Capital One
Principal Associate, Cyber Risk & Analysis - Enterprise Services Risk
Capital One, Richmond, Virginia, United States, 23214
Principal Associate, Cyber Risk & Analysis - Enterprise Services Risk
The Enterprise Services Risk organization is expanding with a focus on attracting innovative, pioneering, collaborative, and highly skilled professionals. We operate at the forefront of risk management, providing support for novel and developing technologies, as well as critical business strategies. Diverse perspectives and experiences are valued as we work to redefine the financial sector.
As a Principal Associate, Identity and Access Management (IAM) Risk Guide, you will serve as the dedicated risk conscience and strategic advisor for Capital One's Cyber Identity and Access Management (IAM) team, within our Enterprise Services Risk (ESR) Tech and Product Risk office. This high‑impact role is crucial for managing the inherent risks of our expanding cyber and technology footprint. You will collaborate closely with IAM and the wider ESR team to establish and govern risk management by leveraging best practices and proactively contributing to well‑managed outcomes that directly inform and enable the decisions of our IAM Accountable Executive.
Responsibilities
Govern and support risk objects (risks, issues) throughout their lifecycle
Act as a trusted advisor, leading and driving effective risk conversations with IAM teams
Drive the identification and treatment of risks within IAM teams, inform decisions of IAM Accountable Executives
Lead, facilitate, and contribute to discussions to identify, assess, manage, and report key risk related issues
Operate a continuous improvement approach by reviewing and challenging IAM related risk objects
Be an approachable and effective partner in developing fit‑for‑purpose solutions, with the ability to flex where appropriate
Partner with our extended team of Risk Guides to remove complexity and improve efficiency
Deliver IAM risk advice, challenge, and support to our IAM stakeholders
Ensure key messages are understood and actions are underway, providing risk input, context, and challenge through appropriate and timely reporting and governance actions
Maintain an up‑to‑date and in‑depth industry and technical expertise in relevant areas of risk
Basic Qualifications
High School Diploma, GED or Equivalent Certification
At least 3 years of experience in Risk Management, Process Management, Project Management, or a combination of these
At least 3 years of experience supporting, partnering, and interacting with internal or external business clients
Preferred Qualifications
Bachelor's Degree or Military Experience
At least 4 years of experience in risk management or cyber risk management
At least 5 years of experience in project, program, or portfolio management
At least 1 year of Financial Services industry experience
Risk Certifications (CRISC, CISM, CRCM, CIPP, ABA Risk Management Certification)
Experience in Cyber Security Risk Management
Experience in operational IAM management and governance
Holds one or more of the following certifications: any security, technology, risk, project management, and/or audit certifications (e.g., CompTIA Security+, CompTIA Tech+, CompTIA Network+, CompTIA A+, CompTIA Project+, Systems Security Certified Practitioner (SSCP), Certified Associate in Project Management (CAPM), ISACA Certified in Risk and Information Systems Control (CRISC), ISACA IT Audit Fundamentals Certificate, technology vendor certifications (e.g., AWS, Microsoft, Google))
Ability to navigate a complex, dynamic organization and prioritize deliverables in an multi‑national, expanding business environment
Excellent problem‑solving, analytical and critical thinking skills to effectively respond to shifting priorities, demands and timelines
Prioritize and execute tasks and coordinate with cross‑functional teams
Strong communication and relationship building skills, customer focus, and ability to collaborate and influence across teams to deliver
Experience with the three lines of defense model and risk reporting
At this time, Capital One will not sponsor a new applicant for employment authorization for this position.
Salary:
McLean, VA: $127,500 – $145,500 Richmond, VA: $115,900 – $132,200 Other locations: subject to local pay range and offer letter.
Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well‑being. Eligibility varies based on full or part‑time status, exempt or non‑exempt status, and management level.
Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non‑discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug‑free workplace. Capital One will consider qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries.
#J-18808-Ljbffr
As a Principal Associate, Identity and Access Management (IAM) Risk Guide, you will serve as the dedicated risk conscience and strategic advisor for Capital One's Cyber Identity and Access Management (IAM) team, within our Enterprise Services Risk (ESR) Tech and Product Risk office. This high‑impact role is crucial for managing the inherent risks of our expanding cyber and technology footprint. You will collaborate closely with IAM and the wider ESR team to establish and govern risk management by leveraging best practices and proactively contributing to well‑managed outcomes that directly inform and enable the decisions of our IAM Accountable Executive.
Responsibilities
Govern and support risk objects (risks, issues) throughout their lifecycle
Act as a trusted advisor, leading and driving effective risk conversations with IAM teams
Drive the identification and treatment of risks within IAM teams, inform decisions of IAM Accountable Executives
Lead, facilitate, and contribute to discussions to identify, assess, manage, and report key risk related issues
Operate a continuous improvement approach by reviewing and challenging IAM related risk objects
Be an approachable and effective partner in developing fit‑for‑purpose solutions, with the ability to flex where appropriate
Partner with our extended team of Risk Guides to remove complexity and improve efficiency
Deliver IAM risk advice, challenge, and support to our IAM stakeholders
Ensure key messages are understood and actions are underway, providing risk input, context, and challenge through appropriate and timely reporting and governance actions
Maintain an up‑to‑date and in‑depth industry and technical expertise in relevant areas of risk
Basic Qualifications
High School Diploma, GED or Equivalent Certification
At least 3 years of experience in Risk Management, Process Management, Project Management, or a combination of these
At least 3 years of experience supporting, partnering, and interacting with internal or external business clients
Preferred Qualifications
Bachelor's Degree or Military Experience
At least 4 years of experience in risk management or cyber risk management
At least 5 years of experience in project, program, or portfolio management
At least 1 year of Financial Services industry experience
Risk Certifications (CRISC, CISM, CRCM, CIPP, ABA Risk Management Certification)
Experience in Cyber Security Risk Management
Experience in operational IAM management and governance
Holds one or more of the following certifications: any security, technology, risk, project management, and/or audit certifications (e.g., CompTIA Security+, CompTIA Tech+, CompTIA Network+, CompTIA A+, CompTIA Project+, Systems Security Certified Practitioner (SSCP), Certified Associate in Project Management (CAPM), ISACA Certified in Risk and Information Systems Control (CRISC), ISACA IT Audit Fundamentals Certificate, technology vendor certifications (e.g., AWS, Microsoft, Google))
Ability to navigate a complex, dynamic organization and prioritize deliverables in an multi‑national, expanding business environment
Excellent problem‑solving, analytical and critical thinking skills to effectively respond to shifting priorities, demands and timelines
Prioritize and execute tasks and coordinate with cross‑functional teams
Strong communication and relationship building skills, customer focus, and ability to collaborate and influence across teams to deliver
Experience with the three lines of defense model and risk reporting
At this time, Capital One will not sponsor a new applicant for employment authorization for this position.
Salary:
McLean, VA: $127,500 – $145,500 Richmond, VA: $115,900 – $132,200 Other locations: subject to local pay range and offer letter.
Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well‑being. Eligibility varies based on full or part‑time status, exempt or non‑exempt status, and management level.
Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non‑discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug‑free workplace. Capital One will consider qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries.
#J-18808-Ljbffr