Information Assurance Third Party Management (IA TPM) Assessor - Capital One
Company: Capital One
Location: Washington
Posted on: April 24, 2024
|
|
Job Description:
Center 3 (19075), United States of America, McLean,
VirginiaInformation Assurance Third Party Management (IA TPM)
AssessorThe Information Assurance Third Party Management (IA TPM)
program defines the framework and conducts the assessments that
enable the business to protect sensitive Capital One information
and confirms the third party's ability to provide continual
services. The associate in this role will partner with the line of
business Third Party Manager and IA TPM team to evaluate the
effectiveness of the third party's environment and deliver a
quality assessment report. This enables effective risk management
in alignment with business tolerance and industry requirements. You
will: Execute assessment kick-off, planning and scoping activities
for IA TPM risk assessments Execute the on-site, desktop, or
virtual IA TPM risk assessments Perform Gap Analysis of Third
Parties control environment against Capital One control
expectations Write reports including executive summaries and work
papers detailing the assessment work completed, evidence reviewed,
and identified gaps Maintain relationships with Third Party
management to manage expectations of assessments, including timing
and assessment deliverables Communicate final reports to
stakeholders including Third Party Managers and Accountable
Executives Travel 30-50%, which may include offshore locations, to
perform multi day assessments Ensure compliance to program process
and procedures Maintain a thorough understanding of the program
controls, intent, and test procedures Provide coaching and guidance
to the assessment team members Review assessment status updates and
prepare management presentations Support initiatives to drive
quality assessment reporting by reviewing the assessment results
(work papers and executive summaries) provided by IA TPM assessors
of Capital One's third parties. This includes: Reviewing work paper
validations and findings to ensure clarity, traceability and
logical alignment with conclusion, and consistency across reports
Confirming appropriateness of risk ratings based on engagement
risk, the validation results, and gap statements Providing direct
feedback to the assessor population The associate should be able
to: Demonstrate strong ability to analyze information and data
Demonstrates strong subject matter expertise and sound judgment to
align appropriate risk level Conduct an assessment in a
collaborative manner to effectively assess controls while
maintaining business relationships Quickly analyze information
security controls, ensure clearly written assessments, and provide
constructive action items to assessors Develop and communicate
quality recommendations to assessors Work with diverse contacts
throughout the world to achieve results Communicate technical
issues to non-technical people Demonstrate collaborative
partnership skills for working with various points of contacts
Adapt control intent to a wide variety of third party environments
Demonstrate strong problem-solving and conceptual thinking
abilities Demonstrate capacity to think broadly but go deep into
subject matter when needed Basic Qualifications: High School
Diploma, GED, or equivalent certification At least 4 years of
experience in Information Security managing third party vendors At
least 4 years of experience conducting Risk Assessments At least 2
years of experience communicating and presenting to senior level
management At least 1 year of experience with cloud technologies
(AWS, Azure, or GCP) Preferred Qualifications: 1+ years of
experience in PCI DSS, NIST, ISO, Physical Security, or IT
Operations Management 1+ years of experience at a Financial
Institution CISSP, CISA, or CRISC certification At this time,
Capital One will not sponsor a new applicant for employment
authorization for this position. Capital One offers a
comprehensive, competitive, and inclusive set of health, financial
and other benefits that support your total well-being. Learn more
at the Capital One Careers website. Eligibility varies based on
full or part-time status, exempt or non-exempt status, and
management level. This role is expected to accept applications for
a minimum of 5 business days.No agencies please. Capital One is an
equal opportunity employer committed to diversity and inclusion in
the workplace. All qualified applicants will receive consideration
for employment without regard to sex (including pregnancy,
childbirth or related medical conditions), race, color, age,
national origin, religion, disability, genetic information, marital
status, sexual orientation, gender identity, gender reassignment,
citizenship, immigration status, protected veteran status, or any
other basis prohibited under applicable federal, state or local
law. Capital One promotes a drug-free workplace. Capital One will
consider for employment qualified applicants with a criminal
history in a manner consistent with the requirements of applicable
laws regarding criminal background inquiries, including, to the
extent applicable, Article 23-A of the New York Correction Law; San
Francisco, California Police Code Article 49, Sections 4901-4920;
New York City's Fair Chance Act; Philadelphia's Fair Criminal
Records Screening Act; and other applicable federal, state, and
local laws and regulations regarding criminal background
inquiries.If you have visited our website in search of information
on employment opportunities or to apply for a position, and you
require an accommodation, please contact Capital One Recruiting at
1-800-304-9102 or via email at
RecruitingAccommodation@capitalone.com. All information you provide
will be kept confidential and will be used only to the extent
required to provide needed reasonable accommodations. For technical
support or questions about Capital One's recruiting process, please
send an email to Careers@capitalone.com Capital One does not
provide, endorse nor guarantee and is not liable for third-party
products, services, educational tools or other information
available through this site. Capital One Financial is made up of
several different entities. Please note that any position posted in
Canada is for Capital One Canada, any position posted in the United
Kingdom is for Capital One Europe and any position posted in the
Philippines is for Capital One Philippines Service Corp.
(COPSSC).
Keywords: Capital One, Columbia , Information Assurance Third Party Management (IA TPM) Assessor - Capital One, Executive , Washington, Maryland
Click
here to apply!
|