CrawlJobs Logo

Manager, Cyber Technical (Audits and Assessments)

capitalone.com Logo

Capital One

Location Icon

Location:
United States , McLean

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

179400.00 - 245600.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information Security and Risk Management. You are pragmatic and practical in your understanding of risk and security, but also willing to know when to pull in experts and escalate. You collaborate and innovate with other teams within Capital One to push the envelope. You are comfortable with technologies like Cloud services, Containers, Docker, Microservices, Serverless, APIs, DevOps and micro-segmentation. Security is essential to what we do here, from protecting our customers to our associates.

Job Responsibility:

  • Act as a central point of contact for your line of business to the rest of Capital One’s Information Security and Risk Management
  • Coordinate and execute proactive Information Security consulting to the business and technology teams covering Infrastructure Security, Resiliency, Data Security, Network Architecture and Design, and User Access Management
  • Serve as an expert in Capital One’s Information Security capabilities, solutions, policies, procedures and standards
  • Influence customers to leverage security capabilities and solutions to shift and integrate security to the left in the development processes
  • Escalate and manage cyber security risk
  • Provide ad hoc support on special Information Security hot topics for the business
  • Provide regular updates to executive leadership with your line of business on the overall Information Security health and risk environment
  • Work with line of business leadership to anticipate their objectives and needs to better serve the line of business

Requirements:

  • High School Diploma, GED, or equivalent certification
  • At least 4 years of experience providing guidance and oversight of cybersecurity concepts
  • At least 3 years of experience performing security risk assessments and security architecture reviews
  • At least 3 years of experience with architecture design, software design, networking or Cloud infrastructure

Nice to have:

  • Bachelor’s Degree
  • 6+ years of experience with Architecture design, software design, networking or Cloud infrastructure
  • 4+ years of experience in securing a public cloud environment (AWS, GCP, or Azure)
  • 2+ years of experience utilizing Agile methodologies
  • 2+ years of experience in Enterprise Monitoring
  • 2+ years of experience with technologies supporting finance, fintech, banking, payment cards, or a related domain
  • 2+ years of experience with web and mobile application security, and solid understanding of the OWASP Top Ten
  • 2+ years of experience with security testing, such as penetration testing, red teaming, vulnerability scanning, SAST and DAST
  • 2+ years of scripting or programming experience (Python, SQL, PHP, PowerShell)
  • Professional certifications such as AWS Certified Solutions Architect or Certified Information Systems Security Professional (CISSP)
  • 2+ years of experience with international regulatory cyber audits and assessments
What we offer:
  • performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI)
  • comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being

Additional Information:

Job Posted:
January 25, 2026

Employment Type:
Fulltime
Work Type:
On-site work
Icon
Capital One - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Manager, Cyber Technical (Audits and Assessments)

Cyber Controls & Audit Expert

The business risk and audit function (BR&AF) provides assurance and recommendati...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.randstad.com Logo
Randstad
Expiration Date
February 28, 2026
Flip Icon
Requirements
Requirements
  • Minimum 8 years of relevant experience
  • Minimum master degree in IT, business or economics, and related accreditation (e.g. CISA/CISM/CISSP)
  • Proven expertise on cyber security projects and processes (e.g. pentesting, SOC/CIM, IT vulnerability management)
  • Level BEC B1/B2 or higher Business English
  • Strong independent mindset
  • Experienced in international stakeholder management & change
  • Innovative thinker that challenges the status quo
  • Agile and flexible working style and passion for on the job coaching and development
  • Ability to translate profound technical knowledge on cyber into practice with a pragmatic mindset adjusting to technical and organizational developments
  • Ability to prepare audit plannings and scoping on identified (cyber) risks & opportunities
Job Responsibility
Job Responsibility
  • Provide management combined assurance, utilizing insights from enterprise risk management, internal control as well as internal audit, and create momentum within the company to strengthen the risk-control position related to our cyber and IT domain including processes such as SOC, SIM, IT and information security and cyber resilience
  • Coordinate, execute and report on the outcomes of risk management, internal control and internal audit in close collaboration with other involved and impacted functions within the group, such as IT
  • Support coaching & development for your team members with respect to cyber security and other technical expertises required within Risk & Audit
  • Support the planning, execution and reporting of the risk, internal control and internal audit activities in your domain to make impact
  • Travel
  • travelling is estimated to be about 20% to 30% of the job
  • Participate in risk assessments and assist in audit planning and scoping, such as: IT general controls, automated controls, RPA and IT projects
  • Perform IT controls/process audits on scope elements
  • For technical domains able to independently execute audits including: physical security, ethical hacking and technical validation of controls on multiple OSI layers
  • Support combined comfort analyses on maturity of IT general controls relevant domains
  • Fulltime
Read More
Arrow Right

