Manager, Generative AI Advisory and Oversight

As the Manager Generative AI Advisory and Oversight you will serve as a subject matter expert for AI/ML platform and system risk analysis including the Capital One Generative AI platform and Agentic AI system architectures. You will collaborate with first-line Cyber and Technology teams as well as other risk management offices to perform risk assessments design reviews and advise on the AI/ML roadmap and implementation plan with security technology and architecture best practice viewpoints.

Technology & Data Risk Management (TDRM) is a small organization that packs a big punch. The 200 professionals in TDRM are trusted experts who oversee 14000 developers at Capital One. We raise the bar for excellence in cybersecurity reliability tech risk and data management risk. We shape strategy and decisions challenge activities to ensure they meet our standards and perform independent tests of our security and technology risk.

For years the cybersecurity community has debated whether the CISO should report to the CIO or regulated financial services the answer is: both. The first-line CISO has operational responsibilities and reports to the CIO. The second-line Chief Tech Risk Officer (CTRO) and the Tech & Data Risk Management (TDRM) organization have broader responsibilities for cybersecurity but also reliability software quality resilience and the risk of failing to manage our data. The CTRO is independent and oversees the work of the CISO the CIO/CTO and the Chief Data Officer. The CTRO reports to the Chief Risk Officer who reports directly to the CEO.

Our business leaders must constantly make technology decisions. TDRM makes sure they have the tech and data risk information they need to make good decisions. Associates within TDRM are highly-skilled information security cybersecurity site reliability engineering technology data analyst data scientist and risk management professionals. They have a wealth of experience and a demonstrated ability to add value with their advice and to deliver high-impact results.

Finally as a member of a growing organization you will have the opportunity to shape and further refine your portfolio. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing immediately.

Responsibilities:

• Provide technical leadership in assessing the architecture security requirements/controls roadmaps and reusable patterns for AI/ML system design and deployments (including Agentic AI frameworks) while providing oversight and effective challenge over the end-to-end AI/ML lifecycle

• Evaluate proposed and approved AI/ML technical solutions for automation resiliency performance scalability and security including appropriate tradeoffs risks and opportunities

• Develop and maintain AI/ML risk guidance to ensure the safe adoption of emerging technologies including governance for agentic AI components establishing secure data/tool interaction models and how to maintain secure operational boundaries

• Evaluate the dynamic behavior of AI systems and oversee the development of key continuous monitoring controls and testing ensuring that non-deterministic outputs and autonomous actions remain within risk appetite

• Define requirements for AI observability focusing on the traceability of autonomous decisions and comprehensive system audit trails

• Mentor junior risk associates to bring them up to speed on AI/ML architecture and risks including Generative AI AI Agents and Agentic AI systems

• Build and maintain relationships with technical leaders engineers architects and other stakeholders to understand and evaluate implementation plans business priorities and technical solutions to ensure risks are well communicated and understood by key stakeholders

• Demonstrate enthusiasm for keeping current with AI/ML trends actively experimenting with and learning new technologies engaging in both internal and external technology communities and providing mentorship to colleagues within the risk management and engineering sectors.

• Demonstrate strong analytical problem-solving and decision-making skills

• Define structure and plan work independently

• Translate complex ideas technology and programs into language executives can relate to and perform as a key influencer on technical decisions that affect the AI/ML platforms and systems

• Draft and communicate independent reports for broad audiences including executives business leaders product managers legal experts security specialists and software engineers

• Coordinate program-related activities and deliverables to ensure effective collaboration within the team and across stakeholder groups.

Basic Qualifications:

• Bachelors degree or military experience

• At least four years of experience in Technology Management or Cyber Risk Management

• At least one year of experience architecting designing developing integrating delivering supporting or assessing complex AI systems

Preferred Qualifications:

• 2 years of experience deploying scalable and responsible AI solutions on cloud platforms (AWS Google Cloud Azure or equivalent private cloud)

• Masters degree in Computer Science Computer Engineering or relevant technical field

• Experience assessing GenAI or LLM-Powered application architectures in production including security best practices for Generative AI development and deployments

• Experience drafting and communicating reports or analytic assessments for executives

• Ability to communicate clearly and to interact effectively at all levels of the organization and to influence as warranted and appropriate to drive to consensus

• Experience with identifying and communicating key risks related to AI/ML implementations and architectures

• Experience with risk analysis and reports that describe the risk implications to executives

• Ability to manage multiple high-visibility and high-impact projects while maintaining superior results

• Familiarity with AI controls and control frameworks (NIST AI Risk Management Framework ISO 42001 OWASP Top 10 for LLM MITRE ATLAS)

• Prior experience working in financial services or other highly-regulated sectors

At this time Capital One will not sponsor a new applicant for employment authorization for this position.

The minimum and maximum full-time annual salaries for this role are listed below by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked.

Candidates hired to work in other locations will be subject to the pay range associated with that location and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidates offer letter.

Capital One offers a comprehensive competitive and inclusive set of health financial and other benefits that support your total well-being. Learn more at theCapital One Careers website. Eligibility varies based on full or part-time status exempt or non-exempt status and management level.

If you have visited our website in search of information on employment opportunities or to apply for a position and you require an accommodation please contact Capital One Recruiting at 1- or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.

For technical support or questions about Capital Ones recruiting process please send an email to

Capital One does not provide endorse nor guarantee and is not liable for third-party products services educational tools or other information available through this site.

Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).