CEH or OSCP certification
  • Professional qualification strongly preferred: CISA, SSCP, CISSP, CISM, ISO27001 and CRISC or ITIL
  • Relevant IT bachelor and/or postgraduate degree (e.g. BSC Computer Science, B. Com Informatics/ B.Com Information Systems) or any other relevant qualification
  • Cyber security- either in implementation or operations or assessment role - minimum 3 years
  • Internal or External Audit experience-minimum 3 years (advantage)
  • Telecommunications and financial services industry experience (advantage)
  • Experienced in the area of Cyber Security – either in an implementation, operation or assessment role
  • Technical knowledge on penetration testing, ethical hacking, IT/information security/ cyber security standards and frameworks such as ISO27001, NIST CSF and GITC
  • In depth hands-on experience with Vulnerability Scanning Tools like Qualys, Nessus or TVM
  • Experience supporting Vulnerability Management, DLP, WAF, EDR and other solutions
Job Responsibility
Job Responsibility
  • Lead the scoping, planning, delivery and reporting of cyber security audits in the Technology domain across all Vodacom Group in accordance with the Internal Audit methodology
  • Identify, develop, and document audit issues and recommendations using independent judgment concerning areas being reviewed
  • Document impactful audit reports
  • Perform technical audits on topics such as 5G, cloud, Internet-of-Things (IoT), Blockchain and other emerging technologies
  • Be the subject matter expert within the Technology domain in the areas of cyber security and ethical hacking
  • Incorporate the use of data analytics within the audit approach to increase the extent of assurance, quality of insight, and efficiency of our audits
  • Follow-up on outstanding cyber security audit actions
  • Support the EHOD: IT Internal Audit and peers, in delivery of audit plans by providing knowledge and expertise
  • Manage relationships with Technology Senior Stakeholder
  • Produce excellent quality audit work
What we offer
What we offer
  • Enticing incentive programs and competitive benefit packages
  • Retirement funds, risk benefits, and medical aid benefits
  • Cell phone and data benefits, advantages fibre connection discounts, and exclusive staff discounts offered in collaboration with partner companies
  • Fulltime
!
Read More
Arrow Right

Bdo Digital Senior Cyber Analyst

We’re BDO. An accountancy and business advisory firm, providing the advice and s...
Location
Location
United Kingdom , Birmingham
Salary
Salary:
Not provided
bdo.co.uk Logo
BDO UK LLP
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in IT security domains
  • Experience in performing IT security audits and/ or control gap assessments against CIS Benchmarks and NIST
  • Certification, such as CISA preferred
  • Demostrable interest, training, experience or certification (e.g. Security+, Network +, SSCP, CISSP) in cybersecurity is highly beneficial
  • Strong technical foundation to support the understanding of controls
  • Experience in cybersecurity, IT risk (consultancy experience) or regulatory landscape
  • Ability to meet project deadlines and manage multiple engagements
  • Strong analytical and problem-solving skills, with the ability to present information in a clear and concise manner
  • Ability to build strong relationships with clients
Job Responsibility
Job Responsibility
  • Manage risk for our clients to make them stronger for the future
  • Performing assessments of cybersecurity controls to guide clients on their level of cyber risk
  • Support technical engagement managers on cyber advisory services
  • Support the Cyber Management team as they look to develop the proposition and grow the business
  • Delivery of cyber engagements to help clients assess their cyber risk and support technical engagements
What we offer
What we offer
  • Agile working
  • Programmes, resources, and frameworks that provide clarity and structure around career development
  • Informal success conversations to formal mentoring and coaching
  • State-of-the-art collaboration spaces in our offices
  • Multidisciplinary events and dedicated resources
Read More
Arrow Right

