Cloud Control Risk Specialist, Principal Associate

Capital One
McLean, Virginia, United States
Jan 08, 2023
Feb 07, 2023
Full Time
1750 Tysons (12023), United States of America, McLean, Virginia

Cloud Control Risk Specialist, Principal Associate

The Cloud Safety Team's Control Governance Office is seeking an experienced, highly motivated Cloud Control Risk Specialist, Principal Associate with a strong proven audit mind-set when it comes to testing a control.

The ideal candidate will have good organizational and communication skills, a proven background in evaluation of controls, experience in testing and validating AWS, GCP and Azure is a plus. This role involves thorough understanding of control lifecycle from requirements, design, development, testing, validation and maintenance, which include periodic reassessments. This is a great opportunity to work on a challenging role in a dynamic and fast-paced environment. The candidate should be able to multitask and prioritize assignments appropriately.

On a typical day, the ideal candidate would prepare documentation and communication, evaluate and review risks and requirements, review processes and related controls materials, hold walkthrough meetings with applicable stakeholders, assess the design and operating effectiveness of the control, document a detailed summary of the review performed, conclude on effectiveness, and clearly communicate results as well as coordinate changes to achieve or improve control effectiveness.

Responsibilities include:
  • Performing assessment of requirements, risks, and controls to existing processes
  • Understanding and communicating complex processes and alignment to policy and regulatory requirements
  • The execution of validation and testing effectiveness of Cloud Safety controls prior to quarterly assessments by Technology Risk Management and in anticipation of registering new controls or updating sources of record for changed controls
  • Partnering with Technology Risk Management during quarterly testing engagements, noting effectiveness trending and coordinating with control authors to remediate ineffective findings and resolve issues
  • Creating and maintaining adequate testing support documentation, rationale, testing reports, etc.
  • Supporting the result of reviews including the write-up of findings and issues for reporting
  • Identifying internal control weaknesses and recommending remediation to strengthen control environment
  • Establishing and maintaining good partner team relations during testing and other control management engagements
  • Creating and delivering verbal and written communications between business partners
  • Utilizing a deep understanding of risks in order to communicate and evaluate the appropriateness of mitigating activities
  • Operating in a fast-paced environment while handling multiple simultaneous projects
  • Developing and maintaining strong, credible relationships across the company at various levels

Basic Qualifications:
  • High School Diploma, GED or equivalent certification
  • At least 3 years of experience in internal controls auditing, controls testing, or requirements management

Preferred Qualifications:
  • Bachelor's Degree
  • 3+ years of experience with Terraform or Python
  • 3+ years of experience with AWS
  • 4+ years of experience with testing and auditing internal controls
  • AWS Certification: AWS Certified Solutions Architect - Associate or AWS Certified Security - Specialty
  • Professional Certification: Certified Information Systems Auditor (CISA) or Certified in Risk and Information Systems Control (CRISC)

At this time, Capital One will not sponsor a new applicant for employment authorization for this position.

Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.

No agencies please. Capital One is an Equal Opportunity Employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex, race, color, age, national origin, religion, physical and mental disability, genetic information, marital status, sexual orientation, gender identity/assignment, citizenship, pregnancy or maternity, protected veteran status, or any other status prohibited by applicable national, federal, state or local law. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries.

If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.

For technical support or questions about Capital One's recruiting process, please send an email to

Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site.

Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).

Similar jobs