Principal Associate - Enterprise Services Risk

McLean 1 (19050), United States of America, McLean, Virginia

At Capital One, we're building a leading information-based technology company. Still founder-led by Chairman and Chief Executive Officer Richard Fairbank, Capital One is on a mission to help our customers succeed by bringing ingenuity, simplicity, and humanity to banking. We measure our efforts by the success our customers enjoy and the advocacy they exhibit. We are succeeding because they are succeeding.

Guided by our shared values, we thrive in an environment where collaboration and openness are valued. We believe that innovation is powered by perspective and that teamwork and respect for each other lead to superior results. We elevate each other and obsess about doing the right thing. Our associates serve with humility and a deep respect for their responsibility in helping our customers achieve their goals and realize their dreams. Together, we are on a quest to change banking for good.

Principal Associate - Enterprise Services Risk

Principal Associate - Enterprise Services Risk

Do you want to be part of a team that's dedicated to helping Capital One identify, manage, and effectively mitigate risk? As part of the Open Source Risk Management Team, you'll be working with talented associates to provide oversight and effective challenge to help ensure that our technology teams effectively manage our Open Source risks. You'll also bring your unique perspectives and experiences to foster a more risk aware culture, add creativity to our risk mitigation approach, and drive compliance with controls.

As part of the Open Source Risk Management Team, you'll serve as both an effective challenger and a trusted advisor by assessing the program's risks, controls design, documentation, training, and procedures. This team manages risks associated with open source code ingestion, contribution, and sponsorship.

A successful Senior Risk Associate on this team will advise and/or challenge the manner in which Open Source is utilized within Capital One. The individual has great communication skills, is comfortable interacting with individuals in a variety of roles, across varying levels, and manages multiple innovative fast-moving projects. The ideal candidate is forward thinking, quick to adapt to change, and has an interest in technology.


Assessing risks and reviewing controls: Performing risk assessments on Open Source internal and external processes to identify risks, evaluating the effectiveness and appropriateness of control execution, and designing controls.

Analyzing data: Analyzing the Open Source compliance metrics for trends, areas of concerns, root cause analysis, and presenting the findings to senior management.

Perform testing: Perform quarterly testing to ensure adherence to the Open Source Sponsored Project requirements.

Reviewing Policies and Procedures: Reviewing the Open Source Policy and Procedures to provide reasonable assurance the objective of the processes are achieved and process-level risks are addressed and in compliance with regulations.

Consulting on training material: Provide input on required training to accurately reflect the policy and procedures and effectively communicate the importance of the program, processes, and controls.

Basic Qualifications:

- Bachelor's Degree or military experience

- At least 4 years of experience in Risk Management, Compliance, Audit, Data Engineering, or Technology

Preferred Qualifications:

- Bachelor of Business Administration Degree in Business Management, Information Technology, Accounting, Finance, or Economics

- At least 6 years of experience in Risk Management, Auditing, Consulting, or Data Engineering within the financial industry

- Certified Information Systems Auditor (CISA) certification, Certified in Risk and Information Systems Control (CRISC) certification, or Certified Information Security Manager (CISM)

At this time, Capital One will not sponsor a new applicant for employment authorization for this position

Back to top