Risk Remediation Assessor

Those that work for this team pragmatic and practical in your understanding of risk and security, but are also willing to know when to pull in experts and escalate. They challenge and innovate within their team to drive process improvements to elevate program efficiency.

What you’ll do:

Support kick-off, planning and scoping activities for cyber-focused risk assessments, working with cross functional resources to understand the operational and technical aspects of Third Party engagement model.

Analyse Third Party control environment data against Capital One security expectations; interpreting information security requirements and reasonably apply them to specific situations.

Review and support execution and delivery of reports including executive summaries and work papers detailing the assessment. work completed, evidence reviewed, and identified gaps.

Maintain relationships with Third Party management, and other Enterprise colleagues to manage expectations of assessments and remediation including timing and assessment deliverables.

Ensure compliance to program process and procedures.

Maintain a thorough understanding of the program controls, intent, and test procedures.

Support third parties in appropriately managing and remediating risks identified through assessments..

Travel 10-25%, which may include off-site locations, to perform multi day assessments.

Identify and support initiatives to drive ongoing process improvements.

Other Responsibilities Include

Performing cyber-focused assessments of Capital One third parties, identifying risks and delivering high-quality reports.

Providing consultative services related to third party security while applying risk based judgement to information security issues.

Driving risk remediation through advice and challenge.

Ensuring risk is appropriately managed and escalated.

Assisting Third Parties, Third Party Managers, or Accountable Executives with understanding risks identified. Read more