CrawlJobs Logo

Risk Manager, Endpoint Security

capitalone.com Logo

Capital One

Location Icon

Location:
United States , McLean

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Employment contract

Salary Icon

Salary:

179400.00 - 245600.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

The Risk Manager, Endpoint Security represents a unique opportunity for those with hands-on cybersecurity technical and operational experience who have a desire to leverage and enhance that expertise in a risk management organization. This individual will have the ability to use technical skills and cyber subject matter expertise to provide effective oversight, credible challenge, and expert advice to help manage and control risk associated with cyber operations. This position will play a key and influential role in assessing and challenging cybersecurity capabilities and operational effectiveness to drive action against areas of risk and concern. This role will play a key role in the review, risk identification, risk assessment, reporting, and effective challenge of cybersecurity controls, operational capabilities, and associated processes. This individual will provide subject matter expertise and oversight and effective challenge of Capital One’s Endpoint Security domain. This domain includes the deployment and enablement of cyber capabilities for user endpoints and servers across physical and virtual environments.

Job Responsibility:

  • Provide advisory, oversight, and effective challenge to the 1st Line of defense
  • Provide technical assessments of cybersecurity controls design and effectiveness
  • Draft assessments for senior management and other stakeholders, to include regulatory agencies and the Board of Directors, as needed
  • Stay current on emerging cyber threats and potential implications to the firm
  • Collaborate effectively with colleagues, stakeholders, and leaders across multiple organizations to achieve objectives
  • Coordinate program-related activities and deliverables to ensure effective collaboration within the team and across stakeholder groups
  • Proven track record of leading, mentoring, and influencing others
  • Ability to communicate clearly in written and verbal form
  • Ability to manage multiple projects while maintaining superior results
  • Ability to work individually and cross-functionally
  • Execution oriented and a self-motivator

Requirements:

  • Bachelor’s degree or military experience
  • At least 5 years of experience implementing endpoint detection and response (EDR) tools with anti-malware and anti-virus functionality
  • At least 3 years of experience implementing application whitelisting technologies
  • At least 3 years of experience implementing next-generation endpoint platforms such as virtual desktop infrastructure (VDI) or thin clients or thin platforms
  • At least 3 years of experience implementing tools and processes that remove sensitive data off endpoints
  • At least 3 years of experience with Mobile Device Management (MDM) or Mobile Application Management (MAM)
  • At least 2 years of experience with Privileged Access Management (PAM) tools
  • At least 2 years of consulting, audit, or risk management experience

Nice to have:

  • Familiarity with NIST Cybersecurity Framework controls, NIST 800-53, ISO 27000-1
  • Cybersecurity certifications such as: Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • or Certified in Risk and Information Systems Control (CRISC)
  • Cloud certifications for Amazon Web Services (AWS) or Google Cloud Platform (GCP)
What we offer:
  • comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being
  • performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI)

Additional Information:

Job Posted:
April 16, 2026

Employment Type:
Fulltime
Work Type:
On-site work
Icon
Capital One - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Risk Manager, Endpoint Security

Information Security Manager

Cogoport is on a mission to bridge the $3.4 trillion Trade Knowledge and Executi...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
https://cogoport.com/ Logo
Cogoport
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in cybersecurity, risk management, and information security leadership
  • Bachelor's/master’s degree in computer science, Information Security, or a related field
  • Certifications: CISSP, CISM, CEH, or equivalent cybersecurity certifications (preferred)
  • Expertise in risk assessment, penetration testing, and vulnerability management
  • Hands-on experience with security tools such as SIEM (Splunk, IBM QRadar), endpoint protection, and cloud security solutions
  • Strong knowledge of zero-trust security models, identity and access management (IAM), and security operations (SOC)
  • Ability to effectively communicate security risks and strategies to both technical and non-technical stakeholders
Job Responsibility
Job Responsibility
  • Develop and implement a comprehensive cybersecurity strategy aligned with Cogoport’s business objectives
  • Collaborating with senior leadership as the primary authority for all security-related matters
  • Oversee security governance and continuous security improvements across all business units
  • Identify, assess, and mitigate cybersecurity risks across applications, cloud infrastructure, and corporate systems
  • Conduct periodic security audits, risk assessments, and penetration testing to proactively address vulnerabilities
  • Ensure compliance with ISO 27001, GDPR, SOC 2, NIST, and other industry security frameworks
  • Develop, document, and maintain an incident response plan to manage and mitigate security breaches
  • Oversee the implementation and management of security technologies, including firewalls, IDS/IPS, SIEM, and endpoint protection
  • Monitor network traffic for anomalies and cyber threats, taking immediate action against security incidents
  • Lead incident detection, investigation, and response processes while minimizing business impact
  • Fulltime
Read More
Arrow Right

