Center 3 (19075), United States of America, McLean, VirginiaPrincipal Associate, Cyber Controls Monitoring
As a Principal Associate (PA) in Capital One's Cyber Governance & Risk organization, you will have the chance to oversee control development, enhancement, execution, testing and reporting, and ensuring controls meet quality standards. You will work on a team of control associates to ensure Capital One Cyber controls adequately mitigate risk, maintain audit readiness, and aid in meeting business objectives.
A critical component of this role is the enhancement of our Cyber control environment, for which the Controls team is responsible. The Cyber Controls Governance Associate will be able to operate within a highly collaborative team environment. The work we participate in has a high level of exposure across the Cyber line of business, including other first and second line risk partners. Proficiency in the life cycle of internal controls (ideally technology controls) and an understanding of the Capital One Risk Management Framework are important for success in this role.
As part of making enhancements to the Cyber controls environment, this role will be involved in the continuous monitoring of automated controls, ensuring that the implemented measures are functioning as intended to mitigate risks. By performing regular assessments on control performance, this role would detect control exceptions in real-time, and escalate for prompt remediation.
General Responsibilities:
Collaborate effectively across Cyber engineering teams regarding control execution and delivering on top priorities in a timely and efficient manner
Ensure continuous controls monitoring and deliverables are executed per guidelines and requirements
Assess control evidence to ensure accuracy, quality and overall value
Synthesize data from various reports and dashboards to identify potential compliance gaps; then partner with application ownership teams to ensure remediation
Analyze control assessments executed by engineering teams for accuracy and adherence to control requirements, work with key stakeholders to mitigate any identified concerns
Stay abreast of the changing risk assessments and testing processes to help assure adequate governance coverage and compliance
Manage end-to-end controls lifecycle along with ensuring adherence to the Enterprise Control Standard
Develop and maintain a robust control inventory to ensure that appropriate risk and regulatory coverage is in place
Communicate control gaps and deficiencies, risk exposures, and changes to the risk profile to senior management
Actively seek and report on opportunities to strengthen processes via automation
Basic Qualifications:
High School Diploma, GED, or equivalent certification
At least 4 years of risk management or internal controls experience
At least 1 year of project management experience
Preferred Qualifications:
Bachelor's Degree
2+ years of experience in governance
2+ years of experience with cloud environments
2+ years of experience in an agile or scrum environment
Security+, CISSP, CEH, CCSP, or AWS Certification
At this time, Capital One will not sponsor a new applicant for employment authorization for this position.
Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.
This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex (including pregnancy, childbirth or related medical conditions), race, color, age, national origin, religion, disability, genetic information, marital status, sexual orientation, gender identity, gender reassignment, citizenship, immigration status, protected veteran status, or any other basis prohibited under applicable federal, state or local law. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries.
If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.
For technical support or questions about Capital One's recruiting process, please send an email to
Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site.
Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).