JPMorgan Chase & Co.
(NYSE: JPM) is a leading global financial services firm with assets of $2.6
trillion and operations worldwide. The firm is a leader in investment banking,
financial services for consumers and small business, commercial banking,
financial transaction processing, and asset management. A component of the Dow
Jones Industrial Average, JPMorgan Chase & Co. serves millions of consumers
in the United States and many of the worlds most prominent corporate,
institutional and government clients under its J.P. Morgan and Chase brands.
Information about JPMorgan Chase & Co. is available at www.jpmorganchase.com.
Corporate Technology & Risk (CTR)
delivers streamlined and consistent solutions supporting JPMorgan Chase’s
Controls, Compliance, Legal, HR and IT Risk agendas, with a focus on stability,
delivery, efficiencies and people. The goal of CTR’s drive to standardization,
consistency and simplicity is a JPMorgan Chase architecture that fosters
long-term productivity, quality and innovation across the entire enterprise.
The disciplines within this organization are Compliance Technology, Oversight
& Controls Technology, Legal & e-Discovery, Identity & Access
Management, IT Risk & Controls, HR Real Estate & Global Services
Technology, and Third Party Risk Management.
Risk Controls and Cyber Security
(RCC) – Audit, Issue and Regulatory Management (AIR Management):
Our RCC team provides oversight in
for the implementation of Enterprise Technology Risk and Control framework within respective
business and function, providing advice and guidance to Corporate Technology
& Risk organization. As a member of the
AIR Management Team, individual will be accountable for providing audit
interactions and issue management service.
a strong and collaborative working relationship with Internal/External/Regulatory
Audit teams and CTR Technology stakeholders during all phases of audits.
with Audit and CTR Technology stakeholders during active reviews.
pre-audit reviews to identify emerging control issues, provide analysis
and reports to business stakeholders for remediation.
with internal stakeholders - including Operations, Legal and Compliance,
Risk Managers, Line of Business contacts and Internal/External Audit
- Strong understanding of audit
methodology or risk management frameworks: ISO 27001, CoBIT, Fed
- Proven leadership skills with
excellent track record in delivering high performance.
- Partner with internal and LOB
Project Managers on the implementation of security related projects for
new and enhanced technology. Accountable for the implementation of
strategic initiatives related to new or enhanced security products and
toolsets on supported systems.
- Excellent communication
skills; Customer focused and professional.
- Proven presentation skills
including the ability to communicate risk posture clearly and concisely.
- Ability to mentor and provide
strategic view into talent development.
- Ability to manage and drive
technology operations and risk management projects.
- Strategic thinker; makes
appropriate business decisions and gains cooperation of others.
- Results oriented; ready to
challenge the status quo for continuous improvement.
- Strong interpersonal and team
- Strong analytical skills and
attention to detail.
- High level of energy and can
work under pressure with minimal supervision
- Flexible to travel when
required based on business demands.
The Ideal candidate will have 5 – 7+ years of
experience with the following:
- Bachelor's degree in related Technology field.
- CISA, CISM, CRISC and/or CICA
certifications (required)….. or
- Strong understanding of
information security and risk and control policies; Industry recognized
certifications (CISA, CISM,
- CRISC, CICA) recommended.
- 7+ years experience in an Internal Audit, Regulatory
Audit, Operational Audit position.
- 7+ years of demonstrated experience in IT risk
- Operational risk analysis.
- Process Engineering, Process Re-engineering, Process
- End-to-end business process mapping and reviews.
- Procedure documentation.
- Development of metrics and reporting.
- Extensive experience with deep-dive control reviews to
identify process and control breaks.
- Demonstrated experience working with Identity and
Access Management tools and processes.
- Strong data analytical and organizational skills (SQL
or other database analytical skills) required.
- Ability to work independently and proactively to
accomplish multiple objectives concurrently.
- Demonstrated success working across LOBs and regions,
balancing the needs of multiple organizations.
- Demonstrated ability to work independently on projects
and produce required results in a timely fashion.
- Excellent verbal, interpersonal and written
communication skills and the ability to any level of management.
- Program or project management experience (recommended).
- Experience with working with virtual teams / teams
geographically distributed is required.
- Knowledge of FFIEC, IS27001, COBIT and ITIL standards
- Expertise in MS Office
Suite, particularly in PowerPoint, Excel, MS Access and Visio