Security Governance Risk & Compliance (GRC) Analyst

Here at Virtru you’ll help build a cutting edge security compliance program alig...
Location
Location
United States , Washington, DC
Salary
Salary:
130000.00 - 180000.00 USD / Year
virtru.com Logo
Virtru
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 5+ years of information security, IT audit and/or IT Risk Management, or GRC Analyst/Engineer experience
  • Deep understanding of at least few of the following: CMMC, NIST 800-53 & 800-171, FedRAMP, SOC 2, PCI, and/or other global privacy compliance frameworks
  • Technical acumen. Strong understanding of modern cloud technologies (AWS, GCP, Azure, etc.) and familiarity with GRC tools (Hyperproof, Vanta, Drata, etc) and SIEM tools (Datadog, Splunk)
  • You’re a relationship builder and have worked with both business and technical risk and understand how to translate risk to various levels of the organization
  • Have experience training and coaching teams to become better security and privacy practitioners
  • Like working on an autonomous agile team
  • Ability to resolve conflicts and drive issues to completion
  • Work independently with little or no supervision while maintaining a high level of efficiency
  • Hands on experience deploying and managing vulnerability scanning/cloud security posture management tools (Wiz, Prismacloud, etc.) to meet security compliance requirements
  • Real-world IR experience participating on security On-Call teams
Job Responsibility
Job Responsibility
  • Manage and implement complex controls frameworks for large systems, consisting of Cloud infrastructure and Software as a Service (SaaS) services (GCP, AWS, GitHub, Okta, etc)
  • Design and develop automation solutions for evidence collection across Cloud infrastructure, endpoints, and SaaS services
  • Conduct risk assessments across business units and processes. Identify risk findings and recommend remediation and risk mitigation strategies
  • Assist or implement automated controls to support risk mitigation efforts across various business units with stakeholders
  • Incorporate CMMC certification into Virtru’s slate of compliance assessments and ongoing monitoring activities (FedRAMP, SOC 2, PCI)
  • Facilitate the third-party vendor on-boarding and annual review process by evaluating the security of current and prospective partners
  • Participate in incident response (IR) activities, providing risk analysis and remediation support as needed
  • Enhance the team with your individualism, spirit, and love of learning
What we offer
What we offer
  • A Flexible PTO policy
  • A $1,500 annual Learning & Development Stipend
  • Frequent company-sponsored team celebrations
  • Access to an Employee Assistance Program
  • Access to Headspace, a mental health app
  • A flat 3% contribution to your retirement account
  • A high degree of flexibility
  • Competitive compensation
  • Generous parental, medical, and bereavement policies
  • 401K contribution and stock options
  • Fulltime
Read More
Arrow Right

Information Security Manager

The Information Security Manager for the KSA Business Unit will be responsible f...
Location
Location
Saudi Arabia , Khobar
Salary
Salary:
Not provided
https://www.allianz.com Logo
Allianz
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Information Security, Computer Science, or a related field
  • Professional certifications such as CISSP, CISM, CISA, or equivalent are highly preferred
  • Minimum of 7 years of experience in information security, with at least 3 years in a managerial role
  • Strong knowledge of KSA cybersecurity regulations, including NCA and SAMA frameworks
  • Experience in implementing and managing security controls, risk assessments, and incident response
  • Familiarity with international security standards (ISO 27001, NIST, etc.)
  • Excellent leadership, communication, and stakeholder management skills
  • Ability to work effectively in a regional and multicultural environment
Job Responsibility
Job Responsibility
  • Work closely with the Compliance function to ensure compliance with KSA cybersecurity regulations
  • Ensure adherence to and enforcement of Nextcare’s security policies and guidelines across the KSA business unit
  • Identify, assess, and mitigate security risks, ensuring appropriate controls are in place to protect sensitive information and IT infrastructure
  • Lead security incident response efforts, including investigation, containment, and reporting to relevant authorities
  • Promote cybersecurity awareness across the business unit and conduct training programs for employees
  • Assess and monitor security risks associated with vendors, partners, and third-party service providers
  • Act as the key liaison between the KSA business unit and the regional security team, providing reports on security posture, incidents, and compliance status
  • Oversee security operations, ensuring continuous monitoring, threat detection, and vulnerability management
  • Implement and manage security controls, including Antivirus & Endpoint Detection and Response (EDR), Data Loss Prevention (DLP), Proxy Solutions, Email Security, and other controls
  • Stay updated on the latest cybersecurity threats, trends, and industry best practices to strengthen the organization's security posture
  • Fulltime
Read More
Arrow Right

