Audit/Compliance Process Engineer
Capital One Audit/Compliance Process Engineer position description:
Capital One is a diversified bank that offers a broad array of financial products and services to consumers, small business and commercial clients. Ranked #124 on the Fortune 500, Capital One is one of the nation’s top 10 banks and has one of the most widely recognized brands in America. We nurture a work environment where people with a variety of thoughts, ideas and backgrounds, guided by our shared Values, come together to make Capital One a great company and a great place to work. Capital One’s Small Business Delivery Engineering team is seeking a Principal Associate level, highly motivated candidate to fill the Audit, Resilience and Compliance position. The ideal candidate will have excellent writing skills to produce reports and presentations. The candidate will also have process analysis, risk management, organizational, communication and interviewing skills to work with diverse business and technical areas in the information security space.
This position includes technical writing and reporting of all SBDE application information security artifacts, processes, process management, procedures, workflows, process improvements/efficiencies (simplification, transparency and automation) and training documentation in support of enhancing and implementing consistent frameworks, performing risk assessments, and process development and managing our JIRA Kanban Agile Board and metrics.
You will work with smart and passionate people to deliver results that have a direct impact on the company’s bottom line. You will take on important and exciting responsibility from day one, working with key stakeholders across the company and SBDE. You will be challenged to excel and lead alongside the brightest talent in the industry and be rewarded for your achievements.
- Partner with internal SBDE and cross-functional teams, projects, and business customers to document current state process, identify opportunities to improve and assist with moving teams towards SBDE goals
- Advanced technical aptitude with an ability to quickly come up to speed on Capital One’s infrastructure, SBDE application environments and Operations
- Participate in the analysis, design, implementation, validation and maintenance of SBDE Security Resilience, Compliance and Audit program/framework, documentation and procedures that is in alignment with best practices and Enterprise Policy
- Partners with teams across the ISRM organization to help support Security processes and controls
- Partners with teams across the Delivery organization to help support Security processes and control remediation
- Supports process optimization projects designed to improve quality, reduce errors and design new business processes in support of projects and services
- Supports and responds to various regulator and audit requests
- Supports acquisition and new partnership projects by integrating them into SBDE; as well as, the Enterprise to improve quality, reduce errors and design new business processes
- Evangelizes, drive and document the adoption of new policies, processes, and technologies in pursuit of improved resilience
- Educates key stakeholders on resiliency best practices
- Collaborates with ISRM subject matter expert and vendors to gather and research technical documentation
- Validates that information security requirements have been documented, to include identified process gaps and remediation’s
- Consult with other technology support groups, Red Team, and management as part of problem resolution efforts.
- Serve as mentor and technical resource to more junior associates; train other associates through one-on-one or group technical discussions.
- Identify weaknesses by understanding common penetration testing tools.
- Guide Dev teams and research known vulnerabilities within software and hardware stacks to proactively remediate
We are seeking dedicated, disciplined, process professionals who excel in a team environment and have experience in process improvement, JIRA Kanban management/metrics, project management and security/compliance aptitude in the Financial Industry. This individual must be able to effectively communicate and influence partners across the company and across multiple levels of the organization. Strong analytical and interpersonal skills, attention to detail, and the ability to adapt to a dynamic agile (Kanban) environment are essential to succeeding in this role. A passion for learning new skills including security, process, engineering, testing and development practices is a strong indicator for success in this role.
- Bachelor’s degree or military experience.
- At least 3 years of experience information security, processes, related workflow and continuous improvement.
- At least 3 years of experience in Information Technology OR at least 2-year experience within an Information Security or Technology Risk Management discipline
- At least 2 years of experience presenting and developing documentation across all levels of the enterprise.
- At least 2 years of technical writing experience within cybersecurity or information security is desired.
- At least 2 years of Agile experience. JIRA Kanban management and metrics is preferred
- Bachelor’s Degree in Cybersecurity, Information Technology, Information Systems, Information Security, Information Assurance, Business Management or in Risk Management.
- 4 years of experience in Information Technology OR at least 2-year general experience within an Information Security or Technology Risk Management discipline
- 3 years of experience in the review of security controls, processes, related workflow and continuous improvement
- 2 years of experience in process development and design
- 1 year experience with either CERT Resilience Management Model or equivalent
- 1 year experience with Visio
- CISA, CISM, CRISC, CGEIT, CTPRP, ITIL, CISSP, CCSP, Process Management LEAN certification, Business Process Management certification, or Process Management Six Sigma certifications or equivalent are of value and to be taken into consideration
Successful candidates will possess:
- Strong verbal and written communication skills due to the need to communicate extensively with remote team members and vendors
- A bias toward action, along with an internal drive for continuous improvement
- Ability to prioritize, execute tasks, and make sound decisions in high pressure situations
- Curiosity. You ask why. Explore. Not afraid to blurt out crazy ideas.
- No fear. Big, undefined problems and operational issues don’t frighten you. You can work at a tiny crack until you’ve broken open the whole nut and then clearly explain the issue in a manner that people who aren’t as knowledgeable in your area of expertise can understand.
- A passion for teamwork, collaboration, and keen attention to detail
- Strong customer service orientation
- High degree of self-motivation and self-direction
- Ability to work in a fast paced, often changing environment, and the ability to find your own path in ambiguous situations
- Experience working with a large geographically distributed network environments or partners
Capital One will consider sponsoring a new qualified applicant for employment authorization for this position.