Principal Associate, Risk Program Management

Principal Associate, Risk Program Management Capital One is one of the fastest growing organizations in the world today. The growth of the business is accelerated by leveraging innovative and emerging technologies. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to the public cloud over the course of five years, fully exiting our data centers. Just as we prioritize driving innovation through technology, we equally prioritize cybersecurity and managing technology risk. Technology and Data Risk Management (TDRM) are trusted expert advisers who shape decisions, challenge activities to ensure they meet our standards, and generally oversee technology, data and information security risk across the business and the central technology organization. TDRM is a second line organization, which means it is independent and reports up through the Chief Enterprise Risk Officer. TDRM plays a critical role in ensuring that the company’s risk-taking entities are aware of the risks inherent in their activities and decisions, the impact of their actions on the company at an enterprise level, and opportunities to reduce, mitigate or avoid the risks altogether. As a Principal Associate, Risk Program Management on TDRM’s Infrastructure advisory and oversight team, you will coordinate execution and create visibility for the team’s work while driving execution, governance, and transparency across technology and cyber risk initiatives. An important focus for this role will be leveraging automation and creative problem solving (e.g. generative AI) to streamline operational workflows and scale our oversight capabilities. Responsibilities also include enabling actionable status reporting and tracking, driving capacity planning, and championing Agile methodologies across teams. This role will be responsible for developing portfolio governance tools, metrics, and operating mechanisms that strengthen risk visibility and forecasting accuracy while leading the team to further levels of agile maturity within a second-line risk environment. Desired Outcomes: Lead Agile ceremonies and manage JIRA boards Facilitate long-range and quarterly PI planning to align team outputs with broader enterprise risk priorities Build and champion well-managed agile delivery practices by leveraging automation to streamline workflows Partner with team members to ensure appropriate escalation when things are past due or there are obstacles, providing an early warning when things are off track Partnering with agile teams to integrate risk oversight, assessment timing, and remediation tracking into sprint planning and quarterly delivery cycles Partnering cross-functionally with team members and stakeholders to understand pain points and implement tailored process improvement solutions that address those pain points A successful candidate will have: Deep focus on execution, follow-through, accountability and results; ability to make progress even when in ambiguous situations Strong communication to stakeholders at all levels across the company to enable transparency and timely information sharing Proven critical thinking skills, including the ability to express a point of view supported by data and evidence Experience driving complex projects through improved processes, automation, and leveraging solutions such as generative AI Comfort raising concerns early and knows when to escalate, including the ability to raise issues and facilitate constructive problem solving at all levels of the organization Ability to collaborate effectively with colleagues, stakeholders, and leaders across multiple organizations to get consensus, socialize strategy, and achieve objectives Intellectual curiosity to better understand technology and cyber risks and how metrics, analytics and testing fit in to enhance 2LOD effective challenge and oversight activities Adept at providing structure and organization for stakeholders in different job families, expertise and scope of work