Security Principal

As a Security Principal, you'll play a critical role in protecting the integrity...
Location
Location
United States
Salary
Salary:
117500.00 - 270000.00 USD / Year
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in information security, Information Technology, Risk Management, or a related field (master's preferred)
  • Certifications such as CISM, CRISC, or similar preferred
  • 7+ years of experience in Information Security, IT Governance, or Risk Management
  • Hands-on experience in multiple technical security domains, such as: Endpoint protection, Identity and access management (IAM), Vulnerability management, Security logging and monitoring, Network segmentation and zoning, Cloud security controls, Incident detection and response
  • Demonstrated experience managing or governing secure environments, particularly in large or complex organizations
  • Deep understanding of information security principles, frameworks (e.g., NIST, ISO 27001), and regulatory requirements (e.g., GDPR, SOX)
Job Responsibility
Job Responsibility
  • Protecting the integrity of HPE’s labs and non-production environments
  • Ensuring environments are designed, operated, and decommissioned in alignment with security policies, risk frameworks, and regulatory obligations
  • Leading the security program's vision, execution, and ongoing evolution
  • Collaborating between business units, IT, and security
  • Embedding 'secure-by-design' principles in projects
  • Continuously improving governance processes
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right

End Point Security Senior Engineer

Senior Engineer role focused on endpoint security implementation and maintenance...
Location
Location
India , Noida
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Hands-on experience with EDR/XDR platforms such as Microsoft Defender for Endpoint or Sentinel One
  • Familiarity with vulnerability management tools
  • Knowledge of endpoint technologies including BitLocker, Application control, Endpoint privilege management, Windows Defender Firewall
  • Understanding of endpoint threat intelligence and ability to analyze threat data
  • Scripting or automation experience using PowerShell or other scripting languages
  • Total Experience Expected: 02-06 years
  • B.tech/BE/BCA qualification
Job Responsibility
Job Responsibility
  • Implement and maintain endpoint security solutions such as EDR, antivirus, encryption, and application control tools
  • Monitor, analyze, and respond to security alerts and incidents originating from workstations and endpoints
  • Apply and manage workstation hardening standards, including adherence to security baselines
  • Conduct vulnerability assessments on endpoints and coordinate timely remediation activities
  • Manage patch deployment for operating systems and applications to ensure compliance with internal policies and reduce exposure to threats
  • Ensure endpoint systems comply with security policies, standards, and regulatory frameworks
  • Actively participate in incident response efforts related to endpoint breaches or malware incidents
  • Contribute to risk assessments and provide input during security architecture reviews related to endpoints
  • Maintain a strong understanding of Windows and macOS operating systems from a security perspective
  • Fulltime
Read More
Arrow Right

IT Infrastructure & Security Manager

The IT Infrastructure and Security Manager is responsible for leading the design...
Location
Location
United States , New York City
Salary
Salary:
Not provided
1440foods.com Logo
1440 Foods Manufacturing
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Deep understanding of IT infrastructure, networking protocols, server architecture, and cloud platforms (e.g., AWS, Azure)
  • Strong knowledge of network security tools, techniques, and frameworks (ISO 27001, NIST, HIPAA, etc.)
  • Excellent leadership, communication, and cross-functional collaboration skills
  • Ability to document and communicate complex technical concepts to non-technical stakeholders
  • Bachelor's degree in Computer Science, Information Technology, or a related field (Master’s preferred)
  • 7+ years of experience in IT infrastructure and network management, with at least 3 years in a leadership role
  • Hands-on experience with Cisco, Meraki, Juniper, or similar technologies
  • Experience managing security in both IT and OT environments
  • Experience leading or participating in risk assessments, business continuity planning, and infrastructure scaling.
Job Responsibility
Job Responsibility
  • Oversee the planning, deployment, and maintenance of IT infrastructure, including servers, storage, cloud platforms, and virtualization
  • Manage and optimize network systems such as LAN, WAN, VPN, and wireless networks
  • Ensure cybersecurity across all IT and OT environments, including implementation of firewalls, intrusion detection systems, and endpoint protection
  • Lead a team of infrastructure and network engineers, providing support and strategic direction
  • Collaborate with automation engineers, plant operators, and cybersecurity personnel to align network design with operational requirements
  • Implement secure remote access solutions for OT systems using VPNs, jump servers, and role-based access controls
  • Develop and maintain network documentation, change management processes, and disaster recovery/business continuity plans
  • Drive risk assessments, enforce network segmentation strategies (e.g., Purdue Model), and ensure compliance with industry standards and regulatory requirements
  • Support internal projects and strategic initiatives that require IT infrastructure expertise
  • Monitor system and network performance, troubleshoot issues, and identify opportunities for improvement.
What we offer
What we offer
  • Opportunity to lead a critical function in a growing mid-size CPG company
  • Collaborative and entrepreneurial work culture
  • Competitive compensation and benefits package
  • Career development and growth opportunities
  • Fulltime
Read More
Arrow Right

