Principal Risk Specialist - FS Tech Well Managed Controls

Capital One Financial Services (FS) Technology Well Managed Controls is seeking an energetic selfmotivated Principal Risk Specialist who is interested in becoming part of our team.

Technology Well Managed Controls professionals at Capital One are the first line of defense to ensure our Company remains wellmanaged and profitable. They are highly motivated experienced credentialed Risk Management professionals that are forward thinking quick to adapt and technologically adept. These skills allow them to gain insights and act as a change agent to influence technology partners. As a member of the FS Tech Well Managed Controls Team the candidate will focus on reviews of critical technology functions including cloudbased technology emerging technology and cybersecurity risks. The candidate will have a high level of exposure across lines of business and have the opportunity to create and implement innovative solutions to appropriately mitigate risks within the Financial Services Technology organization.

Responsibilities:

• Support the evaluation of and improvement of the control environment for the Financial Services Technology organization

• Contribute to the assessment of FS Technologys control environment by verifying the design and operating effectiveness of existing controls as well as identifying and tracking control gaps/issues to remediation

• Lead design developing and managing project plans in a complex dynamic environment revising needs to meet changing requirements

• Lead meetings with the 1st line independent control testing team to provide an overview of the process narrative and measures implemented for control sustainability

• Independently perform documentation of processes and process flow diagrams controls reporting dashboards and controls health monitoring

• Analyze data to proactively identify risks and trends and prepare reporting for Executive Leadership

• Understand regulatory requirements and anticipate changes to help ensure proper alignment with internal requirements and frameworks

• Collaborate with Technology Application Teams ES Tech Risk Cyber and other business support functions (e.g. Business Risk Office)

• Participate in enterprise Well Managed forums and relevant councils

• Understand the broader context and implications (e.g. financial legal reputational etc. of the various types of risk affecting the technology functions

Basic Qualifications:

• High School Diploma GED or equivalent certification

• At least 3 years of experience in Technology Operational Risk or IT Internal or External Audit

• At least 2 years of experience performing data analysis in support of internal risk assessments and control reviews

• At least 2 years of experience planning and leading IT audits or risk assessments

• At least 1 year of experience performing controls testing over AWS cloudbased infrastructure

• At least 2 years of experience in risk and data management

Preferred Qualifications:

• Bachelors Degree

• Certified Information Systems Auditor (CISA) Certified in Risk and Information Systems Control (CRISC) Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) or related certification

• 5 years of experience in information systems auditing or information systems risk management

• 4 years of experience performing control design and effectiveness testing and completing assessment against established industry risk frameworks including: the NIST Cybersecurity Framework COBIT v5 or COSO

• Excellent verbal presentation and written communication skills to confidently interact with application teams and enterprise stakeholders

• Excellent problemsolving analytical and critical thinking skills to effectively respond to shifting priorities demands and timelines

• Consulting experience with a Big 4 firm

• Cloud Risk Management experience

• Proficient with G Suite/Google Workspace for reports analysis and presentations

At this time Capital One will not sponsor a new applicant for employment authorization or offer any immigration related support for this position (i.e. H1B F1 OPT F1 STEM OPT F1 CPT J1 TN or another type of work authorization).

The minimum and maximum fulltime annual salaries for this role are listed below by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for parttime roles will be prorated based upon the agreed upon number of hours to be regularly worked.

Candidates hired to work in other locations will be subject to the pay range associated with that location and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidates offer letter.

Capital One offers a comprehensive competitive and inclusive set of health financial and other benefits that support your total wellbeing. Learn more at theCapital One Careers website. Eligibility varies based on full or parttime status exempt or nonexempt status and management level.

If you have visited our website in search of information on employment opportunities or to apply for a position and you require an accommodation please contact Capital One Recruiting ator via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.

For technical support or questions about Capital Ones recruiting process please send an email to

Capital One does not provide endorse nor guarantee and is not liable for thirdparty products services educational tools or other information available through this site.

Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).