Information Assurance Third Party Management (IA TPM) Assessor - Capital One
Company: Capital One
Location: Washington
Posted on: May 1, 2024
|
|
Job Description:
Center 3 (19075), United States of America, McLean,
VirginiaInformation Assurance Third Party Management (IA TPM)
AssessorThe Information Assurance Third Party Management (IA TPM)
program defines the framework and conducts the assessments that
enable the business to protect sensitive Capital One information
and confirms the third party's ability to provide continual
services. The associate in this role will partner with the line of
business Third Party Manager and IA TPM team to evaluate the
effectiveness of the third party's environment and deliver a
quality assessment report. This enables effective risk management
in alignment with business tolerance and industry requirements. You
will: Execute assessment kick-off, planning and scoping activities
for IA TPM risk assessments Execute the on-site, desktop, or
virtual IA TPM risk assessments Perform Gap Analysis of Third
Parties control environment against Capital One control
expectations Write reports including executive summaries and work
papers detailing the assessment work completed, evidence reviewed,
and identified gaps Maintain relationships with Third Party
management to manage expectations of assessments, including timing
and assessment deliverables Communicate final reports to
stakeholders including Third Party Managers and Accountable
Executives Travel 30-50%, which may include offshore locations, to
perform multi day assessments Ensure compliance to program process
and procedures Maintain a thorough understanding of the program
controls, intent, and test procedures Provide coaching and guidance
to the assessment team members Review assessment status updates and
prepare management presentations Support initiatives to drive
quality assessment reporting by reviewing the assessment results
(work papers and executive summaries) provided by IA TPM assessors
of Capital One's third parties. This includes: Reviewing work paper
validations and findings to ensure clarity, traceability and
logical alignment with conclusion, and consistency across reports
Confirming appropriateness of risk ratings based on engagement
risk, the validation results, and gap statements Providing direct
feedback to the assessor population The associate should be able
to: Demonstrate strong ability to analyze information and data
Demonstrates strong subject matter expertise and sound judgment to
align appropriate risk level Conduct an assessment in a
collaborative manner to effectively assess controls while
maintaining business relationships Quickly analyze information
security controls, ensure clearly written assessments, and provide
constructive action items to assessors Develop and communicate
quality recommendations to assessors Work with diverse contacts
throughout the world to achieve results Communicate technical
issues to non-technical people Demonstrate collaborative
partnership skills for working with various points of contacts
Adapt control intent to a wide variety of third party environments
Demonstrate strong problem-solving and conceptual thinking
abilities Demonstrate capacity to think broadly but go deep into
subject matter when needed Basic Qualifications: High School
Diploma, GED, or equivalent certification At least 4 years of
experience in Information Security managing third party vendors At
least 4 years of experience conducting Risk Assessments At least 2
years of experience communicating and presenting to senior level
management Preferred Qualifications: 1+ years of experience in PCI
DSS, NIST, ISO, Physical Security, or IT Operations Management At
least 1 year of experience with cloud technologies (AWS, Azure, or
GCP) 1+ years of experience at a Financial Institution CISSP, CISA,
or CRISC certification At this time, Capital One will not sponsor a
new applicant for employment authorization for this position.
Capital One offers a comprehensive, competitive, and inclusive set
of health, financial and other benefits that support your total
well-being. Learn more at the Capital One Careers website.
Eligibility varies based on full or part-time status, exempt or
non-exempt status, and management level. This role is expected to
accept applications for a minimum of 5 business days.No agencies
please. Capital One is an equal opportunity employer committed to
diversity and inclusion in the workplace. All qualified applicants
will receive consideration for employment without regard to sex
(including pregnancy, childbirth or related medical conditions),
race, color, age, national origin, religion, disability, genetic
information, marital status, sexual orientation, gender identity,
gender reassignment, citizenship, immigration status, protected
veteran status, or any other basis prohibited under applicable
federal, state or local law. Capital One promotes a drug-free
workplace. Capital One will consider for employment qualified
applicants with a criminal history in a manner consistent with the
requirements of applicable laws regarding criminal background
inquiries, including, to the extent applicable, Article 23-A of the
New York Correction Law; San Francisco, California Police Code
Article 49, Sections 4901-4920; New York City's Fair Chance Act;
Philadelphia's Fair Criminal Records Screening Act; and other
applicable federal, state, and local laws and regulations regarding
criminal background inquiries.If you have visited our website in
search of information on employment opportunities or to apply for a
position, and you require an accommodation, please contact Capital
One Recruiting at 1-800-304-9102 or via email at
RecruitingAccommodation@capitalone.com. All information you provide
will be kept confidential and will be used only to the extent
required to provide needed reasonable accommodations. For technical
support or questions about Capital One's recruiting process, please
send an email to Careers@capitalone.com Capital One does not
provide, endorse nor guarantee and is not liable for third-party
products, services, educational tools or other information
available through this site. Capital One Financial is made up of
several different entities. Please note that any position posted in
Canada is for Capital One Canada, any position posted in the United
Kingdom is for Capital One Europe and any position posted in the
Philippines is for Capital One Philippines Service Corp.
(COPSSC).
Keywords: Capital One, Columbia , Information Assurance Third Party Management (IA TPM) Assessor - Capital One, Executive , Washington, Maryland
Click
here to apply!
|