Principal Auditor - Cyber, Risk and Analysis Technology Audit (Hybrid)

Capital One Financial

Hybrid Actively hiring
McLean, VA · Charlotte, NC · Richmond, VA · New York, NY · Plano, TX Posted 23 days ago $119,400$136,200 / year
View original post Log in to save

At a glance

AI generated

TL;DR

Capital One is hiring a Principal Technology Associate to join its dynamic Audit team, focusing on evaluating and analyzing technology and cybersecurity risks. This senior-level role involves executing major components of audits across critical technology functions such as cloud-based infrastructure, application controls, and cybersecurity, while also assisting in leading smaller audit projects. The ideal candidate will perform risk assessments, design audit procedures, document findings, and communicate results to management through reports and presentations. They must possess a strong background in information systems auditing, risk management, and data analysis, with experience in cloud computing and emerging technologies like AWS, GCP, or Azure. Additionally, the role requires expertise in IT control frameworks, data analytics, and project management, along with relevant certifications such as CISSP, CISA, or CIA. This hybrid position offers opportunities for professional growth within a collaborative environment that values innovation and technology-driven insights.

Skills

AWS Azure GCP Python SQL CI/CD Kubernetes Terraform PostgreSQL Docker Git Jira Splunk Nessus OpenVAS Certified Internal Auditor (CIA) ISO 27001 COBIT ITIL

What you'll do

  • Execute audits of critical technology functions including cloud-based infrastructure and cybersecurity.
  • Perform risk assessments and design audit procedures to verify control effectiveness.
  • Document client processes and communicate results through written reports and presentations.
  • Analyze data extracts to identify trends, patterns, and anomalies in technology operations.
  • Provide on-the-job coaching and supervision for less experienced associates during audits.

What we're looking for

  • At least 4 years of experience in information systems auditing or risk management.
  • Minimum 1 year of cloud computing and controls experience (design, operation, risk management, or auditing).
  • 2+ years of experience managing audit engagement components or project management.
  • Certifications related to Cloud, Cyber, Technology Operations, Auditing, or Information Security.
  • At least 2 years of experience in planning and leading audits, including cyber or information security audits.
  • Experience with IT control frameworks and data analysis for internal auditing.

Market check

Salary context

This $119,400–$136,200 range sits above 19% of similar postings on FindRole.

Peer median band

$121,900$198,000

Median floor and ceiling across peers.

Typical midpoint (25–75%)

$136,200$195,471

Middle half of comparable postings.

Based on 239 comparable postings.

* 240 is the maximum number of comparable postings sampled.

Employer

About Capital One Financial

Capital One Financial is a bank holding company specializing in credit cards, auto loans, banking, and savings products, known for its data-driven approach to consumer and commercial finance. Industry: Financial Services & Banking

Capital One Financial currently has 489 open roles on FindRole.

Listed pay typically runs $197,300–$225,100 across 483 roles with salary data.

Most-posted roles

View all roles at Capital One Financial

More like this

Similar roles

Technology Audit Associate

T. Rowe Price

Owings Mills, Md - Building 2, US 32 days ago $96,500$164,000
COBIT NIST ISO Python SQL Kubernetes AWS Azure GCP Terraform CI/CD PostgreSQL Oracle DevOps SDLC Git Jira Confluence Tableau PowerBI

Internal Auditor - Security - Adyen

Ayden

US 23 days ago
Cloud Kubernetes AWS Azure GCP CI/CD Python Go Ruby SQL PostgreSQL Docker Terraform CISA CISSP CIA RE PCI DSS ISO 27001 NIST Cybersecurity Framework

Internal Auditor - Security - Adyen

Ayden

US 11 days ago
AWS Kubernetes Terraform Python PostgreSQL CI/CD Docker Prometheus Grafana PCI DSS ISO 27001 NIST Cybersecurity Framework CISA CISSP CIA RE Data Analytics Automation AI