Manager, Risk Management Cyber Security

This role sits within the Second Line of Defence (2LOD) Risk function and provid...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
mastercard.com Logo
Mastercard
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Professional cyber security certifications (e.g., CRISC, CISA, CISM, CISSP, ISO 27001 Lead Auditor) preferred
  • Knowledge of key cyber security relevant control domains, frameworks and standards (e.g., NIST, ISO27001, CSF, CRI, MITRE, etc.)
  • Strong understanding of risk management principles and the Three Lines of Defence model
  • Enthusiastic about cyber security including tracking industry trends and emerging risks
  • Experience of applying operational risk frameworks and understanding of risk assessment methodologies
  • Proven experience in Cyber Security risk and controls oversight within a financial institution or critical infrastructure environment
  • Ability to analyse complex data with attention to detail and articulate risk insights clearly to technical and non-technical audiences
  • Skilled in building trusted relationships with stakeholders at all levels
  • Highly organised, adaptable, and able to work independently with minimal supervision and as part of a team
  • Excellent written and verbal communication skills
Job Responsibility
Job Responsibility
  • Provide second line expertise and challenge around all aspects of Cyber Security related risks
  • Support the Vocalink risk management approach and implemented policies and procedures to minimize Cyber Security risk exposure and drive robust controls
  • Support the implementation and embedding of the Enterprise Risk Management Framework for Cyber Security risk, ensuring completeness and accuracy of risk assessments, control standards, residual risk evaluations, and issue management
  • Partner with first line Cyber Security teams to promote balanced risk-taking and a strong risk culture
  • Represent Cyber Security risk at relevant committees and forums, deputising for the VP Risk Management when required
  • Provide clear and concise risk briefings to senior stakeholders, including the CRO ensuring timely escalation of material risks and appetite breaches
  • Liaise with and support the risk and control owners to resolve any questions, queries and challenges relating to cyber security relevant certification and or customer requirements for example, during an audit as well as in the pre and post audit stages
  • Fulltime
Read More
Arrow Right

Avp - cyber audit

Join us as an AVP - Cyber Audit, where you will play a crucial role in ensuring ...
Location
Location
United States , New York; Whippany
Salary
Salary:
95000.00 - 150000.00 USD / Year
barclays.co.uk Logo
Barclays
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience or familiarity with regulatory-driven audit environments
  • Proven experience leading audits or complex workstreams, not just executing testing
  • Experience auditing against industry frameworks and regulations
  • Strong understanding of: Cyber security control design and operating effectiveness
  • Threat vectors and attack techniques relevant to large financial institutions
  • How cyber risks manifest across infrastructure, applications, and third‑party ecosystems
  • Ability to translate technical issues into clear business risk
Job Responsibility
Job Responsibility
  • Audit development and delivery support, including financial statements, accounting practices, operational processes, IT systems and risk management
  • Identification of operational risks to support the delivery of the Barclays Internal Audit (BIA) Audit Plan through risk assessments
  • Assessment of internal control effectiveness and their capability to identify and mitigate risk aligned to regulatory requirements
  • Communication of key findings and recommendations to stakeholders, including the Audit Owner, senior managers and directors
  • Identification of regulatory news and industry trends/developments to provide timely insight and recommendations for best practice
What we offer
What we offer
  • Medical, dental and vision coverage
  • 401(k)
  • life insurance
  • other paid leave for qualifying circumstances
  • incentive award eligibility
  • health and fitness centre
  • gym facilities
  • fitness classes
  • onsite parking
  • shuttle bus service
  • Fulltime
Read More
Arrow Right

