Principal Auditor - Technology Audit

Capital One Financial   •  

Richmond, VA

Industry: Accounting, Finance & Insurance


Less than 5 years

Posted 180 days ago

This job is no longer available.

The candidate will primarily focus on cloud and emerging technology activities to identify, assess, control, and managerisksassociated with adoption of new enterprise technologies and migration to the public cloud.  Areas of focus will include the maturity and operational effectiveness of Capital One’s cloud migration activities, emerging technologies (e.g., APIs, DevOps, BlockChain, Machine Learning),digital capabilities (e.g.,mobile), as well as reviews ofTechnologyprocesses, applications, and coreinfrastructure. In addition, thePrincipalAuditor willwork closely with members of theTechnology and operationalaudit teams as it relates to emerging and core technologies thatsupport keyprocesses.

Each audit assignment enables the candidate to demonstrate business, technical and industry knowledge while assessing business risks, identifying key controls, and performing risk-based testing of technology controls.  The candidate will also assist the Cloud and Emerging Technology Specialist with knowledge sharing of best practices and industry trends to team members as needed. The candidate will work independently, with guidance from Audit management as needed. Career development and growth opportunities exist through our established training programs within the Corporate Audit Services team, as well as in IT and business functions. The candidate will be expected to maintain all organizational and professional ethical standards.


  • Executes components of medium and large audits, and leads small audits, including areas such as cloud operations (e.g.,IaaS, PaaS), cybersecurity, risk management, middleware/API management, application, and project audits. Assists in developing engagement planning documentation to communicate rationale for scoping decisions and develops audit programs to ensure adequate coverage of risk.
  • Designs and executes internal control testing for audits, and can navigate areas of ambiguity related to emerging technologies.  Understands the broader context and implications of the various risks affecting the business.
  • Establishes and maintains strong auditee relations during engagements. Identifies the expectations of the auditee and takes actions to support the auditee experience.
  • For major components of audits, assesses relevancy of audit findings, potential exposures, materiality, improving or deteriorating trends, and demonstrates awareness of big picture issues. Interprets business priorities, anticipates issues and obstacles, and applies to scope of role. Identifies and implements efficiencies in executing test work.
  • Manages timely and quality delivery of multiple tasks, including audits, projects, special assignments, and administrative tasks. Self-prioritizes and independently completes multiple tasks across the team and department. Demonstrates the ability to successfully meet deadlines for the audit engagement.
  • On audit engagements, facilitates teamwork, coordinates and leverages available resources to complete engagements on time. Builds and utilizes relationships outside immediate Corporate Audit Services team to improve overall quality.
  • Effectively communicates audit process scope, protocol, issues, risks and recommendations to clients during kick-off, periodic status updates, and exit meetings

Here's what we're looking for in an ideal teammate:

  • You believe insight and objectivity are core elements to providing assurance on the effectiveness and efficiency of Capital One’s governance, risk management, and internal control processes.
  • You adapt to change, embrace bold ideas, and are intellectually curious. You like to ask questions, test assumptions, and challenge conventional thinking.
  • You develop influential relationships based upon shared risk objectives and trust to deliver outstanding business impact and elevate Audit’s value proposition.
  • You’re a firm believer that a rich understanding of data, innovation, and technical knowledge will only make you a better Auditor. This will require leveraging the power of data analytics and furthering your technical know-how, so you’ll want to ensure that technology doesn’t scare you off.
  • You're a teacher. You have a passion for coaching and investing in the betterment of your team.
  • Lastly, you create energy and an environment that make it easy to attract, hire, and retain top talent.

As one of the “100 Best Companies to Work For,” you can look forward to coming to work every day with a team of people that are committed to excellence and doing the right thing. 

Basic Qualifications:

  • Bachelor’s Degree or military experience
  • At least 3 years of experience in information systems auditing, at least 3 years of experience in information systems risk management, at least 3 years of experience in IT project management, at least 3 years of experience in systems development, or a combination
  • At least 2 years of experience performing in the role of auditor-in-charge or at least 2 years of experience as an IT project manager
  • At least 1 year of experienceauditing cloud technologies (e.g., AWS, Google, Azure)

Preferred Qualifications:

  • Master’s Degree in Accounting or Master’s Degree in Finance or Master’s Degree in Information Systems or Master of Business Administration
  • Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Cloud Security Professional (CCSP)
  • 1+ years of experience in Banking or 1+ years of experience in financial services industry
  • 3+ years of experience with IT and cloud control frameworks, their application to audits of IT controls, and experience in performing audits of technical nature
  • 1+ years of experience performing data analysis in support of internal auditing

Job ID R40417