Capital One Technical Business Risk Principle Associate 

United States, Virginia, Arlington 

762315366

Technical Business Risk, Principle Associate

Responsibilities:

• Serve as an Information Security Risk Management subject matter expert and advise on best practices in risk reduction through the optimization and configuration of cybersecurity tools and platforms

• Support the development and use of capability, risk, or threat frameworks to facilitate the conduct of correlative capability and effectiveness evaluations

• Lead validation of cybersecurity tool, integrations, or capability mapping to said frameworks to support solutioning for, and management activities in response to, large-scale enterprise risk reduction efforts

• Help identify linkages among threats, risks, controls, capabilities, and tooling, and metrics to support risk and investment decisioning

• Effectively communicate the impact of capability gaps, redundancies, and technology changes to various audiences, including leadership, to support the enhancement of their cybersecurity postures

About You:

• You are innovative and experienced in driving change

• You are familiar with capability, risk, or threat classification frameworks (Mitre D3FEND, ATT&CK, or ATLAS) and know how to perform qualitative and quantitative analysis

• You have working knowledge of cybersecurity modeling, hardening, detecting, and isolating tools, configurations, and platform capabilities

• You have strong written and verbal communication skills

• You are experienced in providing excellent customer and stakeholder service and support

• You have strong organizational skills and the ability to drive tasks to completion

• You possess the ability to negotiate and influence results without direct authority

• You are team-oriented and have the ability to interface effectively with a broad range of people and roles, including upper management and technology leaders

Basic Qualifications:

• High School Diploma, GED, or equivalent certification

• At least 3 years of experience in cybersecurity, information technology, or risk management

• At least 1 year of experience with technology or cyber security risk management frameworks

• At least 1 year of experience performing cyber security risk assessments or cyber security architecture reviews

• At least 1 year of experience with cyber technical product management, architecture, or engineering

Preferred Qualifications:

• Bachelor’s Degree

• 2+ years of experience in operational compliance, assessments, or audit

• 1+ years of experience in public cloud security and multi-cloud environments

• 1+ years of experience with Agile process and JIRA management and reporting

• 1+ years of experience in regulated financial services organizations

• CISSP, CISM, CISA, AWS Cloud Practitioner, or AWS Certified Solutions Architect Associate Certification

McLean, VA: $158,600 - $181,000 for Prin Assoc, Cyber Technical Richmond, VA: $144,200 - $164,600 for Prin Assoc, Cyber TechnicalThis role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan.

. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.

If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.