Principal Associate, Cyber Risk
1 week ago
Center 3 (19075), United States of America, McLean, Virginia
Principal Associate, Cyber Risk & Analysis - Cyber External Client Assurance - Independent Assurance (SOC 2, ISO27001)
The Cyber External Client Assurance (CECA) - Independent Assurance team centrally facilitates Capital One’s commercialized products and services through their Commercialized Attestation goals (SOC 2). The associate in this role will partner across the organization to perform the following responsibilities: (1) Commercialized Attestation Scoping: Perform process and technology risk assessments to determine the optimal control mix for the products pursuing a Commercialized Technology Attestation engagement (SOC 2). (2) Issue Management: Evaluate control deviations and their impact on management's opinion over the design, implementation, and operating effectiveness of the controls in place to address the Commercialized Technology Attestation frameworks we pursue. (3) Evidence Collection: Facilitate evidence requests made by external auditors to support their independent attestation requirements.
**You will**:
- Perform process and technology risk assessments to determine the optimal control mix for the products pursuing a Commercialized Technology Attestation engagement (SOC 2).
- Proactively identify changes in our products features and evaluate their impact on the controls needed to achieve any Commercialized Technology Attestations the product is pursuing.
- Monitor changes in attestation frameworks and how the changes impact the optimal mix of controls required for our products pursuing a Commercialize Technology Attestation.
- Ensure seamless design of our controls around emerging technologies as they are integral in supporting our Commercialized Technology Attestation engagement.
- Interpret and communicate/present appropriate control design to senior leadership.
- Influence leadership with recommendations for Controls and Process improvements on an ongoing basis.
- Evaluate control deviations and their impact on management's opinion over the design, implementation, and operating effectiveness of the controls in place to address the Commercialized Technology Attestation frameworks we pursue.
- Draft Management Responses that are presented within Attestation Reports.
- Partner with the product teams to answer any customer inquiries on issues listed within an attestation report.
- Facilitate evidence requests made by external auditors to support their independent attestation requirements.
- Provide advisory to control owners on ensuring the evidence they are submitted will meet the needs of the auditors.
- Partner with external auditors to establish evidence collection timelines/deadlines.
**The associate should be able to**:
- Be well organized and able to manage multiple requests
- Demonstrate strong ability to analyze information and data and leverage to support recommendations
- Work in collaboration across multiple teams while maintaining business relationships
- Develop and communicate quality recommendations to the program
- Work with diverse contacts throughout Capital One
- Communicate technical issues to non-technical people
- Demonstrate strong problem-solving and conceptual thinking abilities
**Basic Qualifications**:
- High School Diploma, GED or equivalent certification
- At least 3 years of technology experience in Internal Controls, Risk Management, or Audit or a combination
**Preferred Qualifications**:
- Bachelor’s Degree
- 4+ years of experience in Auditing and Control Evaluation
- CISA, CISSP, or CRISC certification
- 2+ years of experience with Cloud technologies (AWS, Azure, or GCP)
**_ At this time, Capital One will not sponsor a new applicant for employment authorization for this position._**
New York City (Hybrid On-Site): $134,100 - $153,000 for Prin Assoc, Cyber Risk & Analysis
San Francisco, California (Hybrid On-Site): $142,100 - $162,100 for Prin Assoc, Cyber Risk & Analysis
This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan.
Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.
Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site.
Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).
-
Principal Associate, Cyber Risk
5 days ago
McLean, United States Capital One Full timeCenter 3 (19075), United States of America, McLean, Virginia Principal Associate, Cyber Risk & Analysis Capital One is one of the fastest growing organizations in the world today. The growth of the business is being accelerated by leveraging innovative and emerging technologies. We are serious about technology, we dream big, and we execute: Capital One...
-
McLean, United States Capital One Full timeCenter 3 (19075), United States of America, McLean, Virginia Principal Associate, Cyber Controls Monitoring As a Principal Associate (PA) in Capital One’s Cyber Governance & Risk organization, you will have the chance to oversee control development, enhancement, execution, testing and reporting, and ensuring controls meet quality standards. You will work...
-
Principal Associate, Governance, Risk
3 weeks ago
McLean, United States Capital One Full timeLocations: VA - McLean, United States of America, McLean, Virginia Principal Associate, Governance, Risk Identification, and Testing - Technology Risk Management (TRM) is a growing organization focused on providing expert advice, credible challenge, and effective oversight of information security and technology activities to identify, assess, control, and...
-
McLean, United States Capital One Full timeCenter 3 (19075), United States of America, McLean, Virginia Principal Associate, Cyber Security Operations Center (CSOC) Countermeasures Analyst Capital One is looking for talented Cyber Security Analysts with experience performing endpoint, network, and cloud security monitoring to join our Cyber Security Operations Center (CSOC). The Principal Associate...
-
Principal Associate, Cyber Product Owner
2 weeks ago
McLean, United States Capital One Full timeCenter 3 (19075), United States of America, McLean, Virginia Principal Associate, Cyber Product Owner Capital One is seeking a product owner to help deliver game-changing cybersecurity solutions based on threat, data, and design thinking. At Capital One, we believe in the values of Excellence and Doing the Right Thing. We are a technology-oriented company...
-
Principal Associate, Risk Management
1 week ago
McLean, United States Capital One Full timeCenter 1 (19052), United States of America, McLean, Virginia Principal Associate, Risk Management (Card) - (Hybrid) Principal Risk Associates at Capital One are highly motivated Risk Management professionals with excellent analytical, organizational, and communication skills. These skills allow the Principal Risk Associate to gain insights, and act as a...
