Capital One Principal Associate Cyber Risk Analysis 

United States, Virginia, Arlington 

878344760

Principal Associate, Cyber Risk and Analysis

As a Principal Associate, Cyber Risk and Analysis, you will play a key role evolving our technology and information security policies, standards, and procedures (PSPs). This includes annual updates to our PSPs, developing new PSPs on an as-needed basis, and partnering with subject matter experts across TRM to draft policy-level requirements. You will engage with stakeholders across the first and second lines of defense as part of the PSP process and apply a customer-focus perspective.

Desired outcomes:

• PSPs renewals are delivered on-time, meeting our high bar for quality

• TRM owns a greater share of technology and information security requirements in the policies we own

• TRM shapes and influences first line owned PSPs through advisory engagement

• Stakeholder feedback is considered and incorporated throughout the process

• Our technology and information security PSPs align to industry standards and best practices

The ideal candidate:

• Is a strategic thinker who is intellectually curious, thrives in a data-driven environment, effective influencer, demonstrates good judgment, excellent problem solver, and is a team player.

• Is a clear communicator with excellent verbal and written communication skills across levels of leadership

• Has passion and expertise in cybersecurity, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions

• Raises concerns early and knows when to escalate, including the ability to raise issues and facilitate constructive problem-solving at all levels of the organization

• Can manage multiple projects/initiatives while maintaining superior results

• Is execution oriented and a self-motivator

Basic Qualifications:

• Bachelor’s degree or military experience

• At least 3 years of experience coordinating projects involving multiple stakeholders

• At least 3 years of experience with cybersecurity or technology policy and the policy making process

• At least 3 years of experience managing, consulting, auditing, or working in the fields of information security, technology, or risk management

• At least 2 years of project or process management experience
  

Preferred Qualifications:

• 4+ years of experience with cybersecurity or technology policy and with the policy making processes

• Familiarity with industry frameworks, such as the NIST Cybersecurity Framework, NIST 800-53, COBIT, or ISO 27001

• Professional security management certifications, such as a Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) or Certified in Risk and Information Systems Controls (CRISC)

McLean, VA: $127,500 - $145,500 for Prin Assoc, Cyber Risk & Analysis New York, NY: $139,100 - $158,700 for Prin Assoc, Cyber Risk & Analysis Richmond, VA: $115,900 - $132,200 for Prin Assoc, Cyber Risk & AnalysisThis role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan.

. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.

If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.