Center 1 (19052), United States of America, McLean, VirginiaSenior Manager, Senior Counsel - CybersecurityThe Capital One Legal Department is seeking a dynamic mission-driven attorney who is passionate about security to join its Cyber Legal team.About the Role:As a member of the cyber legal team, you will have an opportunity to directly influence how Capital One responds to a constantly evolving threat landscape, while navigating a rapidly changing set of laws and regulations that govern our preparedness and response. You will actively partner with Capital One’s cyber organization to brainstorm and problem-solve in ways that anticipate and mitigate legal, operational, and reputational risk. Because our work is increasingly interdisciplinary, it requires an entrepreneurial approach … and this is what makes it fun. Your legal advice and strategic counsel will be informed by active collaboration with stakeholders from across the enterprise, and you’ll do it in an environment that values your insight, promotes continuous learning, and rewards creative thinking.So who are we looking for?You are someone who craves meaning in your work, and are eager to drive solutions that reduce risk to our company.You are an engagement multiplier who is both pragmatic and practical. You view your role as not only a lawyer, but as a trusted business advisor who enables your clients to achieve core objectives in a way that is legally supported and well-managed.You are a self-starter who thrives in a fast-paced environment, exercising judgment and discretion as you prioritize (and sometimes reprioritize) myriad time-sensitive matters.You are comfortable being uncomfortable. You’re not afraid to lean into gray space when situations are unfamiliar, digging in to understand and focus on what really matters.You are an effective translator. You can communicate regulatory requirements and legal guardrails to developers and engineers just as easily as you can deconstruct complex technical subjects in a way that other lawyers can understand and appreciate.You bring an ownership mentality to your work. You want to be in the trenches with your clients, and will not hesitate to pull in legal colleagues to ensure that your clients reap the full benefit of our amazing legal department’s experience and expertise.Specific responsibilities include, but are not limited to:Guide and provide ongoing counsel to cyber incident response investigations, ensuring that the company is meeting all regulatory and contractual notification obligations and investigative steps are carried out in a manner that minimizes litigation and regulatory risk.Advise on information assurance legal requirements for the company’s third party risk management program, including through the drafting, negotiation, and review of data security provisions in agreements with service providers, business partners, and other parties that make up the company’s supply chain.Assist with the development, application, and enforcement of information security policies, standards, and procedures to confirm adherence to regulatory obligations and contractual requirements.Provide legal advice and strategic counsel on vulnerability management, application security, identity and access management, and other cyber security engineering and data protection initiatives.Coordinate review of board reports, executive committee presentations, regulatory filings, and other legal disclosures to ensure accuracy and completeness of cyber legal representations.Serve as a critical partner to cyber operations, intelligence, technology risk management, and compliance professionals in their collective efforts to maintain a cybersecurity program that timely detects, investigates, contains, and mitigates threats to Capital One customers, associates, and confidential information.Support the development and delivery of tabletop exercises and other cyber education and awareness efforts (e.g., phishing drills, customer facing material).Monitor the cyber legal and legislative landscape for key developments and actionable guidance that helps to inform business decisions, seize opportunities, and position stakeholders to overcome future legal and policy related challenges.Advise on the development, execution, and maintenance of cyber maturity assessments and other internal security risk evaluations in line with existing cybersecurity standards and frameworks.Maintain strong relationships and lines of communication with business partners and other key stakeholders across the organization.Basic Qualifications:Juris Doctor from an accredited law schoolActive member in good standing of at least one state barAt least four 4 years of experience as an attorney in a law firm, in-house legal department, or government agency.Preferred Qualifications:2 + years of legal experience supporting a technology or information security teamKnowledge with the cyber threat landscapeknowledge of government or corporate investigationsExperience with U.S. cybersecurity laws and regulations (e.g., Computer Fraud and Abuse Act, Cybersecurity Information Sharing Act) and general familiarity with global cybersecurity laws, regulations, and standardsKnowledge of federal and state privacy lawsknowledge of U.S. cybersecurity standards, frameworks, risk assessments and certification processes (e.g., SOC 1 & 2, NIST Cybersecurity Framework, PCI DSS)Previous experience in the financial industry a plus, but not requiredAt this time, Capital One will not sponsor a new applicant for employment authorization for this position.Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex (including pregnancy, childbirth or related medical conditions), race, color, age, national origin, religion, disability, genetic information, marital status, sexual orientation, gender identity, gender reassignment, citizenship, immigration status, protected veteran status, or any other basis prohibited under applicable federal, state or local law. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City’s Fair Chance Act; Philadelphia’s Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries.If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.For technical support or questions about Capital One's recruiting process, please send an email toCapital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site.Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).