-
Principal Associate, Risk Management
1 week ago
McLean, United States Capital One Full timeCenter 1 (19052), United States of America, McLean, Virginia Principal Associate, Risk Management (Card) (Hybrid) Principal Risk Associates at Capital One are highly motivated Risk Management professionals with excellent analytical, organizational, and communication skills. These skills allow the Principal Risk Associate to gain insights, and act as a...
-
Manager, Cyber Risk
5 days ago
McLean, United States Capital One Full timeCenter 3 (19075), United States of America, McLean, Virginia Manager, Cyber Risk & Analysis Capital One is one of the fastest growing organizations in the world today. The growth of the business is being accelerated by leveraging innovative and emerging technologies. We are serious about technology, we dream big, and we execute: Capital One moved our...
-
Principal Associate, CSOC Analyst
2 months ago
McLean, United States Capital One Financial Corporation Full timeCenter 3 (19075), United States of America, McLean, Virginia. Principal Associate, CSOC Analyst. Capital One is looking for talented Cyber Security Analysts with traditional network security and cloud infrastructure monitoring experience to join our Associate, Analyst, Principal, Security Analyst, Operations, Network, Technology, Banking
-
Principal Associate, CSOC Analyst
3 weeks ago
McLean, United States Capital One Financial Corporation Full timeCenter 3 (19075), United States of America, McLean, Virginia. Principal Associate, CSOC Analyst. Capital One is looking for talented Cyber Security Analysts with traditional network security and cloud infrastructure monitoring experience to join our Associate, Analyst, Principal, Security Analyst, Operations, Network, Technology, Banking
-
Principal Risk Specialist, It
4 weeks ago
McLean, United States Capital One Full timeCenter 1 (19052), United States of America, McLean, Virginia Principal Risk Specialist, IT Do you like working in the spotlight? Are you ready to work on the front line of a top 10 Bank? Can you build relationships as well as develop and implement innovative solutions? As a Principal Risk Specialist in Capital One’s Associate Experience Technology (AXT)...
-
Principal Associate, Cybersecurity Assessment
2 weeks ago
McLean, United States Capital One Full timeCenter 3 (19075), United States of America, McLean, Virginia Principal Associate, Cybersecurity Assessment Maturity Analyst **Responsibilities**: - Support the ongoing evaluation of cybersecurity capabilities to determine maturity score and effectiveness of capability implementation using the NIST Cybersecurity Framework (CSF) across the enterprise -...
-
Principal Associate, Finance Risk Management
4 weeks ago
McLean, United States Capital One Full timeCenter 1 (19052), United States of America, McLean, Virginia Principal Associate, Finance Risk Management (Hybrid) As a Risk Advisor within Finance Risk Management it is essential that you have strong problem solving, integrative thinking, judgment, and communication skills for success. Additionally, building partnerships with multiple business...
-
Principal Associate, Csoc Analyst
2 months ago
McLean, United States Capital One Full timeCenter 3 (19075), United States of America, McLean, Virginia Principal Associate, CSOC Analyst It is your responsibility to find the threat actors attempting to attack the Capital One infrastructure, and identify and stop any malicious actors who make it past our defenses. In addition to the technical skills, you will need to be a leader, someone who...
-
Cyber Threat Intelligence Analyst, Senior
4 weeks ago
McLean, United States Cyber Crime Full timeUSA, VA, McLean (8283 Greensboro Dr, Hamilton) Booz Allen Hamilton Using tomorrow’s technologies, Booz Allen advances the nation’s most critical civil, defense, and national security missions. View company page Key Role: Analyze a variety of information and intelligence relevant to the threats facing the systems, assets, and resources critical to the...
-
Manager, Cyber Risk
1 month ago
McLean, United States Capital One Full timeWest Creek 5 (12075), United States of America, Richmond, VirginiaManager, Cyber Risk & Analysis (Data Protection & Endpoint Security Service) As a Risk Manager in Capital One’s Cyber DPS Operations Team, you will be responsible for supporting the Data Protection governance and risk related activities for the service, including PLA, RCA, Audit, Regulatory,...
-
Manager, Cyber Risk
3 weeks ago
McLean, United States Capital One Full timeWest Creek 5 (12075), United States of America, Richmond, VirginiaManager, Cyber Risk & Analysis (Data Protection & Endpoint Security Service) As a Risk Manager in Capital One’s Cyber DPS Operations Team, you will be responsible for supporting the Data Protection governance and risk related activities for the service, including PLA, RCA, Audit, Regulatory,...
-
Manager, Cyber Technical
3 weeks ago
McLean, United States Capital One Full timeLocations: VA - McLean, United States of America, McLean, Virginia Manager, Cyber Technical Technology Risk Management (TRM) is a growing second line of defense focused on providing technical and cyber expertise, effective challenge, and oversight activities. TRM Associates are highly-skilled cyber, technology, and risk management professionals who bring a...
-
Principal Risk Specialist
3 weeks ago
McLean, United States Capital One Financial Corp Full timeLocations: VA - Richmond, United States of America, Richmond, Virginia Principal Risk Specialist As a Principal HR Risk Specialist in Capital One's Human Resource Business Risk Office you will be responsible for working with business partners to identify and consult on potential risks to Capital One, applying your risk/process management and analytical...
-
Senior Consultant
4 weeks ago
McLean, United States CrossCountry Consulting Full timeFrom the beginning, our goal was to establish an advisory firm that stands apart from the rest – one that is grounded in our Core Values and dedicated to creating a positive experience not just for our clients, but for our people too. We firmly believe in the strength of collaboration, enthusiasm, generosity, and perseverance as the driving forces behind...
