Principal Associate, Tech & data risk Management

Voyager (94001) India Bangalore Karnataka

Principal Associate Tech & data risk Management

At Capital One were building a leading information-based technology company. Still founder-led by Chairman and Chief Executive Officer Richard Fairbank Capital One is on a mission to help our customers succeed by bringing ingenuity simplicity and humanity to banking.

At Capital One India we are at the cutting edge of solving fundamental business problems using advanced data methodologies statistics and machine learning algorithms. We analyze data to derive valuable business insights make decisions and develop innovative and patentable products.

We are looking for a Principal Associate to handle the Risk Management activities with a demonstrated ability to work well in teams develop new ideas and take ownership of the initiatives. Would you like to work in a collaborative environment where your contributions are recognized and rewarded all the while having a work-life balance If so opportunity for professional and personal fulfillment in a dynamic progressive organization awaits you at Capital One!

As a Principal Associate you will have dynamic responsibilities associated with Capital One Indias Risk Management team helping to ensure a timely and accurate month-end risk reporting in addition to managing Policy documents and in-house Six-Sigma based framework - forming an integral part of the job. You will also work with an outstanding team to implement the Risk Management framework and collaborate on recommended solutions.

Responsibilities

• Data Governance

  • Develop implement and maintain the organizations data governance framework.

  • Define and enforce data ownership & stewardship responsibilities.

  • Ensure data quality integrity and security in compliance with internal policies and external regulations. (e.g. GDPR CCPA)

  • Work with IT and business stakeholders to identify data issues and recommend improvements

  • Monitor and report on data governance metrics and compliance.

• Work with Tech business and other relevant teams to address technology risks

• Communicate risk information and recommendations to stakeholders

• Provide training and support to employees on risk management practices

• Support the design implementation and maintenance of processes and solutions to facilitate technology risk identification analysis and management

• Act as a central point of contact for your line of business to the rest of Capital Ones Technology Risk Management

• Serve as an expert in Capital Ones Tech Risk capabilities solutions policies procedures and standards

• Provide ad hoc support on special Tech Risk hot topics for the business

• Provide regular updates to executive leadership with your line of business on the overall Tech health and risk environment

• Work with line of business leadership to anticipate their objectives and needs to better serve line of business

• Manage the India Risk Management team consisting of Risk and Assurance activities to ensure

  • Timely completion of all activities

  • Adequate cross training and backup

  • Completion of asks from India Leadership

  • Strategic planning for the Risk Management function

• PSP - Governance (Policies Standards & Procedures)

  • Review and ensure compliance with the Enterprise Policy Program standard

  • Report on creation of new documents renewals/ expiry of existing documents and Standard Adherence Assessment conducted by CPO (Corporate Policy Office)

  • Maintain repository of India wide documents

  • Influence updates to policies standards to enhance risk management activities

  • Maintain Risk Management PSPs and SOPs and draft new documents as the team expands the scope of work

• Corporate Insurance

  • Renew and maintain following Insurance Policies

    • Workers Compensation (WC)

    • Property Insurance

    • Directors and Officers Liability (D&O)

    • Commercial General Liability (CGL)

  • Coordinate with Insurance Broker and facilitate claims

• Physical Records

  • Facilitate storage and transport of physical records via third party

  • Maintain Inventory Index to track the data and retention requirements by Law

• Internal Audit

  • Finalize the vendor to conduct annual Internal Audit

  • Draft the scope and IA calendar

  • Coordinate with Internal teams and facilitate the IA

  • Assist in timely closure of observations/ recommendations

  • Report the status and details of observations to LT

• Prepare the Risk reports at India site level risk in the Enterprise Risk Management framework including key topics like

  • Phishing drill report to Leadership Team (LT)

  • Bi-annual Official Records (non-HR GDrive) certification and reporting to Risk Head

  • Quarterly Sensitive Data Assessment and reporting to Risk Head

  • Monthly Hard Disk Drive (HDD) remediation report to LT

  • Monthly Iron Mountain document storage to File manages respective LTs

• Constantly work with US Risk Office and Tech Risk teams to expand the scope of Risk Reporting

• Prepare Assurance Reports including

  • Monthly Controls execution report to owners & relevant LT

  • Coordinate with Capital One US teams and India support teams to report status on:

    • IA TPM

    • ABAC

    • BCP testing

    • Standard Adherence Assessment

    • Statutory Audit

• Work closely with LT to maintain artefacts (like Vision Roadmap etc) in the internal portal for SLQ2CQ (Capital One internal Lean - Six Sigma based framework)

• Present the Risk and Assurance reports to LT in the following forums:

  • Monthly Business Review (MBR) - chaired by India head US Risk Office head and US Legal head

  • Quarterly Risk Legal & Tech Committee - chaired by India head US Risk Office head US Legal head and US Tech Head

• Ideate and implement Risk Management framework across Risk Taxonomy and refresh framework based on evolving business needs/ risks

• Partner with other Risk Management functions across the company and cross functional teams to conduct Process Level Assessments

• Maintain relationships with key stakeholders to ensure timely delivery of commitments

About You

• You have a desire to work in a very fast moving forward leaning modern computing environment

• You have a deep passion for Securing modern computing platforms

• You have a strong desire to continually learn about new technologies

• You possess strong conceptual thinking and communication skills

• You are able to work well under minimal supervision

• You are a demonstrated leader with team-oriented interpersonal skills and the ability to interface effectively with a broad range of people and roles including upper management IT leaders and technology vendors

• You maintain calmness and clarity of thought under pressure and ability to maintain confidentiality

• You have a deep understanding of strategic business objectives and the ability to drive results toward those objectives

Basic Qualifications

• At least 2 years of experience working with IT infrastructure systems and applications.

• Bachelors degree in Engineering

• At least 5 years of experience in engineering

• At least 3 years of experience in providing guidance and oversight of Security concepts

• At least 3 years of experience in performing security risk assessments and security architecture reviews

• At least 3 years of experience in Architecture software design networking and Cloud infrastructure

• Professional certifications such as AWS Certified Solutions Architect

Preferred Qualifications

• Experience utilizing Agile methodologies

• Experience with Software Security Architecture and Application Security

• Financial services industry experience

• Good communication skills - Verbal written and presentation

At this time Capital One will not sponsor a new applicant for employment authorization for this position.

No agencies please. Capital One is an equal opportunity employer (EOE including disability/vet) committed to non-discrimination in compliance with applicable federal state and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries including to the extent applicable Article 23-A of the New York Correction Law; San Francisco California Police Code Article 49 Sections 4901-4920; New York Citys Fair Chance Act; Philadelphias Fair Criminal Records Screening Act; and other applicable federal state and local laws and regulations regarding criminal background inquiries.

If you have visited our website in search of information on employment opportunities or to apply for a position and you require an accommodation please contact Capital One Recruiting at 1- or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.

For technical support or questions about Capital Ones recruiting process please send an email to

Capital One does not provide endorse nor guarantee and is not liable for third-party products services educational tools or other information available through this site.

Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).