Operational Technology (OT) Cyber Security Engineer

The OT Cyber Security Engineer will contribute to the delivery of high-quality t...
Location
Location
United Kingdom , Stockton-on-Tees
Salary
Salary:
Not provided
risktec.tuv.com Logo
Risktec Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A relevant technical degree or equivalent industry experience in OT cybersecurity is desirable
  • Good working understanding of industrial control systems (DCS, SCADA, PLCs, etc.)
  • Prior experience in technical delivery roles, including hands-on involvement in a project delivery or client-facing setting, is desirable but not essential
  • Evidence of delivering high-quality technical work under supervision
  • Foundational knowledge of OT cybersecurity practices, frameworks, and regulations, such as IEC 62443, CAF, OG86, and NIS
  • Awareness of OT cybersecurity techniques and tools for compliance with national/international standards, contributing to effective technical solutions
  • Developing competency in performing assignments in areas such as: Supporting risk assessments and vulnerability analysis of OT environments
  • Assisting in asset inventory preparation and management for industrial control systems (ICS)
  • Conducting physical and standards-based site audits, aligned with international standards
  • Contributing to network diagram creation to improve system visibility and security
Job Responsibility
Job Responsibility
  • Support risk assessments and create asset inventories for OT systems across client sites under supervision
  • Perform physical and standards-compliant site audits as directed by senior consultants or team leads
  • Assist in the creation, documentation, review, and validation of network diagrams and OT systems architecture
  • Support the review, development, and implementation of OT Cyber Security Management Systems (CSMS) in alignment with established frameworks and international standards
  • Collaborate with the OT Cyber Security team and other departments to deliver projects successfully, ensuring high-quality outputs
  • Prepare and deliver accurate and professional technical reports and documentation that meet client expectations and regulatory compliance
  • Stay informed of industry trends and emerging OT cybersecurity challenges, applying foundational knowledge to support team-directed initiatives
  • Interaction with customers to ensure TUV deliver a solution on time and to high quality
What we offer
What we offer
  • comprehensive training
  • flexible working
  • a great pay and benefits package
  • Fulltime
Read More
Arrow Right

Third Party Cyber Security Assessor

HSBC's Global IT Organisation ranks among the largest technology functions world...
Location
Location
Poland
Salary
Salary:
Not provided
https://www.hsbc.com Logo
HSBC
Expiration Date
February 24, 2026
Flip Icon
Requirements
Requirements
  • 2+ years of experience in Cyber technical or specialist roles or similar experience
  • Strong knowledge and experience of IT systems and infrastructure and data security
  • Good understanding of service management principles
  • Experience in Third Party Security Assessment Process, control testing or audit disciplines
  • Relevant Cybersecurity certifications or knowledge is a plus
  • Genuine enthusiasm for cyber security and willing to share knowledge and experience technology resources, articles, and other inspiration with others
  • Strong communication skills in business English and German – both in verbal and written form
  • Experience in managing and influencing stakeholders from diverse backgrounds and cultures
Job Responsibility
Job Responsibility
  • Complete cyber control assurance, security and risk assessments for third party engagements
  • Deliver all aspects of TPSA Service and Operation, ensuring efficient delivery and continuous improvement
  • Collaborate with HSBC Business and third-party stakeholders, TPSA region leads and TPSA Team members to meet defined SLAs
  • Ensure security assessments comply with relevant regulations, standards and internal controls
  • Communicate requirements and manage stakeholders effectively to deliver cyber outcomes
What we offer
What we offer
  • Annual performance-based bonus
  • Additional bonuses for recognition awards
  • Multisport card
  • Private medical care
  • Life insurance
  • One-time reimbursement of home office set-up (up to 800 PLN)
  • Corporate parties & events
  • CSR initiatives
  • Nursery discounts
  • Financial support with trainings and education
  • Fulltime
Read More
Arrow Right
New

