Capital One Audit and Exams – Information Security (Cyber) in Tysons Corner, Virginia

7900 Westpark Drive (12131), United States of America, Tysons, Virginia

At Capital One, we’re building a leading information-based technology company. Still founder-led by Chairman and Chief Executive Officer Richard Fairbank, Capital One is on a mission to help our customers succeed by bringing ingenuity, simplicity, and humanity to banking. We measure our efforts by the success our customers enjoy and the advocacy they exhibit. We are succeeding because they are succeeding.

Guided by our shared values, we thrive in an environment where collaboration and openness are valued. We believe that innovation is powered by perspective and that teamwork and respect for each other lead to superior results. We elevate each other and obsess about doing the right thing. Our associates serve with humility and a deep respect for their responsibility in helping our customers achieve their goals and realize their dreams. Together, we are on a quest to change banking for good.

Audit and Exams – Information Security (Cyber)

As a member of the highly regulated financial industry, Capital One is subject to numerous examinations conducted by various government organizations. Coupled with the rise of cyber attacks on our customers’ financial and personal data, the Cyber organization is a focal point of many of these examinations. Additionally, in support of complying with this government oversight and our own internal risk management framework, Capital One’s Corporate Audit Services (CAS) conducts frequent audits of the Cyber organization, its processes, and security controls.

The Cyber Audit and Exam Liaison (AEL) team, as a part of the Cyber Resilience initiative, is focused on delivering high quality, consistent, and compliant communication with Capital One’s external examiners (OCC, FRB, FINRA) and internal auditors. Capital One is seeking an energetic, self-motivated Principal Associate interested in joining our Cyber AEL team. The candidate will work independently, with guidance from Cyber Resilience leadership, as needed.

Basic Qualifications:

  • Bachelor’s Degree or military experience

  • At least 4 years of experience in information security or risk management

Preferred Qualifications:

  • 2+ years of experience performing in the role of auditor-in-charge

  • Certified Information Systems Auditor (CISA), or Certified Internal Auditor (CIA), or Certified Information Systems Security Professional (CISSP), or Certified Information Security Manager (CISM)

  • 1+ years of experience in the financial services industry

  • 1+ years of experience with IT control frameworks and their application to audits of IT controls

Here's what we're looking for in an ideal teammate:

  • You believe insight and objectivity are core elements to providing assurance on the effectiveness and efficiency of Capital One’s governance, risk management, and internal control processes.

  • You adapt to change, embrace bold ideas, and are intellectually curious. You like to ask questions, test assumptions, and challenge conventional thinking.

  • You develop influential relationships based upon shared risk objectives and trust to deliver outstanding business impact and elevate Audit’s value proposition.

  • You’re a firm believer that a rich understanding of data, innovation, and technical knowledge will only make you a better team member as part of the Audit and Exam team.

  • You have a passion for coaching and investing in the betterment of your team.

  • Lastly, you create energy and an environment that make it easy to attract, hire, and retain top talent.

Responsibilities:

  • Coordinate participation in internal audits and exams through coordination of program documentation and quality assurance review of evidence (submitted to the auditors and/or examiners)

  • Prepare Cyber Senior Leadership team (including CISO) for their key activities in internal audits and exams

  • Coordinate and monitor corrective action of findings and risks, and ensure implementation by deadlines

  • Coordinate documentation on issue remediation efforts (including milestone deliverables and overall finding completion), request list trackers, and review evidence

  • Lead development of status reporting and validation of audit/exam data, including audit/exam metrics to senior leadership

  • Lead a highly collaborative team, managing time with a sense of urgency to ensure audit and exam deliverables are completed within established timeframes

  • Identify when there are concerns to deliverables or potential new issues from an internal audit or exam and escalate to Cyber Senior Leadership team, as appropriate

  • Establish and maintain strong relationships with both team members and stakeholders

  • Review audit and exam findings and assist with documentation in the risk system of record, PRIME

  • Periodically review Cyber audit and exam processes to identify improvements and efficiencies

At this time, Capital One will not sponsor a new applicant for employment authorization for this position.