Capital One Principal Associate Business Risk 

United States, Virginia, Arlington 

324155865

Center 3 (19075), United States of America, McLean, Virginia Principal Associate, Business Risk

At Capital One, you will be a vital contributing member to a tiger team responsible for identifying cybersecurity gaps and seams and solutions on how to address them, to include highlighting the need for new or enhanced projects that create business value and reduce critical cyber risk. You are pragmatic and practical in your understanding of security and associated risks, but also willing to know when to pull in experts to inform your efforts and escalate when necessary. You will work with Technical Program Managers and interface closely with product, engineering, architecture, and line-of-business teams to seek input, socialize and validate proposed solutions, and facilitate agreement on implementation andexecution.

Responsibilities:

• Support the team on collectively mapping technologies to a standardized framework in order to identify and execute on best practices in risk reduction through the configuration of cybersecurity tools and platforms.

• Support the development, modification, and use of capability, risk, or threat classification frameworks and standardization methodologies to facilitate the conduct of correlative capability, maturity, and effectiveness evaluations.

• Support data validation and communications on the impact of identified operational, compliance, process, control, and tooling gaps and potential remediation courses of action to multiple audiences, including leadership, to support the enhancement of their cybersecurity postures.

About You:

• You are innovative and experienced in driving change to achieve desired outcomes

• You are familiar with capability, risk, or threat classification frameworks and know how to perform qualitative and quantitative analysis.

• You have experience with issue identification and corrective actionimplementation

• You are familiar with cybersecurity tool and platform capabilities

• You have strong written and verbal communication skills

• You are experienced in providing excellent customer and stakeholder service and support

• You have strong organizational skills and the ability to drive tasks to completion

• You are team oriented and have the ability to interface effectively with a broad range of people and roles, including upper management and technology leaders

Basic Qualifications:

• High School Diploma, GED or equivalent certification

• At least 4 years of experience in Information Technology operations

• At least 2 years of experience in cyber security risk management frameworks

Preferred Qualifications:

• Bachelor's Degree

• Professional certifications such as CISSP, AWS Cloud Practitioner, or AWS Certified Solutions Architect

• 1+ year of experience with monitoring, gathering, and assessing artifacts as part of continuous security monitoring (POA&M, MITRE, NIST 800-53)

New York City (Hybrid On-Site): $134,100 - $153,000 for Prin Assoc, Cyber Risk & Analysis San Francisco, California (Hybrid On-Site): $142,100 - $162,100 for Prin Assoc, Cyber Risk & AnalysisThis role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan.

If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.