Technology Services Engineer – Endpoint Protection

Immediate need for an Endpoint Protection Tech Services Engineer to work with a ...
Location
Location
United States , Alpharetta, Georgia
Salary
Salary:
Not provided
tier4group.com Logo
Tier4 Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years in an MSP or multi-tenant environment focused on endpoint security and patch management
  • Hands-on expertise with device management tools
  • Operational experience with EDR/XDR and vulnerability tools for Endpoints including policy tuning, incident handling, and containment
  • Intermediate PowerShell for automation and reporting
  • Solid fundamentals in Windows endpoint administration, AD/Entra device compliance, networking basics and change management
  • Clear, concise communication: comfortable leading client-facing security reviews and incident updates
Job Responsibility
Job Responsibility
  • Patch management at scale: Build ringed deployment strategies, pilots, and phased rollouts
  • schedule maintenance windows
  • handle approvals/rollback
  • track patch compliance SLAs across Windows (and macOS where applicable) via various ITSM tools
  • Application & driver updates: Package, test, and deploy third-party updates (e.g., browsers, runtimes)
  • manage superdense and compatibility issues
  • EDR/XDR operations: Deploy and maintain EDR/XDR
  • configure policies, prevention/visibility settings, exclusions, device control, and rules
  • monitor detections and contain/isolate endpoints
  • Threat hunting & investigations: Use ITSM tools (Advanced Hunting / KQL) to identify IOCs, suspicious behaviors, lateral movement, and persistence
What we offer
What we offer
  • Competitive salary
  • comprehensive benefits (medical, dental, vision, life, disability, 401(k) match)
  • robust PTO
  • Impactful work: your projects directly support the systems that power healthcare delivery
  • Close collaboration with experienced engineers and IT leaders across infrastructure, cloud, and security
  • Opportunity to shape and scale project delivery practices in a growing MSP environment
  • Fulltime
Read More
Arrow Right

Digital Workplace Engineer

The Digital Workplace team strives to enable every PPRO colleague to do their be...
Location
Location
Germany , Munich
Salary
Salary:
Not provided
ppro.com Logo
PPRO GmbH
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Excellent proficiency in English, spoken and written
  • 4+ years in Endpoint Management or infrastructure software engineering
  • Software engineering background and mindset
  • UEM Expertise: Deep architectural and administrative experience with Omnissa Workspace ONE suite or alternatives (Microsoft Intune, JAMF)
  • ZTD Proficiency: Expert knowledge of Zero Touch Deployment methodologies and processes (e.g., ABM, Autopilot)
  • Security Focus: Proven ability to implement and manage endpoint security policies across platforms and solutions especially, DLP, Conditional Access, patch management and device compliance against regulatory standards
  • Excellent skills in common operating systems, Windows, MacOS, iOS and Android
  • Familiarity with remote desktop applications and servicedesk software
  • Expertise in troubleshooting techniques and logical problem-solving
  • Outcome-oriented, collaboratively spirited, and dedicated to continuous improvement
Job Responsibility
Job Responsibility
  • Design, implement, and maintain PPRO’s UEM solution Omnissa (former VMware) Workspace ONE for all endpoints (macOS, Windows, iOS and Android), serving as the definitive subject matter expert
  • Work with stakeholders and the team to collect and analyse business requirements, prioritise the backlog, design and implement solutions
  • Design and implement PPRO application catalogue, ensure good coverage and efficient access
  • Enable colleagues, and PPRO partners to efficiently access to PPRO information and services utilising BYOD solutions
  • Drive and perfect Zero Touch Deployment (ZTD) using Apple Business Manager (ABM) and Windows Autopilot for seamless employee onboarding
  • Leverage AI-ded and agentic software engineering frameworks to develop complex automation scripts, manage configurations, and policies application
  • Refine the full device and employee lifecycle, from new hires to off-boarding, leveraging Omnissa Intelligence to proactively manage our colleague device experience
  • Compliment PPRO’s Okta RBAC using Workspace ONE to tailor and configure applications and policies applicable to the colleagues needs
  • Work with the Security team to prioritise risk reduction measures which includes: endpoint and application vulnerability management, data loss prevention (DLP), compliance with information security frameworks, including ISO 27001, DORA, and SOC2, ensuring consistent policy enforcement and audibility
  • Continue to refine and enhance Workspace ONE with key security technologies like Okta Device Trust and CrowdStrike Zero Trust Assessment (ZTA)
What we offer
What we offer
  • Hybrid working
  • 30-day holiday allowance
  • work from abroad policy, enabling employees to work remotely for up to another 30 days per year
  • €1,000 annual budget for professional growth
  • leadership cafés, on-the-job training
  • accident insurance
  • disability insurance
  • direct insurance (bAV)
  • travel insurance
  • enhanced family leave
  • Fulltime
Read More
Arrow Right