JPMorgan Chase Cybersecurity & Technology Controls – Audit & Regulatory, Controls Attestations in Brooklyn, New York
The CIB CTC Audit & Regulatory, Controls Attestation team manages planning and execution of 3 rd party attestation engagements (SOC1, SOC2, ISAE 3402, AT-C 205) as well as ensure readiness and remediation across internal/external audit and regulatory exam scopes, ensuring ability to meet the demands of external clients across lines of business. Remediation includes management of audit findings, root cause analysis, regulatory intelligence and change management.
The Associate role will support Audit & Regulatory team functions, and requires liaising with various stakeholders including Technology Risk & Controls managers, technology management as well as interfacing with external and internal auditors to help facilitate execution and reporting across the global technology and technology risk functions. Successful execution of responsibilities requires strong organizational and written and verbal communication skills.
Support team leads in coordination of execution of CIB controls attestation programs may include -
Facilitate program readiness processes, including scope validation and reference data tracking and attestations, to validate that key risks are addressed prior to initiation of audits
Engage with Client Services and Relationship Management teams to support responses to firm clients concerning audit contents and results
Monitoring and facilitation of execution of ongoing engagements in progress
Examine results of internal / external audits for potential cross-impacts on other program
Tracking and assessment of IT control testing exceptions, identification relevant compensating controls for deficiencies and oversee remediation, validation and closure of deficiencies within defined timeframes
Promote development of educational / guidance resources for use by Technology Risk & Controls and Technology personnel
Support development of New Reports: Partner with internal business owners, O&C and external auditors to identify appropriate form of reporting (e.g., SOC1, SOC2, AT-205, etc.) to meet client and/or regulatory requirements; taking the lead in report development, readiness and execution.
Ensure quality standards are achieved in development and maintenance of program documentation
Development of educational / guidance resources for use by Technology Risk & Controls and Technology personnel
Track and communicate overall progress of various program, ensuring complete and timely reporting on program status to senior management stakeholders
Key Skills / Qualifications
Knowledge of information technology and auditing of IT general computer controls. “Big 4” IT controls audit experience, with Senior Associate level audit experience preferred
Strong organization and written communication -- including documentation and reporting -- skills
High energy and a passion for the delivery of high quality project outcomes
Project management skills, with proven ability to deliver quality results in a deadline-driven environment
Results oriented, strong sense of ownership, detail oriented, quality-focused
Ability to work effectively in a global team environment and drive results in a matrixed organization
JPMorgan Chase is an equal opportunity and affirmative action employer Disability/Veteran.