Risk Analyst

The Risk Analyst role at NTT DATA involves assessing and managing risks to ensur...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3 - 6 years of experience
  • Experience in Cyber Governance, Risk & Compliance (GRC) and Security Operations (SecOps) Management
  • Deep understanding of GRC frameworks and SecOps activities
  • Exposure to working in a Managed Services environment
  • Solid understanding and experience of Cyber Security controls in terms of people, process and technology
  • Proven experience with Cyber control metrics management
  • Exceptional communication and written skills
  • Technical and non-technical stake holder engagement
  • Understanding of Cyber governance, Risk management, compliance frameworks such as NIST, ISO 27001, ISO 27035, SOC2
  • Strong and demonstrated experience in Information Security, with a focus on Cyber GRC and SecOps
Job Responsibility
Job Responsibility
  • Assessing and managing risks to ensure the security, integrity, and resilience of the organization's operations and services
  • Identifying potential threats, analyzing vulnerabilities, and providing recommendations to mitigate risks
  • Proactive risk assessment and collaboration with cross-functional teams
  • Audit Management: Against security standards such as ISO 27001, SOC2 Type II and Client contract obligations
  • BCP/DR testing
  • Client Cyber Risk management
  • Contribution to Cyber security awareness training
  • Metrics Management: Assist stakeholders with security metrics reporting
  • Security Incident Response
  • Supply Chain Risk and Audit management
  • Fulltime
Read More
Arrow Right
New

Cyber Security GRC Analyst

Making a meaningful difference with mission-critical software that empowers comm...
Location
Location
Australia , Melbourne; Sydney; Launceston
Salary
Salary:
Not provided
readytech.io Logo
ReadyTech Group
Expiration Date
February 26, 2026
Flip Icon
Requirements
Requirements
  • Must be an Australian Citizen or Permanent Resident
  • Strong analytical, communication, and presentation skills
  • Ability to translate technical risks and controls into business-relevant language
  • Exceptional organizational and time management skills with a focus on meeting compliance deadlines
  • Demonstrated initiative, accountability, and stakeholder management across technical and non-technical teams
  • Deep understanding of security and risk frameworks, including IRAP, ASD ISM, PSPF, SOC 2 Trust Services Criteria, ISO 27001/27002, NIST CSF, and ITIL
  • Familiarity with GRC tools and platforms
  • Understanding of cloud and SaaS architectures, especially within Microsoft Azure environments
  • Awareness of relevant data privacy and protection regulations
  • Minimum 4+ years in information security, with 2+ years in a GRC, compliance, or audit coordination role
Job Responsibility
Job Responsibility
  • Lead the implementation and continuous improvement of ReadyTech’s cyber security GRC framework aligned with IRAP, SOC 2, and ISO 27001 standards
  • Coordinate and manage external audits and assessments, ensuring audit readiness, evidence collection, and timely remediation of findings
  • Maintain and oversee the cyber risk register, including risk identification, analysis, treatment, and ongoing monitoring
  • Develop, update, and maintain information security policies, procedures, standards, and guidelines that reflect compliance requirements under IRAP, ISM, SOC 2, and related frameworks
  • Report and communicate cyber performance, compliance status, and risk indicators to executive and governance forums
  • Support the integration of compliance controls into IT and cloud environments to ensure secure-by design operations
  • Promote a strong security and compliance culture through collaboration, education, and awareness initiatives across the business
  • Develop, maintain, and align ReadyTech’s information security policies and control library with ISM, IRAP, SOC 2, ISO 27001, and NIST frameworks
  • Map control requirements across frameworks to reduce duplication and simplify compliance activities
  • Ensure all policies and standards are reviewed, approved, and communicated to relevant stakeholders
What we offer
What we offer
  • A day off for your birthday
  • Additional 4 days of leave each year
  • ReadyTecher Awards each quarter with the chance to win flights and accommodation to Hamilton Island
  • Hybrid work, with in-house baristas in Australia via the Ready Beans team
  • Access to Sonder- a technology-driven platform supported by safety, medical and mental health experts - available 24/7
  • Paid parental leave
  • Additional paid leave for miscarriage, endometriosis and menopause
  • Volunteer leave
  • Flu vaccinations
  • ReadyTech merch drops
  • Fulltime
Read More
Arrow Right

