This job is closed
We regret to inform you that the job you were interested in has been closed. Although this specific position is no longer available, we encourage you to continue exploring other opportunities on our job board.
About the position
The Principal Auditor for Cyber, Risk & Analysis at Capital One is responsible for evaluating and analyzing technology and cybersecurity risks within the organization. This role involves executing audits of critical technology functions, including cloud-based implementations and application controls, while providing insights and recommendations to enhance the effectiveness of governance, risk management, and internal controls. The position requires strong analytical skills, effective communication, and the ability to manage multiple priorities in a collaborative environment.
Responsibilities
- Execute major components of audits, including critical technology functions, cloud-based infrastructure, cybersecurity, risk management, application, and third-party management.
- Perform risk assessments of business units and technology operations, design and execute audit procedures to verify the effectiveness of existing controls.
- Understand the broader context and implications of various types of risk affecting the business and critical technology functions.
- Establish and maintain good client relations during engagements and communicate audit results to management.
- Identify expectations of the client and take actions to support the client experience.
- Prepare clear, organized and complete documentation to support work performed.
- Self-prioritize and effectively plan own work activities managing multiple priorities and tasks across the team.
- Coordinate with others and proactively take on additional work.
- Deliver appropriate, succinct and organized information, tailoring communication style to audience.
- Perform various aspects of engagement administration, including hours and budget tracking.
- Provide periodic on-the-job coaching and direct supervision over less experienced associates.
Requirements
- Bachelor's Degree or military experience
- At least 4 years of experience in information technology, information security, information systems risk management, or information systems auditing
- At least 1 year of experience in cloud computing and controls
- At least 2 years of experience in managing audit engagements or project management
- At least 2 years of experience in analyzing data extracts to identify trends, patterns, and anomalies, including 1 year of experience in test scripting or coding.
Nice-to-haves
- Certifications related to Cloud, Cyber or Technology Operations, such as Cloud provider certifications, CISSP, or CISM
- Certifications related to Auditing, such as CIA or CISA
- 4+ years of experience with IT control frameworks
- 2+ years of experience in planning and leading audits
- 2+ years of experience auditing cyber or information security
- 1+ years of experience auditing emerging technologies
- 1+ years experience in cloud computing (AWS, GCP, Azure) and controls
- 1+ years of experience in risk and data management
- 1+ years of experience performing data analysis in support of internal auditing.
Benefits
- Comprehensive health benefits
- Financial benefits
- Inclusive workplace policies
