Play a key role evolving our data, technology, and information security policies, standards, and procedures (PSPs)
Includes annual updates to our PSPs, developing new PSPs on an as-needed basis, and partnering with subject matter experts across TDRM to draft policy-level requirements
Engage with stakeholders across the first and second lines of defense as part of the PSP process and apply a customer-focus perspective.
PSPs renewals are delivered on-time, meeting our high bar for quality
TDRM owns a greater share of requirements in the policies we own
TDRM shapes and influences first line owned PSPs through advisory engagement
Stakeholder feedback is considered and incorporated throughout the process
Our PSPs align to industry standards and best practices.

Bachelor’s degree or military experience
At least 3 years of experience coordinating projects involving multiple stakeholders
At least 3 years of experience managing, consulting, auditing, or working in the fields of information security, data management, technology, or risk management
At least 2 years of project or process management experience
3+ years of experience with data, cybersecurity, or technology policy and with the policy making processes
Familiarity with industry frameworks, such as the NIST Cybersecurity Framework, NIST 800-53, COBIT, ISO 27001, or Data Management Body of Knowledge (DMBOK) framework
Professional security management certifications, such as a Certified Information Systems Security Professional (CISSP) or Certified in Risk and Information Systems Controls (CRISC), CIPP (Certified Information Privacy Professional), CIPM (Certified Information Privacy Manager), or CDMP (Certified Data Management Professional).

Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being.

Principal Associate, Risk Management, Policy Analyst

Key skills