Information Security Manager - Technology Risk & Controls
Company: JPMorgan Chase
Location: Wilmington
Posted on: March 20, 2023
|
|
Job Description:
To do that, you will conduct broad range of regulatory and
non-regulatory assessments including firm wide technology risk
assessment program (CORE), SOX, PCI, Application Risk (TAA) and
Infrastructure Assessment (TIA). Properly record these assessment
results in our systems of record and communicate the results to the
appropriate stakeholders. You will play an important role in
engaging respective Assessment Leads / Information Security
Managers / Asset Owners across business areas while assessing
risk.Your support of the Application Risk and Infrastructure
Control Assessment programs will require you to work with
application and infrastructure teams to assess controls and
evaluate proposed remediation plans for adherence to the controls.
You will make recommendations, based on your experience, of how we
can automate the way we perform assessments across the firm as we
move towards a Continuous Controls Monitoring (CCM) and as we apply
other compliance automation tools. You may work on other regulatory
and process risk assessment programs as well. Your assessment
duties extend to all lines of business in the firm and will include
continuously enhancing your knowledge on specific controls across a
range of technologies, applications, processes, and
infrastructure.**PRIMARY DUTIES AND RESPONSIBILITIES:**+ Assist
with the ongoing firm wide technology risk controls assessment
programs, test and evaluate the evidence of the controls and
identify any significant control deficiencies, work with the
appropriate Assessment Leads / Information Security Managers to
identify and assess proposed remediation steps to adhere to those
controls, and address other assessment findings where necessary.+
Assist with other compliance and risk assessment programs for
Global Technology, including participating in workshops to improve
our ability to identify inherent risk and to adjust the
descriptions of and approaches to properly obtain evidence of
control effectiveness.+ Test the evidence of the technical controls
and document the tests in our assessment results systems of
record.+ Conduct Assessments to gather risk specific information
about technology applications.+ Conduct initial interviews related
to how controls are applied and assist with the identification and
testing of controls. Perform testing of the evidence submitted to
validate it proves control effectiveness.+ Conduct Technology
Application, Infrastructure (network, storage, voice, database,
etc.), and Process Control Assessments to assess compliance with
firm wide approved controls+ Work with technology teams to gather
control design requirements and facilitate discussions to bring to
closure identified control issues.+ Advise Lines of Business (LOBs)
of assessment results based on the testing performed and how those
results align to the control standards for the firm.+ Evaluate
findings and communicate issues and best practices with the rest of
the team and management.+ Work actively with the Assessment Leads
and ISMs to improve technical assessment guidance and evaluation
approaches, where appropriate.+ Interface with the UAT and Quality
Assurance team to improve assessment testing processes. Work
actively with the Assessment Leads and Information Security
Managers to improve technical assessment guidance.+ Use innovative
data analysis methodologies and tools such as SQL, Tableau, and
Microsoft Excel to identify the assets to be assessed and analyze
the available evidence+ Compile, analyze, and effectively present
trending reports to identify opportunities that increase
efficiency, ensure quality and support prioritization of work.+
Experience with data mining methods, statistical analysis, & data
visualization methods utilizing tools such as Tableau, Qlik Sense ,
Cognos etc.+ Participate in additional key control projects related
to the overall enhancement of the assessment function.+ Exhibit a
continuous learning mindset for security education &
awareness.**QUALIFICATIONS:**+ Bachelor's degree, preferably in
Cybersecurity (information assurance), Computer Science or
Information Technology.+ Two years internal or external technology
audit or risk assessment experience.+ Experience with Tableau, Qlik
Sense, Cognos etc. a plus.+ Have experience with audit and / or
technology risk assessment processes and an understanding of
internal controls and how they protect the firm and its clients.+
Ability to effectively develop and communicate recommendations
based on various technical compliance and control assessment
results.+ Experience in software application assessment and
controls testing.+ Detail oriented with ability to examine and
evaluate processes, controls and issues to determine risk areas.+
Ability to eloquently describe and defend the process followed in
performing assessments and evaluating results to stakeholders and
management.+ Can work independently and can collaborate comfortably
in a matrix organization within a broader team.+ Excellent verbal
and written communication skills, including the ability to
effectively participate in and sometimes lead discussions and
meetings with internal management and other groups involved in
technology control assessments.+ Proficient in MS Office -
Microsoft Word, Excel, and PowerPoint. Quickly adapt to new tools
and software applications.+ Familiar with the principles of agile
methodologies like Kanban and Scrum.+ Basic project management
skills.+ CRISC or other industry-recognized risk and information
assurance certifications preferred.JPMorgan Chase & Co., one of the
oldest financial institutions, offers innovative financial
solutions to millions of consumers, small businesses and many of
the world's most prominent corporate, institutional and government
clients under the J.P. Morgan and Chase brands. Our history spans
over 200 years and today we are a leader in investment banking,
consumer and small business banking, commercial banking, financial
transaction processing and asset management.We recognize that our
people are our strength and the diverse talents they bring to our
global workforce are directly linked to our success. We are an
equal opportunity employer and place a high value on diversity and
inclusion at our company. We do not discriminate on the basis of
any protected attribute, including race, religion, color, national
origin, gender, sexual orientation, gender identity, gender
expression, age, marital or veteran status, pregnancy or
disability, or any other basis protected under applicable law. In
accordance with applicable law, we make reasonable accommodations
for applicants' and employees' religious practices and beliefs, as
well as any mental health or physical disability needs.The health
and safety of our colleagues, candidates, clients and communities
has been a top priority in light of the COVID-19 pandemic. JPMorgan
Chase was awarded the "WELL Health-Safety Rating" for all of our
6,200 locations globally based on our operational policies,
maintenance protocols, stakeholder engagement and emergency plans
to address a post-COVID-19 environment.As a part of our commitment
to health and safety, we have implemented various COVID-related
health and safety requirements for our workforce. Employees are
expected to follow the Firm's current COVID-19 or other infectious
disease health and safety requirements, including local
requirements. Requirements include sharing information including
your vaccine card in the firm's vaccine record tool, and may
include mask wearing. Requirements may change in the future with
the evolving public health landscape. JPMorgan Chase will consider
accommodation requests as required by applicable law.We offer a
competitive total rewards package including base salary determined
based on the role, experience, skill set, and location. For those
in eligible roles, discretionary incentive compensation which may
be awarded in recognition of individual achievements and
contributions. We also offer a range of benefits and programs to
meet employee needs, based on eligibility. These benefits include
comprehensive health care coverage, on-site health and wellness
centers, a retirement savings plan, backup childcare, tuition
reimbursement, mental health support, financial coaching and more.
Additional details about total compensation and benefits will be
provided during the hiring process.Equal Opportunity
Employer/Disability/Veterans
Keywords: JPMorgan Chase, Wilmington , Information Security Manager - Technology Risk & Controls, Executive , Wilmington, Delaware
Click
here to apply!
|