Capital One
Principal Auditor - Cyber, Risk and Analysis Technology Audit
Capital One, Mc Lean, Virginia, us, 22107
Overview
Principal Auditor - Cyber, Risk and Analysis Technology Audit Capital One’s Audit function delivers quality assurance to the organization’s Audit Committee. The team operates in a collaborative, agile environment to provide independent, proactive insights and recommendations. The Principal Technology Auditor focuses on audits of critical technology functions including cloud-based implementations, application controls, and cybersecurity risks. Responsibilities
Execute major components of audits covering critical technology functions, cloud-based infrastructure, cybersecurity, risk management, application controls, and third-party management. Assist in leading components of small to medium size audits. Perform risk assessments of business units and technology operations; design and execute audit procedures to verify control effectiveness; identify and define issues; review and analyze evidence; document client processes and procedures. Understand broader financial, legal, reputational, and other risk contexts affecting the business and critical technology functions. Establish and maintain good client relations; communicate audit results to management through written reports and oral presentations. Identify client expectations and support the client experience. Prepare clear, organized documentation to support work performed. Self-prioritize and plan work across multiple priorities; coordinate with others and take on additional work as needed. Deliver concise, organized information tailored to the audience; communicate audit progress to teammates and clients. Support engagement administration, including hours and budget tracking; provide on-the-job coaching and supervision to less experienced associates. Ideal Teammate
Critical thinker who understands the business and its control environment. Values insight and objectivity to provide assurance on governance, risk management, and internal controls. Quality-focused, timely, adaptable to change, and intellectually curious. Builds influential relationships based on shared risk objectives and trust to deliver business impact. Believes in leveraging data analytics and technology to enhance auditing capabilities. Collaborative leader who coaches others and fosters a trustworthy, inclusive team environment. Travel Expectations
The associate is expected to travel approximately 10-15% of the time. Qualifications
Basic Qualifications
Bachelor’s Degree or military experience At least 4 years of experience in information technology, information security, information systems risk management, information systems auditing, or a combination At least 1 year of experience in cloud computing and controls At least 2 years of experience managing components of audit engagements or project management At least 2 years of experience analyzing data extracts to identify trends, patterns, and anomalies, including 1 year of experience in data analysis or relevant scripting/coding Preferred Qualifications
Certifications related to Cloud, Cyber, or Technology Operations (e.g., CISSP, CISM) or pursuing relevant certifications 1 year of experience with payment technologies and cloud-based/virtualized environments Certifications related to Auditing (e.g., CIA, CISA) 4+ years of experience with IT control frameworks 2+ years of experience planning and leading audits; 2+ years auditing cyber or information security; 1+ years auditing emerging technologies 1+ years experience in cloud computing (AWS, GCP, Azure) or auditing cloud controls 1+ years experience in risk and data management; 1+ years experience performing data analysis in internal auditing Note:
At this time, Capital One will not sponsor a new applicant for employment authorization for this position. Work Arrangement:
This role is hybrid — associates spend 3 days per week in-person at an office listed in the posting; Fridays are enterprise-wide virtual work days. Compensation and Benefits
Salary ranges are location-dependent and may be adjusted by location. This role is eligible for performance-based incentive compensation. Capital One offers comprehensive benefits. Salary ranges provided in this posting apply to the specified locations and may be prorated for part-time roles. This role is expected to accept applications for a minimum of 5 business days. EEO Statement:
No agencies. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with laws. Capital One promotes a drug-free workplace and considers qualified applicants with criminal histories pursuant to applicable laws.
#J-18808-Ljbffr
Principal Auditor - Cyber, Risk and Analysis Technology Audit Capital One’s Audit function delivers quality assurance to the organization’s Audit Committee. The team operates in a collaborative, agile environment to provide independent, proactive insights and recommendations. The Principal Technology Auditor focuses on audits of critical technology functions including cloud-based implementations, application controls, and cybersecurity risks. Responsibilities
Execute major components of audits covering critical technology functions, cloud-based infrastructure, cybersecurity, risk management, application controls, and third-party management. Assist in leading components of small to medium size audits. Perform risk assessments of business units and technology operations; design and execute audit procedures to verify control effectiveness; identify and define issues; review and analyze evidence; document client processes and procedures. Understand broader financial, legal, reputational, and other risk contexts affecting the business and critical technology functions. Establish and maintain good client relations; communicate audit results to management through written reports and oral presentations. Identify client expectations and support the client experience. Prepare clear, organized documentation to support work performed. Self-prioritize and plan work across multiple priorities; coordinate with others and take on additional work as needed. Deliver concise, organized information tailored to the audience; communicate audit progress to teammates and clients. Support engagement administration, including hours and budget tracking; provide on-the-job coaching and supervision to less experienced associates. Ideal Teammate
Critical thinker who understands the business and its control environment. Values insight and objectivity to provide assurance on governance, risk management, and internal controls. Quality-focused, timely, adaptable to change, and intellectually curious. Builds influential relationships based on shared risk objectives and trust to deliver business impact. Believes in leveraging data analytics and technology to enhance auditing capabilities. Collaborative leader who coaches others and fosters a trustworthy, inclusive team environment. Travel Expectations
The associate is expected to travel approximately 10-15% of the time. Qualifications
Basic Qualifications
Bachelor’s Degree or military experience At least 4 years of experience in information technology, information security, information systems risk management, information systems auditing, or a combination At least 1 year of experience in cloud computing and controls At least 2 years of experience managing components of audit engagements or project management At least 2 years of experience analyzing data extracts to identify trends, patterns, and anomalies, including 1 year of experience in data analysis or relevant scripting/coding Preferred Qualifications
Certifications related to Cloud, Cyber, or Technology Operations (e.g., CISSP, CISM) or pursuing relevant certifications 1 year of experience with payment technologies and cloud-based/virtualized environments Certifications related to Auditing (e.g., CIA, CISA) 4+ years of experience with IT control frameworks 2+ years of experience planning and leading audits; 2+ years auditing cyber or information security; 1+ years auditing emerging technologies 1+ years experience in cloud computing (AWS, GCP, Azure) or auditing cloud controls 1+ years experience in risk and data management; 1+ years experience performing data analysis in internal auditing Note:
At this time, Capital One will not sponsor a new applicant for employment authorization for this position. Work Arrangement:
This role is hybrid — associates spend 3 days per week in-person at an office listed in the posting; Fridays are enterprise-wide virtual work days. Compensation and Benefits
Salary ranges are location-dependent and may be adjusted by location. This role is eligible for performance-based incentive compensation. Capital One offers comprehensive benefits. Salary ranges provided in this posting apply to the specified locations and may be prorated for part-time roles. This role is expected to accept applications for a minimum of 5 business days. EEO Statement:
No agencies. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with laws. Capital One promotes a drug-free workplace and considers qualified applicants with criminal histories pursuant to applicable laws.
#J-18808-Ljbffr