Apply on Employer Site

Capital One · 1 day ago

Senior Associate - Cyber, Risk & Analysis Technology Audit

Richmond, VA

Full-time

Hybrid

Mid, Senior Level

$111K/yr - $127K/yr

2+ years exp

Capital One is a financial services company seeking a Senior Associate with experience in evaluating and analyzing technology and cybersecurity risks for their Tech Audit team. The role involves auditing critical technology functions, including cloud-based technology implementations and application controls, while ensuring high-quality standards and effective communication with management.

BankingCredit CardsFinanceFinancial Services

Comp. & Benefits

No H1B

Responsibilities

Execute test procedures of critical technology functions, cloud-based infrastructure, cybersecurity, risk management, application, and third-party management

Perform risk assessments of business activities and perform relevant testing based on the risks and processes associated with the area being audited. Assist in communicating issues, risks and recommendations to all levels of management

Operate independently and ensure work is completed to schedule and meets our high-quality standards

Prepare clear, organized and complete documentation to support work performed

Develop and maintain strong and effective working relationships with key business partners and the extended Audit group

Leverage available data and analytical tools during the planning and fieldwork phases of audit delivery

Proactively follow-up on agreed audit actions to ensure management delivers their commitments within the agreed timescales

Proactively seek out learning opportunities to enhance skills and competencies related to role

Qualification

Tech auditingCybersecurity risk analysisData analyticsCloud computingInformation securityCertified Internal AuditorCoachingCritical thinkingRelationship buildingAdaptability

Required

Bachelor's Degree or military experience

At least 2 years of experience in tech auditing, information technology (operations, software delivery, access management, microservices), information security (application security, network security, cyber security, data protection), information systems risk management, or a combination

At least 1 year of experience in analyzing data extracts to identify trends, patterns, and anomalies, including experience in testing scripting or coding (writing, reviewing, or assessing)

Preferred

Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or relevant cloud and or cyber certifications (such as AWS certifications, CISSP, etc.)

2+ years of experience in banking, in the financial services industry, in a professional services firm serving clients in large banks, or a combination

3+ years of experience auditing or performing cyber or information security

1+ years experience in cloud computing (AWS, GCP, Azure) and controls, or 1+ years of conducting audits of controls in cloud-based environments

Exposure to relevant industry frameworks (e.g. NIST cyber security framework, NIST 800 series, FEDRamp, CIS benchmarks, etc)