Capital One
Finance
PrincipalAuditorCyber,RiskandAnalysisTechnologyAudit(Hybrid)
“Principal Auditor - Cyber, Risk and Analysis Technology Audit (Hybrid) at Capital One. Skills: Technology Audit, Cybersecurity Risk, Risk Management, Cloud Technology Audit, Data Analysis. Execute major components of audits, including critical technology functions, cloud-based infrastructure, cybersecurity, risk management, application, and third-party management. Perform risk assessments of business units and technology operations”
What You'll Achieve.
delivering top-quality assurance services to the organization’s Audit Committee; provide high value, independent, proactive insights; innovate with technology; deliver value-added opinions and recommendations; deliver quality results; deliver outstanding business impact and elevate Audit’s value proposition
Industry & Context.
critical thinker who seeks to understand the business and its control environment; ask questions, test assumptions, and challenge conventional thinking
This role is hybrid meaning associates will spend 3 days per week in-person at one of our offices listed on this job posting.
What They're Looking For.
Must Have
Bachelor's Degree or military experience, At least 4 years of experience in information systems auditing, information systems risk management, information technology (operations, software delivery, access management, microservices), information security (application security, network security, cyber security, data protection), or a combination, At least 1 year of experience in cloud computing and controls (design, operation, risk management, or auditing), At least 2 years of experience in managing components of audit engagements, project management or a combination, At least 2 years of experience in analyzing data extracts to identify trends, patterns, and anomalies, including 1 year of experience in test scripting or coding (writing, reviewing, assessing)
Nice to Have
Certifications related to or pursuing certification related to Cloud, Cyber or Technology Operations, such as Cloud provider certifications, Certified Information Systems Security Professional (CISSP), or Certified Information Security Manager (CISM), Certifications related to or pursuing certification related to Auditing, such as Certified Internal Auditor (CIA), or Certified Information Systems Auditor (CISA), 4+ years of experience with IT control frameworks, 2+ years of experience in planning and leading audits, 2+ years of experience auditing cyber or information security, 1+ years of experience auditing emerging technologies, 1+ years experience in cloud computing using AWS, GCP, or Azure, or 1+ years of conducting audits of controls in cloud-based environments such as AWS, GCP, or Azure, 1+ years of experience in risk and data management, 1+ years of experience performing data analysis in support of internal auditing
What You'll Do.
Execute major components of audits
including critical technology functions
cloud-based infrastructure
and third-party management
Perform risk assessments of business units and technology operations
Design and execute audit procedures to verify the effectiveness of existing controls
Identify and define issues
Review and analyze evidence
Document client processes and procedures
organized and complete documentation to support work performed
Self prioritize and effectively plan own work activities managing multiple priorities and tasks across the team to deliver quality results
Coordinate with others and proactively take on additional work
Perform various aspects of engagement administration
including hours and budget tracking
Provide periodic on-the-job coaching and direct supervision over less experienced associates
How You'll Work.
Team & Collaboration
collaborative, agile environment; Coordinate with others; proactively take on additional work; Deliver appropriate, succinct and organized information, tailoring communication style to audience; Effectively communicate information, issues and audit progress to teammates, clients and auditor-in-charge; develop influential relationships based upon shared risk objectives and trust; create energy and an environment that fosters trust, collaboration, and belonging
Communication Scope
Communicates or assists in communicating the results of some audit projects to management via written reports and oral presentations; Deliver appropriate, succinct and organized information, tailoring communication style to audience; Effectively communicate information, issues and audit progress to teammates, clients and auditor-in-charge
Process & Methodology
managing components of audit engagements, project management, Self prioritize and effectively plan own work activities managing multiple priorities and tasks across the team to deliver quality results
Applying for this Principal Auditor - Cyber, Risk and Analysis Technology Audit (Hybrid) role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Workday
- Workday has a multi-step form — save your progress after every section.
- "Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
- Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
- Job requisition numbers are useful when following up with HR by email.
ANONYMOUS · UNFILTERED
What do employees actually say about Capital One?
Real rants from real employees. Read before you apply.