Capital One Principal Analyst Capital Markets & Risk 

United States, Virginia, Arlington 

434527591

Principal Associate, TRM Controls Review

As a member of a growing organization, you will have the opportunity to shape and further refine your portfolio commensurate with the priorities of the organization and the company. The demands and high-visibility nature of this position requires an expert with a proven ability to work independently in a fast-paced environment and who can begin contributing

Essential Functions (Responsibilities):

• Perform independent controls review of the company’s cybersecurity and technology control environment

• Perform assessments of first line control testing programs to determine sufficiency of processes and effectiveness of execution

• Provide technical assessments of technology control design and effectiveness by performing independent testing

• Draft assessments for senior management and other stakeholders, to include regulatory agencies and the Board of Directors, as required

• Provide challenge, expertise and advice on enhancing the design, effectiveness, and maturity of the company’s technology controls and capabilities

• Participate in management of the overall technology control inventory which defines the scope of the controls review program

• Stay current on emerging cyber threats, technologies, controls, and potential implications for the company

• Collaborate effectively with colleagues, stakeholders, and leaders across multiple organizations to achieve objectives

• Coordinate program-related activities and deliverables to ensure effective collaboration within the team and across stakeholder groups

Basic Qualifications:

• Bachelor’s degree or military experience

• At least 3 years of experience testing technology controls based on established industry risk frameworks, including: the National Institute of Standards and Technology (NIST) Cybersecurity Framework,Control Objectives for Information and Related Technology (COBIT v5),Committee of Sponsoring Organizations (COSO), orFederal Risk and Authorization Management Program (FedRAMP)

• At least 3 years of experience managing, consulting, auditing, or working in the fields of information security or information technology

• At least 3 years of experience with cybersecurity and technology practices

Preferred Qualifications:

• Professional security management certifications, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified in Risk and Information Systems Control (CRISC), Certified Cloud Security Professional (CCSP), AWS Cloud Practitioner Certification

• Experience using automated testing tools

McLean, VA: $117,300 - $133,900 for Principal Risk Specialist Richmond, VA: $106,700 - $121,700 for Principal Risk SpecialistThis role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan.

. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.

If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.