Manager, Risk Management Cyber Security

This role sits within the Second Line of Defence (2LOD) Risk function and provid...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
mastercard.com Logo
Mastercard
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Professional cyber security certifications (e.g., CRISC, CISA, CISM, CISSP, ISO 27001 Lead Auditor) preferred
  • Knowledge of key cyber security relevant control domains, frameworks and standards (e.g., NIST, ISO27001, CSF, CRI, MITRE, etc.)
  • Strong understanding of risk management principles and the Three Lines of Defence model
  • Enthusiastic about cyber security including tracking industry trends and emerging risks
  • Experience of applying operational risk frameworks and understanding of risk assessment methodologies
  • Proven experience in Cyber Security risk and controls oversight within a financial institution or critical infrastructure environment
  • Ability to analyse complex data with attention to detail and articulate risk insights clearly to technical and non-technical audiences
  • Skilled in building trusted relationships with stakeholders at all levels
  • Highly organised, adaptable, and able to work independently with minimal supervision and as part of a team
  • Excellent written and verbal communication skills
Job Responsibility
Job Responsibility
  • Provide second line expertise and challenge around all aspects of Cyber Security related risks
  • Support the Vocalink risk management approach and implemented policies and procedures to minimize Cyber Security risk exposure and drive robust controls
  • Support the implementation and embedding of the Enterprise Risk Management Framework for Cyber Security risk, ensuring completeness and accuracy of risk assessments, control standards, residual risk evaluations, and issue management
  • Partner with first line Cyber Security teams to promote balanced risk-taking and a strong risk culture
  • Represent Cyber Security risk at relevant committees and forums, deputising for the VP Risk Management when required
  • Provide clear and concise risk briefings to senior stakeholders, including the CRO ensuring timely escalation of material risks and appetite breaches
  • Liaise with and support the risk and control owners to resolve any questions, queries and challenges relating to cyber security relevant certification and or customer requirements for example, during an audit as well as in the pre and post audit stages
  • Fulltime
Read More
Arrow Right

