West Creek 3 (12073), United States of America, Richmond, Virginia

Principal Associate - Technology Risk Policy, Procedures and Standards

Technology Risk Management (TRM) is a growing organization focused on providing expert advice, credible challenge, and effective oversight of information security and technology activities to identify, assess, control, and manage technology risk throughout the company. This organization plays a critical role in helping to ensure the company's risk-taking entities are aware of the risks inherent in their activities and decisions, the impact of their actions at an enterprise level, and opportunities to reduce, mitigate, or avoid the risks altogether. Associates within TRM are highly-skilled information security, cyber, technology, and risk management professionals who have a wealth of experience and a demonstrated ability to provide value-added recommendations and deliver high-impact results in their area(s) of expertise.

This Principal Associate will develop, write and monitor technology and cyber policies, standards and procedures. The Principal Associate will partner with stakeholders to enhance consistency of policies, understand dependencies and effectively challenge, as needed. Further, the Principal Associate will review and ensure adherence to monitoring plans for policies and standards.

Success in this position will rely heavily on working well with stakeholders across the Enterprise, the ability to identify dependencies, as well as see the big picture. This role requires core strengths in Results Focus, Problem Solving, Analytical Thinking, and Communication. The ideal candidate will have experience with developing and writing policies, writing precise technical documents (via policy documents, reports, or elsewhere) and demonstrate a keen attention to detail. Further, the ideal candidate will have prior experience working with executives, a demonstrated ability to manage and understand processes, and an ability to identify gaps. A commitment to collaboration and teamwork is required, while having a strong ability to influence as well as being detail-oriented and results-focused.

You should consider this role if you're someone who:

• Thrives wearing multiple hats and work with a wide variety of teams
  
• Loves to continuously learn
  
• Is a keen reader of people, culture, and tea leaves - building the relationships to make things happen
  
• Is highly functional in a dynamic environment
  
• Is comfortable bending between tactical and strategic
  
• Demonstrates sound judgment, even when working in new situations and scenarios
  
• Communicates in a clear, compelling way to influence individuals at all levels
  
• Collaborates effectively across multiple organizations such as Operational Risk Management, Enterprise Risk Management, Compliance, Business Risk Offices, Operational Risk Sub-Steward organizations, Information Technology, Basel Program, Internal Audit, Regulatory Relations, etc. to achieve objectives
  

Responsibilities:

• Collaborates with Corporate Policy Office to ensure requirement consistency and adherence
  
• Develops internal strategy, governs, improve consistency for, and monitors adherence to policies, standards procedures
  
• Performs reviews of identified policy requirement monitoring activities to ensure they have adequate governance, evidence of execution, and appropriate escalation
  
• Maintains a calendar for review of policy renewals and monitoring plan(s) adherence
  
• Identifies emerging risks, process improvements, and areas for increased training
  
• Provides effective challenge to the business where appropriate
  
• Manages work across organizational lines to achieve results and manages competing priorities
  

Basic Qualifications:

-Bachelor's degree or military experience

-At least 2 years of experience writing policies, standards and procedures

-At least 2 years of experience working in the fields of information security, cyber or technology

-At least 2 years of experience with written, technical communications

Preferred Qualifications:

-3 years of risk management experience, including project or process management experience

At this time, Capital One will not sponsor a new applicant for employment authorization for this position.