- Brooklyn, NY, USA
- Permanent, Full time
Cybersecurity & Technology Controls – Audit & Regulatory, Controls Attestations
- Brooklyn, NY, USA
Cybersecurity & Technology Controls – Audit & Regulatory, Controls AttestationsBusinessOverview:
J.P. Morgan is a leader in financialservices: asset management, investment banking, private banking, treasury andsecurities services, and commercial banking. Our broad global platform and strength enableus to create long-lasting value for clients, offering solutions to clients inmore than 100 countries. We have beenhelping our clients to do business and manage their wealth for more than 200years. With $19 trillion of assets undercustody, $7.5 trillion in assets under administration and over $1.3 trillion indeposits, JP Morgan Chase (JPMC) provides strategic advice, raises capital,manages risk and extends liquidity in markets around the world. The establishment and maintenance of world-classinternal controls is a key objective of JPMC and for the Corporate andInvestment Banking division.
The CIB CTC Audit & Regulatory,Controls Attestation team manages planning and execution of 3 rd party attestation engagements (SOC1, SOC2, ISAE 3402, AT-C 205) as well asensure readiness and remediation acrossinternal/external audit and regulatory exam scopes, ensuring ability to meetthe demands of external clients across lines of business. Remediation includes management of auditfindings, root cause analysis, regulatory intelligence and changemanagement.
The Associate role will support Audit & Regulatory team functions, and requires liaising with variousstakeholders including Technology Risk & Controls managers, technology managementas well as interfacing with external and internal auditors to help facilitate execution and reporting acrossthe global technology and technology risk functions. Successful execution ofresponsibilities requires strong organizational and written and verbalcommunication skills.
Support of team leads in coordination of execution of CIB controlsattestation programs may include -
• Facilitateprogram readiness processes, including scope validation and reference datatracking and attestations, to validate that key risks are addressed prior toinitiation of audits
• Engagewith Client Services and Relationship Management teams to support responses tofirm clients concerning audit contents and results
• Monitoringand facilitation of execution of ongoing engagements in progress
• Examineresults of internal / external audits for potential cross-impacts on otherprogram
• Trackingand assessment of IT control testing exceptions, identification relevantcompensating controls for deficiencies and oversee remediation, validation andclosure of deficiencies within defined timeframes
• Promotedevelopment of educational / guidance resources for use by Technology Risk& Controls and Technology personnel
• Supportdevelopment of New Reports: Partner withinternal business owners, O&C and external auditors to identify appropriateform of reporting (e.g., SOC1, SOC2, AT-205, etc.) to meet client and/orregulatory requirements; taking the lead in report development, readiness andexecution.
• Ensurequality standards are achieved in development and maintenance of programdocumentation
• Workwith internal and external stakeholders to understand and document variouscurrent-state control processes and process flows
• Developmentof educational / guidance resources for use by Technology Risk & Controlsand Technology personnel
• Trackand communicate overall progress of various program, ensuring complete andtimely reporting on program status to senior management stakeholders
KeySkills / Qualifications
• Knowledgeof information technology and auditing of IT general computer controls. "Big 4" IT controls audit experience, with SeniorAssociate level audit experience preferred
• Strongorganization and written communication -- including documentation and reportingskills
• Highenergy and a passion for the delivery of high quality project outcomes
• Projectmanagement skills, with proven ability to deliver quality results in adeadline-driven environment
• Resultsoriented, strong sense of ownership, detail oriented, quality-focused
• Abilityto work effectively in a global team environment and drive results in amatrixed organization
• Aproblem solver with ability to identify potential solutions
• StrongExcel and PowerPoint skills