Cyber Assurance Manager

Role Overview Using a risk-led and threat-informed approach, this role will driv...
Location
Location
United Kingdom , England
Salary
Salary:
Not provided
unilever.com Logo
Unilever
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Significant experience in ITES industry, including experience in a senior Cyber Security or Information Security role
  • Strong experience in managing operational risks and controls, including end-to-end risk identification, assessment, and mitigation
  • Strong knowledge of enterprise cloud environments, with some hands-on experience using leading platforms such as Azure, GCP, AWS etc
  • Proven track record in Cyber Security, including cyber risk management and governance
  • Experience in IT & Cyber Automation, enabling real-time telemetry ingestion and correlation using APIs, data pipelines, or event hubs
  • Excellent strategic and operational business awareness, with deep understanding of digital business drivers and constraints
  • Strong communication skills and experience presenting to senior leaders
  • Knowledge of technical landscapes and experience delivering Cyber Security projects
  • Cybersecurity and resilience certifications such as Security+, CISA, CISM, CISSP (or equivalent), ISO22301, CBCP etc
Job Responsibility
Job Responsibility
  • Drive periodic assurance activities in support of the Global Risk & Compliance (GRC) team, aligned with Unilever’s risk appetite
  • Assure compliance with Cyber Security policies, standards, and international regulations, while collating and reporting risks and metrics derived from these assurance activities
  • Oversee periodic assurance across all areas of the business globally, ensuring resilience and compliance in a rapidly evolving threat landscape
  • Work with Cyber Resilience Assurance and Cyber Production Assurance Lead Managers to deliver a comprehensive suite of assurance activities including: Cyber crisis response readiness/effectiveness, cyber resilience in Business Continuity Planning (BCP), IT/cloud resilience and data recovery assurance, continuous controls monitoring and reporting, Operational Technology (OT), Internet of Things (IoT) assurance, and AI assurance
  • Responsible for ensuring the assessment and effective reporting of Unilever’s compliance against Unilever’s standards and relevant global cyber regulations and best practices, enabling wider Risk and Compliance based insights
  • Develop, maintain, and manage assurance documentation, reports, and audit evidence to support compliance objectives
  • Conduct and support risk assessments, control validations, and compliance checks across cyber assurance initiatives
  • Design, track, and maintain key cyber assurance metrics for both Cyber Resilience and Production Assurance workstreams
  • Prepare and deliver executive-level reports summarizing the organization’s overall cyber assurance posture
  • Drive continuous improvement of assurance processes, frameworks, and methodologies to enhance resilience and compliance
  • Fulltime
Read More
Arrow Right

Privileged Access Team Lead

IAM Technology is a global engineering and development team providing Identity a...
Location
Location
Poland
Salary
Salary:
Not provided
https://www.hsbc.com Logo
HSBC
Expiration Date
February 07, 2026
Flip Icon
Requirements
Requirements
  • 5 years+ experience working within a Cyber Security development team
  • In depth knowledge of DevOps life cycle management and implementation of automated release
  • Recent experience delivering significant service improvement of an in-house developed IT service including stakeholder engagement and relationship management
  • 3 years+ experience of managing people and teams, including goal setting and performance tracking
  • Extensive experience in working with internal and external audit, providing walk thoughts, reports and evidence
  • Championing of Agile methodology - either through owning scrum master or product owner role previously and ability to find innovative ways to manage workload across diverse teams
  • Strong background service ownership including managing crisis calls, with root cause remediation plans, delivering major changes without service impact and maintaining high levels of service compliance
  • Positive approach to building strong and lasting relationships with key stakeholders to give a deep understanding of requirements we need to service.
Job Responsibility
Job Responsibility
  • Further develop and mature a high performing development function able to service the needs of the existing and future in-house built PAM services
  • Bring deep understanding of development life cycle to influence architectural and design decisions in the team
  • Lead a function, including line management responsibilities
  • Define and optimise procedures to enhance team efficiency including managing performance improvement plans
  • Develop and manage major incident action plans, chair post-incident reviews, and drive improvement actions
  • Oversee significant changes, ensuring risk assessments are conducted and change management compliance is maintained
  • Represent changes in CAB meetings
  • Improve service health and resilience by implementing new ways of working and adoption of new technology
  • Lead risk management and present to senior stakeholders, as well as representing our in-house services to internal and external audit
  • Define and execute roadmaps and strategies
What we offer
What we offer
  • Competitive salary
  • Annual performance-based bonus
  • Additional bonuses for recognition awards
  • Multisport card
  • Private medical care
  • Life insurance
  • One-time reimbursement of home office set-up (up to 800 PLN)
  • Corporate parties & events
  • CSR initiatives
  • Nursery discounts
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy