Senior Audit Manager - Cyber Technical, Technology Audit

Capital Ones Audit function is a dedicated group of professionals focused on delivering top-quality assurance services to the organizations Audit Committee. Audit professionals are experienced well-trained and credentialed and operate within a collaborative agile environment to deliver value-added opinions and recommendations. Audits vision to provide high value independent proactive insights to innovate with technology and to be a top-notch talent destination creates a dynamic and challenging atmosphere for both personal growth and professional opportunity.

Capital One is seeking an energetic self-motivated Sr. Technology Manager with experience in technology including resiliency and recovery cyber and information security analysis interested in becoming part of our Audit team. As a member of the Audit team the candidate will focus on audits of critical technology functions including cloud-based technology implementations as well as data center operations application mainframe or cloud technology controls and cybersecurity risks.

Responsibilities:

• Proactively monitor the technology control environment for changing risks and necessary updates. Lead continuous monitoring activities and updates to risk assessments audit universe and audit plan.

• Oversee multiple concurrent Cybersecurity IT Operations including key third party hosted services and Cloud audits across assigned portfolios.

• Develop engagement planning documentation and audit programs to ensure adequate coverage of risk and sufficient rationale for audit scope.

• Supervise and coordinate work assignments amongst audit team members. Provide timely feedback on-the-job training and coaching to audit staff and direct reports.

• Establish and maintain good relationships with key business and audit partners particularly in third party risk and business continuity risk management. Leverage specialized knowledge and skills providing management with insight into areas of technology business continuity and third party risk. Effectively represent internal audit at management meetings internal forums and to external organizations.

• Assess relevance of audit findings potential exposures materiality improving or deteriorating trends and demonstrate awareness of broader issues. Interpret business priorities anticipate issues and obstacles and apply to scope of role.

• Deliver appropriate succinct and organized information tailoring communication style to audience. Effectively review and compile relevant material findings and recommendations into readable and concise audit reports. Communicate complex results and implications incorporating different perspectives into deliverables.

• Manage timely and high quality delivery of multiple tasks including audits projects special assignments and administrative activities. Self-prioritize and independently complete multiple tasks across the team and department. Demonstrate the ability to successfully meet deadlines and identify/escalate impediments in a timely manner.

Ideal Teammate:

• You are a critical thinker who seeks to understand the business and its control environment.

• You believe insight and objectivity are core elements to providing assurance on the effectiveness and efficiency of Capital Ones governance risk management and internal control processes.

• You possess a relentless focus on quality and timeliness.

• You adapt to change embrace bold ideas and are intellectually curious. You like to ask questions test assumptions and challenge conventional thinking.

• You develop influential relationships based upon shared risk objectives and trust to deliver outstanding business impact and elevate Audits value proposition.

• Youre a firm believer that a rich understanding of data innovation and technology will only make you a better auditor. This will require leveraging the power of data analytics and furthering your technical expertise.

• Youre a teacher. You do the right thing and lead by example. You have a passion for coaching and investing in the betterment of your team. You lead through change with candor and optimism.

• You create energy and an environment that fosters trust collaboration and belonging making it easy to attract hire and retain top talent.

Basic Qualifications:

• Bachelors Degree or military experience

• At least 7 years of experience in information technology (resiliency and change management operations software delivery access management information security cloud computing)

• At least 4 years of experience in managing audit engagements project management or a combination

• At least 4 years of experience leading a team to deliver initiatives collection of work or a combination

• At least 4 years of experience in analyzing data extracts to identify trends patterns and anomalies including experience in test scripting coding (writing reviewing or assessing) or a combination

• At least 4 years of experience in information security (application security network security cyber security data protection)

• At least 4 years of experience in third party hosted technology controls (business continuity & disaster recovery physical and environmental controls)

• At least 2 years of experience in cloud computing and controls (design operation risk management or auditing)

• At least 2 years of experience in third party risk management and business continuity risk management.

• At least 2 years experience of people management

Preferred Qualifications

• 8 years of experience in information systems auditing in information systems risk management in technology operations or a combination

• Certifications related to or pursuing certification related to Cloud Cyber or Technology Operations such as Cloud provider certifications Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM)

• Certifications related to or pursuing certification related to Auditing such as Certified Internal Auditor (CIA) or Certified Information Systems Auditor (CISA)

• 7 years of experience with IT control frameworks

• 4 years of experience auditing cyber or information security

• 4 years of experience auditing key third party service providers hosting critical enterprise applications

• 4 years experience in auditing or working in third party risk management and / or business continuity processes.

• 4 years experience in cloud computing (notably AWS GCP Azure) and controls or 1 years of conducting audits of controls in cloud-based environments

• 4 years of experience in risk and data management

• 4 years of experience performing data analysis in support of internal auditing

• 2 years of experience auditing emerging technologies

At this time Capital One will not sponsor a new applicant for employment authorization for this position.

This role is hybrid meaning associates typically spend about half their time (2-3 days per week) in-person at one of our offices listed on this job posting. Monday and Fridays are enterprise- wide virtual work days. Tuesday Wednesday and Thursday are in-person days for associates to spend time together working in our beautifully-designed team areas.

The minimum and maximum full-time annual salaries for this role are listed below by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked.

Candidates hired to work in other locations will be subject to the pay range associated with that location and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidates offer letter.

Capital One offers a comprehensive competitive and inclusive set of health financial and other benefits that support your total well-being. Learn more at theCapital One Careers website. Eligibility varies based on full or part-time status exempt or non-exempt status and management level.

If you have visited our website in search of information on employment opportunities or to apply for a position and you require an accommodation please contact Capital One Recruiting at 1- or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.

For technical support or questions about Capital Ones recruiting process please send an email to

Capital One does not provide endorse nor guarantee and is not liable for third-party products services educational tools or other information available through this site.

Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).