Information Security Integration and Governance Specialist

Within Airbus Defence and Space SAU, Corporate Security operates under a holisti...
Location
Location
Spain , Getafe Area
Salary
Salary:
Not provided
airbus.com Logo
Airbus
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • University degree in Computer Science, Engineering, Telecommunications, Information Systems, or a related field
  • Relevant industry certifications are highly valued (e.g. CISSP, CISM, CISA, ISO/IEC 27001 Lead Implementer/Auditor)
  • Deep understanding of risk analysis: proven experience leading and documenting comprehensive Information Security Risk Assessments (RAR) and defining effective mitigation strategies. Knowledge of MAGERIT and EBIOS methodologies and tools (Pilar / Fence)
  • Regulatory Compliance Mastery (ENS, CCN-STIC…)
  • Accreditation and Audit Management: extensive hands-on experience in managing security audits and supporting system accreditation/certification processes (eg. ISO 27001, ENS compliance)
  • Penetration Test Coordination: experience coordinating penetration testing (overseeing the scope, evaluating technical results, and tracking remediation plans)
  • Security Architecture/Controls: solid understanding of technical security controls across network, system, and application layers, and the ability to interface with IT/DevOps teams
  • Security Project Management: Demonstrated ability to manage and deliver security implementation projects on time and within budget, translating high-level policy into actionable tasks
  • Deviation Management: experience defining, managing, and tracking security exceptions or deviations, including risk acceptance and compensating control documentation
  • Stakeholder communication: excellent written and verbal communication skills to effectively bridge the gap between Corporate Security management and IT operation teams
Job Responsibility
Job Responsibility
  • Strategic Interconnection: Act as the interface and point of contact between the Corporate Security area and the Digital area, translating security requirements into applicable technical solutions
  • Risk Management and Analysis: Lead the analysis, assessment, and treatment of security risks, identifying vulnerabilities and proposing countermeasures to mitigate the potential impact on company assets
  • Regulatory and Legal Compliance: Ensure strict knowledge and compliance with Spanish and international applicable regulations (eg ENS, CCN-STIC, NIS2, CRA, ISO 27001, NATO, EU, PART-IS, CMMI, NIST), as well as actively participating in accreditation processes and system certification
  • Audit and Accreditation: Coordinate security audits (internal and external) and manage the necessary documentation and evidence for system accreditation processes
  • National networks: provide technical expertise and support to the Spanish NISO (National Information Security Officer) in evaluating and defining the security conditions required to answer the demands for different areas regarding interconnections and geographical extensions of our national network
  • Security Project Management: lead or participate in the management of key projects aimed at implementing, updating, or reinforcing security controls and tools
  • Deviation Management: administer and document the security deviation management process, evaluating its associated risk and establishing mitigation plans
  • Support the Spanish NISO in the implementation of the company digital security strategy within the framework of the national laws and regulations and in the implementation of technical and organization measures to identify, resort and manage cyber security risks
  • Fulltime
Read More
Arrow Right

Cyber Assurance Manager

Role Overview Using a risk-led and threat-informed approach, this role will driv...
Location
Location
United Kingdom , England
Salary
Salary:
Not provided
unilever.com Logo
Unilever
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Significant experience in ITES industry, including experience in a senior Cyber Security or Information Security role
  • Strong experience in managing operational risks and controls, including end-to-end risk identification, assessment, and mitigation
  • Strong knowledge of enterprise cloud environments, with some hands-on experience using leading platforms such as Azure, GCP, AWS etc
  • Proven track record in Cyber Security, including cyber risk management and governance
  • Experience in IT & Cyber Automation, enabling real-time telemetry ingestion and correlation using APIs, data pipelines, or event hubs
  • Excellent strategic and operational business awareness, with deep understanding of digital business drivers and constraints
  • Strong communication skills and experience presenting to senior leaders
  • Knowledge of technical landscapes and experience delivering Cyber Security projects
  • Cybersecurity and resilience certifications such as Security+, CISA, CISM, CISSP (or equivalent), ISO22301, CBCP etc
Job Responsibility
Job Responsibility
  • Drive periodic assurance activities in support of the Global Risk & Compliance (GRC) team, aligned with Unilever’s risk appetite
  • Assure compliance with Cyber Security policies, standards, and international regulations, while collating and reporting risks and metrics derived from these assurance activities
  • Oversee periodic assurance across all areas of the business globally, ensuring resilience and compliance in a rapidly evolving threat landscape
  • Work with Cyber Resilience Assurance and Cyber Production Assurance Lead Managers to deliver a comprehensive suite of assurance activities including: Cyber crisis response readiness/effectiveness, cyber resilience in Business Continuity Planning (BCP), IT/cloud resilience and data recovery assurance, continuous controls monitoring and reporting, Operational Technology (OT), Internet of Things (IoT) assurance, and AI assurance
  • Responsible for ensuring the assessment and effective reporting of Unilever’s compliance against Unilever’s standards and relevant global cyber regulations and best practices, enabling wider Risk and Compliance based insights
  • Develop, maintain, and manage assurance documentation, reports, and audit evidence to support compliance objectives
  • Conduct and support risk assessments, control validations, and compliance checks across cyber assurance initiatives
  • Design, track, and maintain key cyber assurance metrics for both Cyber Resilience and Production Assurance workstreams
  • Prepare and deliver executive-level reports summarizing the organization’s overall cyber assurance posture
  • Drive continuous improvement of assurance processes, frameworks, and methodologies to enhance resilience and compliance
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy